Date: Wed, 30 Apr 1997 08:38:52 +0200 From: Mark Murray <mark@grondar.za> To: Robert N Watson <rnw@andrew.cmu.edu> Cc: security@freebsd.org Subject: Re: vulnerabilities in kerberos (fwd) Message-ID: <199704300638.IAA03856@grackle.grondar.za>
next in thread | raw e-mail | index | archive | help
On Tue, 29 Apr 1997 19:51:29 -0400 (EDT) , Robert N Watson wrote: > Most of the stuff in this bulletin is not relevant to FreeBSD's eBones > distribution, as it's Kerberos IV, but near the bottom they start talking > about some Kerberos IV stuff that was vulnerable in OpenBSD's KerbIV stuff > until recently. OK... > BTW, is anyone actively maintaining the Kerberos code in FreeBSD? Have we Yes. Me. (But I have been kinda slack). > given any thought to bringing in the Kth code instead, as it's more > modern, etc? I've noticed, also, that the Krb distribution for FreeBSD > doesn't include the kerberos-authenticated FTPd, so one has to make that > independantly and set flags appropriately. That should probably be > corrected. I am going to commit KTH eBones one of these days (RSN). I have been INCREDIBLY busy at work, and owe them a lot of time for sick leave last year. KTH has a lot of nice toys, and they fix very many problems, like multi- homed hosts, some buffer overruns, etc. I have a license to bring in Kerberos5 as well. That code _really_ sucks, though. It is all over the place, and getting it "bmaked" is a much longer term project. M -- Mark Murray PGP key fingerprint = 80 36 6E 40 83 D6 8A 36 This .sig is umop ap!sdn. BC 06 EA 0E 7A F2 CE CE
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199704300638.IAA03856>