Home News Enterprise Computing Systems Management New Version of MIT Kerberos

New Version of MIT Kerberos

Article Source The H
June 8, 2009, 8:36 am

The Massachusetts Institute of Technology (MIT) has released version 1.7 of its Kerberos network suite. The previous release, version 1.6.3, contained several known security vulnerabilities (CVE-2009-0844, CVE-2009-0845, CVE-2009-0846 and CVE-2009-0847), which had previously only been fixed in patch form.

In addition to fixing the vulnerabilities, Kerberos 1.7 also includes some new security features. The developers have improved security within the Kerberos v5 protocol by marking encryption protocols such as DES (Data Encryption Standard) as weak and adding a configuration variable that by default is set to disable these weak encryption types. Users can re-activate them by using the new allow_weak_crypto setting.


Subscribe to Comments Feed

Upcoming Linux Foundation Courses

  1. LFS230 Linux Network Management
    06 Oct » 09 Oct - Virtual
  2. LFD331 Developing Linux Device Drivers
    13 Oct » 17 Oct - Virtual
  3. LFS430 Linux Enterprise Automation
    13 Oct » 16 Oct - Virtual

View All Upcoming Courses

Become an Individual Member
Check out the Friday Funnies

Sign Up For the Newsletter

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board