UPDATE: MITKRB5-SA-2009-003 [CVE-2009-3295] KDC denial of service in cross-realm referral processing

Tom Yu tlyu at mit.edu
Mon Jan 4 23:59:11 EST 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Updated to reflect the need to authenticate for successful
exploitation.  This decreases the severity level of the vulnerability.

    http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-003.txt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (SunOS)

iEYEARECAAYFAktCxyMACgkQSO8fWy4vZo5uQQCgoVnIei7rT8AaaDlGFKtk+JkH
lfsAnRCL4Ilj4kRnLOdCI68Dyxm0rRbl
=5SzI
-----END PGP SIGNATURE-----



More information about the kerberos-announce mailing list