From owner-freebsd-security Wed Aug 9 16:16: 3 2000 Delivered-To: freebsd-security@freebsd.org Received: from mail.utexas.edu (wb3-a.mail.utexas.edu [128.83.126.138]) by hub.freebsd.org (Postfix) with SMTP id 4F6BE37B66D for ; Wed, 9 Aug 2000 16:15:59 -0700 (PDT) (envelope-from oscars@mail.utexas.edu) Received: (qmail 24932 invoked by uid 0); 9 Aug 2000 23:15:57 -0000 Received: from chepe.cc.utexas.edu (HELO chepe.mail.utexas.edu) (128.83.135.25) by umbs-smtp-3 with SMTP; 9 Aug 2000 23:15:57 -0000 Message-Id: <4.3.2.7.2.20000809181113.00b9b7d0@mail.utexas.edu> X-Sender: oscars@mail.utexas.edu X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Wed, 09 Aug 2000 18:12:29 -0500 To: freebsd-security@FreeBSD.ORG From: Oscar Ricardo Silva Subject: Re: Setting up kerberos server on FreeBSD 4.x In-Reply-To: References: <4.3.2.7.2.20000809172222.00b489e0@mail.utexas.edu> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 03:44 PM 8/9/00 -0700, Kris Kennaway, you wrote: >On Wed, 9 Aug 2000, Oscar Ricardo Silva wrote: > > > One other minor question: Is the recent vulnerability found in Kerberos 4 > > fixed in FreeBSD 4.1 ? I saw that 3.5.1 was released but the only thing > > different from 3.5 was changes in the kerberos code. > >Well, what does the advisory tell you? > >Kris OK, found the answer to that one in FreeBSD-SA-00:33.kerberosIV.asc: At the time it was believed that the implementation of Kerberos distributed with FreeBSD was not vulnerable to these problems, but it was later discovered that FreeBSD 3.x contained an older version of KTH Kerberos 4 which is in fact vulnerable to at least some of these vulnerabilities. FreeBSD 4.0-RELEASE and later are unaffected by this problem, although FreeBSD 3.5-RELEASE is vulnerable. Should've just looked a little further and RTFM. Oscar To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message