[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Remote vulnerability in kadmind

To: Måns Nilsson <mansaxel@sunet.se>
Subject: Re: Remote vulnerability in kadmind
From: Brian May <bam@snoopy.apana.org.au>
Date: Fri, 25 Oct 2002 10:36:26 +1000
Cc: heimdal-discuss@sics.se
In-Reply-To: <627970000.1035499863@localhost.besserwisser.org>
References: <xoffzuzshys.fsf@blubb.pdc.kth.se> <rzq8z0n63yq.fsf@albion.dl.ac.uk> <627970000.1035499863@localhost.besserwisser.org>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Mutt/1.3.28i

On Fri, Oct 25, 2002 at 12:51:03AM +0200, Måns Nilsson wrote:
>  If you are running a version older than 0.5.1 AND have Kerberos 4 support
>  enabled in kadmind you should disable it until you have time to upgrade."

...unless of course you are running an older version that has been
patched with the fixes...

This has always been Debian's policy to patch the old version rather
then to upgrade to the latest version, in case the new version
breaks stuff.

While all versions of Heimdal have at least some security
bugs already fixed, we are currently working on fixing other
security problems.
--
Brian May <bam@snoopy.apana.org.au>

References:
- Remote vulnerability in kadmind
  - From: joda@pdc.kth.se (Johan Danielsson)
- Re: Remote vulnerability in kadmind
  - From: Dave Love <d.love@dl.ac.uk>
- Re: Remote vulnerability in kadmind
  - From: Måns Nilsson <mansaxel@sunet.se>

Prev by Date: Re: Remote vulnerability in kadmind
Next by Date: Re: Remote vulnerability in kadmind
Prev by thread: Re: Remote vulnerability in kadmind
Next by thread: Re: Remote vulnerability in kadmind
Index(es):
- Date
- Thread