CVE-2008-3274

Impact:
Important
Public Date:
2008-09-10
Bugzilla:
457835: CVE-2008-3274 IPA Kerberos master password disclosure

The MITRE CVE dictionary describes this issue as:

The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA before 1.1.1 places ldap:///anyone on the read ACL for the krbMKey attribute, which allows remote attackers to obtain the Kerberos master key via an anonymous LDAP query.

Find out more about CVE-2008-3274 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat IPA 1 for RHEL 5 Server (ipa) RHSA-2008:0860 2008-09-10

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.