As mentioned in the announcement, there are known exploit tools out there for the flaw in kadmind < 0.5.1 with Kerberos 4 support. And they are being used, too. A successful exploit (or at least one particular exploit) seems to generate these log entries: fubar.se kadmind[pid]: krb_rd_req: 39 fubar.se GGGG I currently don't know if an unsuccessful exploit may generate these as well (Love knows?) /Andreas