Home News Enterprise Computing Systems Management New Version of MIT Kerberos

New Version of MIT Kerberos

Article Source The H
June 8, 2009, 8:36 am

The Massachusetts Institute of Technology (MIT) has released version 1.7 of its Kerberos network suite. The previous release, version 1.6.3, contained several known security vulnerabilities (CVE-2009-0844, CVE-2009-0845, CVE-2009-0846 and CVE-2009-0847), which had previously only been fixed in patch form.

In addition to fixing the vulnerabilities, Kerberos 1.7 also includes some new security features. The developers have improved security within the Kerberos v5 protocol by marking encryption protocols such as DES (Data Encryption Standard) as weak and adding a configuration variable that by default is set to disable these weak encryption types. Users can re-activate them by using the new allow_weak_crypto setting.


Subscribe to Comments Feed

Upcoming Linux Foundation Courses

  1. LFD320 Linux Kernel Internals and Debugging
    03 Nov » 07 Nov - Virtual
  2. LFS416 Linux Security
    03 Nov » 06 Nov - Virtual
  3. LFS426 Linux Performance Tuning
    10 Nov » 13 Nov - Virtual

View All Upcoming Courses

Become an Individual Member
Check out the Friday Funnies

Sign Up For the Newsletter

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board