Create an Account
username: password:
 
  MemeStreams Logo

[Full-Disclosure] Vulnerabilities in the Kerberos version 4 protocol
search
Home Agent Weblogs Social Network Post Help About

bucy
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

bucy's topics
Arts
  Literature
  Movies
  Music
  TV
   Cartoons
Business
Games
  Video Games
   Console Video Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
  Environment
  Space
Society
  Politics and Law
Sports
Technology
  Computers
   Computer Security
    Cryptography
   Computer Networking
   Computing Platforms

support us

Get MemeStreams Stuff!


 
[Full-Disclosure] Vulnerabilities in the Kerberos version 4 protocol
Topic: Miscellaneous 10:37 am EST, Mar 17, 2003

] Several cryptographic vulnerabilities exist in the basic
] Kerberos Version 4 protocol that could allow an attacker
] to impersonate any user in a Kerberos realm and gain any
] privilege authorized through that Kerberos realm.
] Knowledge of the key shared between two realms for
] Kerberos 4 cross-realm authentication or the ability to
] create arbitrary principals in a realm is sufficient to
] print any ticket in the realm.

Maybe this will finally kill krb4 ... AFS has been the big
holdout and its finally starting to get krb5 support though
it only works with MIT krb5 and not heimdal (from kth.se) right
now.

[Full-Disclosure] Vulnerabilities in the Kerberos version 4 protocol

Thread [1]


  
 
Powered By Industrial Memetics		RSS2.0