Slashdot Mirror

← Back to Stories (view on slashdot.org)

MIT Warns of Critical Vulnerabilities in Kerberos 5

Posted by CowboyNeal on from the heightened-state-of-alertness dept.

kinrowan writes "MIT, inventor of Kerberos, has announced a pair of vulnerabities in the software that will allow an attacker to either execute a DOS attack or execute code on the machine. Some details of the story are at SearchSecurity as well as ComputerWeekly. Details of the advisories themselves are also available. The vulnerabilities also affect the VPN 3000 line of Cisco VPN concentrators."

6 of 100 comments (clear)

  1. Can anyone explain how ez this exploit really is by Anonymous Coward · · Score: 1, Insightful

    "...it is trivial to construct a corrupt encoding
    which will trigger the infinite loop...

  2. It's a double free, not easy to exploit by Beryllium+Sphere(tm) · · Score: 4, Insightful

    Has anyone seen exploit code in the wild yet?

    1. Re:It's a double free, not easy to exploit by BetterThanCaesar · · Score: 2, Insightful

      Honest question: Has there ever been an exploit of a double free (or similar) bug? I see how it is a problem (I've segfaulted more than once because of it), but how does one inject and run code using it?

      --
      "Stop failing the Turing test!" -- Dilbert
  3. Re:Maybe they should..... by inburito · · Score: 3, Insightful

    Umm.. most of the .mit.edu computers are students' own dorm room computers. Mit doesn't care what people do with them unless they start disrupting the network operations.

    It is a pretty good deal with a fixed ip address, your own mit-domain name and a direct hookup without any extra firewalls or nats. I know I like mine. However, smarter than average kids do not necessarily good sys admins make. A hack on an "mit"-computer seems to enjoy questionable prestige especially in asia even though nobody ever hacks the university's computers.. just random people's personal ones. What's so great about defacing some bio-major's laptop..

  4. Re:Wonder if Windows Kerberos will be affected? by N7DR · · Score: 2, Insightful
    Apart from MIT, and Windows, who uses Kerberos nowadays? Doesn't SSH, and public-key based authentication pretty much make the whole thing irrelevant?

    PacketCable security (VoIP over cable) is based on Kerberos. (www.packetcable.com). Interestingly, it's version of Kerberos that uses public-key authentication (PKINIT).

    FWIW, the most common KDC used in PacketCable networks (www.ipfonix.com) is not vulnerable, since it uses no MIT code.

    I do wish that the original headline had been more accurate, since it's not a bug in Kerberos that has been found, but a bug in a particular implementation.

  5. I guess the Open Source crowd argument... by Anonymous Coward · · Score: 1, Insightful

    ...about "many-eyes" on the source always being more secure is deflated somewhat by this, if, in fact, the MS implementation does NOT have this flaw because they developed their implementation from spec.

    I guess "sharper eyes" are better than "many eyes"...