* Sergio Gelato [2017-08-30 10:38:30 +0200]:
> * Andreas Haupt [2017-08-30 09:01:08 +0200]:
> > we are running KDCs on Heimdal version 7.4. Since the update to version 7.x
> > a few weeks ago we observe KDC segfaults after receiving invalid AS-REQ.
> > Looks like an evil bug to me. Anybody else seeing this?
> Yes. Saw in on 2017-06-14, filed an encrypted bug report to heimdal-bugs
> the next day with the attached patch. No reaction. Not to my status query
> the other day either.
To elaborate: as far as I can tell this is "only" a DoS. Trivial to exploit:
just send an AS-REQ with no cname field (how to make such a packet is left
as an exercise). Can be over UDP.
I'm not sure the shodan user who did this to one of my KDCs that day knew
when (s)he was doing. Haven't had any further problems since I applied that