Multiple holes in MIT Kerberos
Apr 09, 2009, 15:34 (0 Talkback[s])
Full Text Search: The Key to Better Natural Language Queries for NoSQL in Node.js
" Attackers can reportedly exploit a weakness to cause a SPNEGO
GSS-API application crash, including the Kerberos administration
daemon (kadmind). A remote attack could also cause a key
distribution center (KDC) or kinit program to crash.
"The developers also describe a vulnerability in the ASN.1
decoder that could allow an attacker to crash the Kerberos
application and execute arbitrary malicious code. All attacks can
be run remotely and do not require authentication."