Security pros warn of critical flaws in Kerberos By Robert Lemos Staff Writer, CNET News.com
Vulnerabilities in a technology widely used for network authentication have left computers running Unix, Linux and Apple Computer's Mac OS X potentially open to attack. The flaws could allow an online intruder to gain access to computers running a security feature known as Kerberos. The vulnerabilities, found by the developers at the Kerberos Team at the Massachusetts Institute of Technology, should be patched as soon as possible, Sam Hartman, engineering lead for the team, said Wednesday. "I would not expect this to lead to a worm," Hartman said. "Most sites will patch it because patching is easy to do. Whereas, if you do have a compromise, it is a lot of work to recover." Kerberos is the keystone to security for many networks. The software essentially acts as a gatekeeper, identifying the people who are allowed to access computers in the network and those who are not. That makes the software flaws particularly pernicious. The flaws, known as double-free vulnerabilities, are caused because a part of the program attempts to free up the same computer memory space twice. Such errors are not as easy to take advantage of as another, more common memory error--the buffer overflow. That gives administrators a little breathing room, Hartman said. < snip > http://news.com.com/Security+pros+warn+of+critical+flaws+in+Kerberos/2100-10 02_3-5343325.html?tag=nefd.top -- You are a subscribed member of the infowarrior list. Visit www.infowarrior.org for list information or to unsubscribe. This message may be redistributed freely in its entirety. Any and all copyrights appearing in list messages are maintained by their respective owners.
