An unspecified vulnerability in MIT Kerberos kadmind server may allow an attacker to execute arbitrary code.
Kerberos is a network authentication system that uses a trusted third party to authenticate clients and servers to each other. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. MIT Kerberos code is used in network applications from a variety of different vendors and is included in many UNIX and Linux distributions. The kadmind daemon is the administration server that runs on the master Kerberos server.
From the kadmind manual page:
A remote, unauthenticated attacker may be able to execute arbitrary code.
Thanks to the MIT Kerberos team for information that was used in this report.
This document was written by Ryan Giobbi.
|Date First Published:||2007-09-04|
|Date Last Updated:||2007-11-15 13:21 UTC|