3bf5fef4d3
In _krb5_extract_ticket() the KDC-REP service name must be obtained from encrypted version stored in 'enc_part' instead of the unencrypted version stored in 'ticket'. Use of the unecrypted version provides an opportunity for successful server impersonation and other attacks. Submitted by: hrs Obtained from: Heimdal Security: FreeBSD-SA-17:05.heimdal Security: CVE-2017-11103 |
||
---|---|---|
.. | ||
asn1 | ||
com_err | ||
gssapi | ||
hdb | ||
heimdal | ||
hx509 | ||
ipc | ||
kadm5 | ||
kafs | ||
krb5 | ||
ntlm | ||
roken | ||
sl | ||
sqlite | ||
vers | ||
wind | ||
Makefile.am | ||
Makefile.in |