[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Remote vulnerability in kadmind

To: Måns Nilsson <mansaxel@sunet.se>
Subject: Re: Remote vulnerability in kadmind
From: Dave Love <d.love@dl.ac.uk>
Date: 25 Oct 2002 12:07:38 +0100
Cc: heimdal-discuss@sics.se
In-Reply-To: <627970000.1035499863@localhost.besserwisser.org>
References: <xoffzuzshys.fsf@blubb.pdc.kth.se><rzq8z0n63yq.fsf@albion.dl.ac.uk><627970000.1035499863@localhost.besserwisser.org>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.2

Måns Nilsson <mansaxel@sunet.se> writes:

> From the advisory:

Where should I have seen that?  I've seen a recent MIT advisory on
bugtraq, which may or may not be about the same thing, but not one for
Heimdal.  I now realize it's on the web site, but that's not explicit
about how `you should disable [Kerberos 4 support]'.

I think it would be useful if announcements were copied to
heimdal-discuss, which is what I'd expect.

> So, if your 0.4 installs are built in v4 compatibility mode, yes, then they
> are vulnerable.

The web site implies I can fix the configuration without rebuilding --
is that false?

> I'd upgrade anyway. Sensitive box, that KDC.. 

That's why I'm asking, but it's not that easy to upgrade.

Follow-Ups:
- Re: Remote vulnerability in kadmind
  - From: Måns Nilsson <mansaxel@sunet.se>
- Re: Remote vulnerability in kadmind
  - From: joda@pdc.kth.se (Johan Danielsson)

References:
- Remote vulnerability in kadmind
  - From: joda@pdc.kth.se (Johan Danielsson)
- Re: Remote vulnerability in kadmind
  - From: Dave Love <d.love@dl.ac.uk>
- Re: Remote vulnerability in kadmind
  - From: Måns Nilsson <mansaxel@sunet.se>

Prev by Date: Heimdal 0.5.1 build problems
Next by Date: Re: Remote vulnerability in kadmind
Prev by thread: Re: Remote vulnerability in kadmind
Next by thread: Re: Remote vulnerability in kadmind
Index(es):
- Date
- Thread