MITKRB5-SA-2003-004: Cryptographic weaknesses in Kerberos v4 protocol

[Matt Crawford]

If you'll entertain another question ...

I have v4_mode = none and do not have any cross-realm trust into my
realm.  I do run krb524d.  Let's take it as granted that I don't let
anyone create arbitrarily-named principals in my realm.

Vulnerable to any legitimate client?

Vulnerable to someone who has a service principal's key?