MIT Kerberos is an implementation of the Kerberos network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. Kerberos is available in many commercial products as well.
|Operating Systems||Mac OS X Windows POSIX Unix|
Release Notes: Makes KDC log service principal names more consistently during some error conditions, instead of "
Release Notes: This is primarily a bugfix release. The following vulnerabilities have been fixed: kpropd denial of service [MITKRB5-SA-2011-001 CVE-2010-4022], KDC denial of service attacks [MITKRB5-SA-2011-002, CVE-2011-0281 CVE-2011-0282 CVE-2011-0283], KDC double-free when PKINIT enabled [MITKRB5-SA-2011-003 CVE-2011-0284], kadmind frees invalid pointer [MITKRB5-SA-2011-004 CVE-2011-0285].
Release Notes: A buffer overflow in svc_auth_gss.c (reported in CVE-2007-3999 and CVE-2007-4743) was fixed. A modify_policy vulnerability (reported in CVE-2007-4000) was fixed. PKINIT support was added.