[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Problem between versions 0.6-67 and 0.6-159 on SuSE

--On Donnerstag, 20. Mai 2004 14:39 -0700 Scott Simpson 
<ssimpson@visionsolutions.com> wrote:

> I have heimdal set up on a SuSE 9.0 system. I can get a ticket and log
> in without a password between systems under version 0.6-67 but not
> version 0.6-159 which SuSE automatically upgrades to through its update
> site.

I'm having a similar problem in SuSE 8.1:
2004-05-22T14:27:18 Decoding transited encoding: KDC policy rejects request

IIRC this happens since I installed the latest security patch:

23 Apr 2004  	heimdal: heimdal
RPM 	heimdal 0.4e-401 (i586) 	1234 kB
Patch-RPM 	heimdal 0.4e-401-patch (i586) 	453 kB
Source-RPM 	heimdal-0.4e-401.src.rpm 	

Security Update!
The heimdal KDC does not properly check cross-realm requests,
which allows someone with control over a realm to impersonate anyone
in the cross-realm trust path.