Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


Multiple holes in MIT Kerberos

Apr 09, 2009, 15:34 (0 Talkback[s])

" Attackers can reportedly exploit a weakness to cause a SPNEGO GSS-API application crash, including the Kerberos administration daemon (kadmind). A remote attack could also cause a key distribution center (KDC) or kinit program to crash.

"The developers also describe a vulnerability in the ASN.1 decoder that could allow an attacker to crash the Kerberos application and execute arbitrary malicious code. All attacks can be run remotely and do not require authentication."

Complete Story

Related Stories: