Kerberos bypass, login theft bug slain by Microsoft, Linux slingers

LinuxSecurity.com: A vulnerability hidden in Kerberos code for more than 20 years met its end in patches issued this week by Microsoft and several Linux vendors. Having found the flaw three months ago in Heimdal, an open-source implementation of Kerberos, Jeffrey Altman, founder of AuriStor, and Viktor Dukhovni and Nicolas Williams from Two Sigma Investments, dubbed the bug Orpheus’ Lyre.

From: Linux Security

Share