Debian DSA 266-1 Moderate: Issues with Remote Access in Krb5

Several vulnerabilities have been discovered in krb5, an
implementation of MIT Kerberos.

. A cryptographic weakness in version 4 of the Kerberos protocol
allows an attacker to use a chosen-plaintext attack to impersonate
any principal in a realm. Additional cryptographic weaknesses in
the krb4 implementation included in the MIT krb5 distribution
permit the use of cut-and-paste attacks to fabricate krb4 tickets
for unauthorized client principals if triple-DES keys are used to
key krb4 services. These attacks can subvert a site's entire
Kerberos authentication infrastructure.

Kerberos version 5 does not contain this cryptographic
vulnerability. Sites are not vulnerable if they have Kerberos v4
completely disabled, including the disabling of any krb5 to krb4
translation services.

. The MIT Kerberos 5 implementation includes an RPC library derived
from SUNRPC. The implementation contains length checks, that are
vulnerable to an integer overflow, which may be...