Home News Enterprise Computing Systems Management New Version of MIT Kerberos

New Version of MIT Kerberos

Article Source The H
June 8, 2009, 8:36 am

The Massachusetts Institute of Technology (MIT) has released version 1.7 of its Kerberos network suite. The previous release, version 1.6.3, contained several known security vulnerabilities (CVE-2009-0844, CVE-2009-0845, CVE-2009-0846 and CVE-2009-0847), which had previously only been fixed in patch form.

In addition to fixing the vulnerabilities, Kerberos 1.7 also includes some new security features. The developers have improved security within the Kerberos v5 protocol by marking encryption protocols such as DES (Data Encryption Standard) as weak and adding a configuration variable that by default is set to disable these weak encryption types. Users can re-activate them by using the new allow_weak_crypto setting.


Subscribe to Comments Feed

Upcoming Linux Foundation Courses

  1. LFD211 Introduction to Linux for Developers
    09 Feb » 10 Feb - Virtual
  2. LFD312 Developing Applications For Linux
    16 Feb » 20 Feb - Atlanta - GA
  3. LFD331 Developing Linux Device Drivers
    16 Feb » 20 Feb - San Jose - CA

View All Upcoming Courses

Become an Individual Member
Check out the Friday Funnies

Sign Up For the Newsletter

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board