On Thu, Sep 06, 2007 at 08:55:47AM -0400, Edgecombe, Jason wrote: > Hi All, > Does kpasswd use the kadmin protocol? I'm just looking at options for > mitigating the vulnerability.
The Solaris kpasswd will use either the kadmin password or the kpasswd protocol. I don't recall if the same is true for the MIT kpasswd. But both protocols are served by the same kadmind binary. To mitigate the issue you can setup a packet filter that blocks connections to the kadmin port. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
