[6763] in Kerberos
Re: Kerberos Weakness (COAST Findings)
daemon@ATHENA.MIT.EDU (Mark Murray)
Mon Feb 26 08:37:32 1996
To: kerberos@MIT.EDU
Date: Mon, 26 Feb 1996 13:15:20 GMT
From: markm@iafrica.com (Mark Murray)
tytso@dcl.mit.edu (Theodore Y. Ts'o) wrote:
>In article <Dn2qsH.Du9.0.staffin.dcs.ed.ac.uk@dcs.ed.ac.uk> gdmr@dcs.ed.ac.uk (George Ross) writes:
>>Do the various "bones" versions have the problem? If so, are fixes available
>>and how do we get them?
>The bug was in the portion of the Kerberos sources which would have been
>stripped out by the "Bones" distribution made at MIT. I haven't
>personally had a chance to take a look at the "eBones" distribution,
>which had the encryption calls added back outside of the US of A,
>to see if it also has similar problems.
eBones _does_ have the problem. The guy who did the conversion also
used the old RNG (the new wasn't even in MIT DES). FreeBSD has
corrected eBones in a way that I would imagine is very similar to
MIT. Look on a FreeBSD site close to you.
M
