Douglas Schweitzer

The Security Sector

Kerberos Bug needs a fix

TAGS:comprimise, Kerberos, services
IT TOPICS:Security

The Kerberos authentication protocol (MIT Kerberos 5 release, up to and including krb5-1.6.3) has been discovered to have several serious vulnerabilities. MIT developed the popular Kerberos as a means for authenticating requests for services in computer networks, but now flaws have been found that could be exploited by hackers to executive arbitrary code on selected targets. The problems lie in the Kerberos 5 Key Distribution Center program and libraries and also in the management of open file descriptors and ultimately possible memory corruption.

While the potential for compromise has been identified, no exploits have been reported as yet. Users are advised to apply workarounds or better yet, update to version kbr5-1.6.4 if they haven't already done so.

What is Tech Briefcase?

TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more

Bookmark content

Speed up your research efforts with content across the web.

Search and Store

Find the white papers you need. Create folders for any topic.

View Anywhere

Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.

Don't have an account yet?

Big Brother Security for Little Brother firms

DEMOfall '08: It's IT time

Details, details

And SHE'S the more technical one

Today's Top Stories

Essential browser tools for Web developers

Hands on: The new iPad

Microsoft cuts the prices of some Office 365 plans

Google works to overhaul its search

Mozilla will start Firefox silent updates in June

Preston Gralla: Big backlash is building against Windows 8. Will Microsoft listen?

Hot Posts

Google wins again vs. Oracle: No patent probs.

Posted by IT Blogwatch |

Apple iPhone 5 -- fresh reports claim 4-inch display

Posted by Jonny Evans |

London's flying cameras spy shoelaces nearly a mile away; Will drones in the USA?

Posted by Darlene Storm |

Free Insider Guide

Excel 2010 Cheat Sheet: Register for this Computerworld Insider Cheat Sheet and gain access to hundreds of premium content articles, guides, product reviews and more.

Security White Papers

2011 FFIEC Authentication Guidance: A New Standard For Online Banking Security: This whitepaper provides an overview of the updated Guidance and the threat landscape which helped define it, examines why previous security measures are...
Backup & Recovery for VMware Environments with Avamar 6.0: This paper highlights several new features within EMC Avamar 6.0 that specifically target and advance the capabilities and performance of VMware data protection.
Driving Security in a Hybrid Cloud Environment: This paper examines recent IDG research among IT leaders, who share their concerns and strategies in addressing security in cloud computing environments.

Security Webcasts

Operational Decision Management for Improving Governance, Risk and Compliance: How to rapidly adapt automated decisions to ever changing market and regulatory environments: Date: Monday, September 26, 2011, 11:00 AM EDT

In this webcast you'll learn how your organization can become more responsive to financial market challenges...
Kill the Laptop! Its Corporate Days Are Numbered: "Kill the Laptop" - The evolution of chips, computing power, connection speed, and the cloud is leading to the fall of laptops and...
The Top Ten Secrets to Avoiding SAN Performance Problems: Maintaining peak performance while simultaneously addressing the root cause of SAN errors is challenging. Learn the most common SAN problems and explore new...

IT Newsletters

Get the latest technology news and analysis on critical issues in the enterprise.

Kerberos Bug needs a fix

Related Posts

Today's Top Stories

Hot Posts

Douglas Schweitzer's Archive

IT Topics