Multiple holes in MIT Kerberos
Apr 09, 2009, 15:34 (0 Talkback[s])
WEBINAR: On-demand webcast
How to Boost Database Development Productivity on Linux, Docker, and Kubernetes with Microsoft SQL Server 2017 REGISTER >
" Attackers can reportedly exploit a weakness to cause a SPNEGO
GSS-API application crash, including the Kerberos administration
daemon (kadmind). A remote attack could also cause a key
distribution center (KDC) or kinit program to crash.
"The developers also describe a vulnerability in the ASN.1
decoder that could allow an attacker to crash the Kerberos
application and execute arbitrary malicious code. All attacks can
be run remotely and do not require authentication."