[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Problem between versions 0.6-67 and 0.6-159 on SuSE

To: Scott Simpson <ssimpson@visionsolutions.com>, heimdal-discuss@sics.se
Subject: Re: Problem between versions 0.6-67 and 0.6-159 on SuSE
From: Norbert Klasen <norbert+lists.heimdal-discuss@burgundy.dyndns.org>
Date: Sun, 23 May 2004 22:29:04 +0200
Cc: suse-security@suse.com
In-Reply-To: <82A47638CDEE2947809EE34E2A378105222BCD@exchange.visionsolutions.com>
References: <82A47638CDEE2947809EE34E2A378105222BCD@exchange.visionsolutions.com>
Sender: owner-heimdal-discuss@sics.se



--On Donnerstag, 20. Mai 2004 14:39 -0700 Scott Simpson 
<ssimpson@visionsolutions.com> wrote:

> I have heimdal set up on a SuSE 9.0 system. I can get a ticket and log
> in without a password between systems under version 0.6-67 but not
> version 0.6-159 which SuSE automatically upgrades to through its update
> site.

I'm having a similar problem in SuSE 8.1:
2004-05-22T14:27:18 Decoding transited encoding: KDC policy rejects request

IIRC this happens since I installed the latest security patch:

23 Apr 2004  	heimdal: heimdal
RPM 	heimdal 0.4e-401 (i586) 	1234 kB
Patch-RPM 	heimdal 0.4e-401-patch (i586) 	453 kB
Source-RPM 	heimdal-0.4e-401.src.rpm 	

Security Update!
The heimdal KDC does not properly check cross-realm requests,
which allows someone with control over a realm to impersonate anyone
in the cross-realm trust path.


Norbert

References:
- Problem between versions 0.6-67 and 0.6-159 on SuSE
  - From: "Scott Simpson" <ssimpson@visionsolutions.com>

Prev by Date: Re: Errors building PHP 4.3.6
Next by Date: Re: Fix Samba support in Heimdal
Prev by thread: Re: Problem between versions 0.6-67 and 0.6-159 on SuSE
Next by thread: RE: Problem between versions 0.6-67 and 0.6-159 on SuSE
Index(es):
- Date
- Thread