Linux.com

Home News Enterprise Computing Systems Management New Version of MIT Kerberos

New Version of MIT Kerberos

Article Source The H
June 8, 2009, 8:36 am

The Massachusetts Institute of Technology (MIT) has released version 1.7 of its Kerberos network suite. The previous release, version 1.6.3, contained several known security vulnerabilities (CVE-2009-0844, CVE-2009-0845, CVE-2009-0846 and CVE-2009-0847), which had previously only been fixed in patch form.

In addition to fixing the vulnerabilities, Kerberos 1.7 also includes some new security features. The developers have improved security within the Kerberos v5 protocol by marking encryption protocols such as DES (Data Encryption Standard) as weak and adding a configuration variable that by default is set to disable these weak encryption types. Users can re-activate them by using the new allow_weak_crypto setting.
 

Comments

Subscribe to Comments Feed

Upcoming Linux Foundation Courses

  1. LFS426 Linux Performance Tuning
    08 Sep » 11 Sep - New York
    Details
  2. LFS520 OpenStack Cloud Architecture and Deployment
    08 Sep » 11 Sep - Virtual
    Details
  3. LFD320 Linux Kernel Internals and Debugging
    15 Sep » 19 Sep - Virtual
    Details

View All Upcoming Courses

Become an Individual Member
Check out the Friday Funnies

Sign Up For the Linux.com Newsletter


Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board