Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 does not properly restrict the use of TGT credentials for armoring TGS requests, which might allow remote authenticated users to impersonate a client by rewriting an inner request, aka a "KrbFastReq forgery issue."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MIT Kerberos 5权限许可和访问控制问题漏洞
Vulnerability Description
MIT Kerberos 5 是一种常用的开源Kerberos实现。 MIT Kerberos 5(又名krb5)1.7版本中的密钥分发中心(KDC)不能对TGT证书(为保护TGS请求)的使用进行正确限制。远程认证用户可以通过重写内部请求来模拟一个客户端。
CVSS Information
N/A
Vulnerability Type
N/A