[3442] in Kerberos
SECURITY bug in AFS-ized ksrvutil
daemon@ATHENA.MIT.EDU (John Gardiner Myers)
Sun Jun 19 23:44:41 1994
To: kerberos@MIT.EDU
Date: Sun, 19 Jun 1994 23:01:02 -0400
From: John Gardiner Myers <jgm+@CMU.EDU>
The AFS-modified version of ksrvutil that was previously distributed
by CMU had a bug whereby the service keys picked by "ksrvutil change"
were overly predictable.
A fixed version is available via anonymous FTP to
ftp.andrew.cmu.edu:pub/kerberos/ksrvutil.tar.Z
Sites which had previously used CMU's AFS-ized ksrvutil are strongly
urged to pick up this new version and change all of their srvtab
service keys with it.
Thanks to Rob Earhart for identifying and fixing this bug.
--
_.John G. Myers Internet: jgm+@CMU.EDU
LoseNet: ...!seismo!ihnp4!wiscvm.wisc.edu!give!up
