[6694] in Kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Kerberos Weakness (COAST Findings)

daemon@ATHENA.MIT.EDU (Steve Lodin)
Sun Feb 18 22:00:28 1996

To: kerberos@MIT.EDU
Date: 18 Feb 1996 21:22:17 -0500
From: swlodin@cs.purdue.edu (Steve Lodin)

In article <4g7pel$md8@jik.datasrv.co.il>,
Jonathan Kamens <jik@annex-1-slip-jik.cam.ov.com> wrote:
>Is an MIT Kerberos V5 KDC running with Kerberos V4 compatibility (i.e.,
>responding to V4 requests) vulnerable to this attack?
>
>I suppose another way to ask the same question is, "Does the attack exploit a
>vlunerability in the V4 protocol or its implementation?"

It is an implementation issue, not a protocol design issue.

Steve

-- 
Steve Lodin 
Purdue - swlodin@cs.purdue.edu http://www.cs.purdue.edu/people/swlodin
Delco Electronics - swlodin@delcoelect.com (317)451-0479 
Home - swlodin@iquest.net http://www.iquest.net/~swlodin/


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[6694] in Kerberos

Re: Kerberos Weakness (COAST Findings)

daemon@ATHENA.MIT.EDU (Steve Lodin)Sun Feb 18 22:00:28 1996

daemon@ATHENA.MIT.EDU (Steve Lodin)
Sun Feb 18 22:00:28 1996