Slashdot Mirror

← Back to Stories (view on slashdot.org)

Critical Kerberos Flaw Revealed

Posted by CowboyNeal on from the locking-down-the-network dept.

doi writes "ZD Net is carrying a story about '...a critical flaw that could allow hackers to circumvent the secure networking system...The problem lies with software in MIT Kerberos 5 called kadmind4 (Kerberos v4 compatibility administration daemon), which allows compatibility with older administrative clients. A buffer stack overflow allows an attacker to use a specially formed request to gain access to the KDC with the privileges of a user running kadmind4.' It affects all MIT-derived versions of Kerberos 4 and 5."

4 of 197 comments (clear)

  1. Re:Guess I was wrong... by groove10 · · Score: 0, Offtopic

    What the hell was that about... Timecube? Anyone want to fill me in on this thing? I started to read it but it really hurt my eyes to see text that big.

    --
    MMORPG fan-boy? Prove your worth
  2. Re:Is this really pertinent? by tswinzig · · Score: 1, Offtopic

    dude, slow news day

    --

    "And like that ... he's gone."
  3. Re:is this for real [OT] by CommanderTaco · · Score: 0, Offtopic

    well, it's a bit redundant...
    today is the (car (cdr life)) would be better, or maybe
    (define today (car (cdr life)))

  4. Re:Guess I was wrong... by einhverfr · · Score: 1, Offtopic

    YES AND THERE ARE 4 24 HOUR DAYS WITH EATH EARTH ROTATION!

    Hmmm.... Call me silly,. stupid, and evil, but.... Why 4? Why not soething more tangable like 24 (1 for each general time-zone, discounting exception), or better yet, how about an infinite number of great circles passing through the poles creating an infinte number of longitude lines... Wait-- that is critical to Astrology. It must be STUPID AND EVIL even though it is true mathematically.

    --

    LedgerSMB: Open source Accounting/ERP