Severity: Unknown
Affected Package: heimdal
Summary: Heimdal KDC-REP service name validation allows service impersonation
The Heimdal Kerberos implementation obtained the service-principal name from the unencrypted portion of the KDC-REP message instead of the encrypted enc_part, violating the Kerberos 5 protocol (the 'Orpheus' Lyre' attack). A man-in-the-middle attacker could impersonate a trusted service and intercept user credentials. Fixed by importing the Heimdal 7.4 correction from FreeBSD.
No specific recommendations provided.
Aliases: CVE-2017-11103
Published: August 08, 2017
Last Modified: August 08, 2017