APP: Kerberos MITM DES
This signature detects attempts to exploit a known vulnerability against Kerberos. Attackers can create a Man-in-the-Middle situation by lowering the supported encryption to only algorithms that can be easily cracked.
Extended Description
The Microsoft Windows implementation of Kerberos is prone to a security vulnerability that may allow attackers to downgrade the cipher suite. Successful exploits may allow attackers to change the default encryption standard to DES. This may allow attackers to read and forge all Kerberos traffic in a session and impersonate legitimate users. Other attacks are also possible.
Affected Products
Avaya messaging_application_server,Avaya communication_server_1000_telephony_manager
Short Name
APP:KERBEROS:KRB5-MITM-DES
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
CVE-2011-0091 DES Kerberos MITM bid:46140
Release Date
02/07/2011
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Microsoft
Avaya
CVSS Score
6.4