发布时间: 2025年9月5日
修改时间: 2025年9月5日
A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.
| NVD | openEuler | |
|---|---|---|
| Confidentiality | None | |
| Attack Vector | Network | |
| CVSS评分 | N/A | 5.9 |
| Attack Complexity | High | |
| Privileges Required | None | |
| Scope | Unchanged | |
| Integrity | High | |
| User Interaction | None | |
| Availability | None |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2025-2862 | krb5 security update | 2025年9月12日 |
| 产品 | 包 | 状态 |
|---|---|---|
| KY3.4-5A | krb5 | Fixed |
| KY3.5.3 | krb5 | Fixed |
| KY3.5.2 | krb5 | Fixed |
