ZDNet UK: Kerberos harbours critical flaws

Paul Moore paul.moore at centrify.com
Mon Oct 13 12:36:35 EDT 2008


oops - i didnt notice the date. For some reason my automated alert
system picked it up. Thx

-----Original Message-----
From: Ken Raeburn [mailto:raeburn at MIT.EDU] 
Sent: Monday, October 13, 2008 9:33 AM
To: Paul Moore
Cc: kerberos at mit.edu
Subject: Re: ZDNet UK: Kerberos harbours critical flaws

On Oct 13, 2008, at 12:23, Paul Moore wrote:
> Which bugs is this article referring to
>
> ------------------------------------------------------------
> http://news.zdnet.co.uk/security/0,1000000189,39165276,00.htm
>
> Kerberos harbours critical flaws
>
> The network-authentication technology can leave computers running  
> Unix, Linux
> or Mac OS X vulnerable


They mention double-free problems, and the article is from September  
2004, so I expect it's referring to the flaw in advisory MITKRB5- 
SA-2004-002 (listed at http://web.mit.edu/kerberos/advisories/) which  
had come out a few days before.

Ken




More information about the Kerberos mailing list