MITKRB5-SA-2004-001: buffer overflows in krb5_aname_to_localname
John Hascall
john at iastate.edu
Tue Jun 1 16:54:19 EDT 2004
> -----BEGIN PGP SIGNED MESSAGE-----
> MIT krb5 Security Advisory 2004-001
> 2004-06-01
> Topic: buffer overflows in krb5_aname_to_localname
>
> Only configurations which enable the explicit mapping or rules-based
> mapping functionality of krb5_aname_to_localname() are vulnerable.
> These configurations are not the default.
Ok, how do we know if we have enabled either of these?
Is it a krb5.conf setting or ...?
Thanks,
John
More information about the Kerberos
mailing list