Letter K

krb5-pkinit - The PKINIT module for Kerberos 5

Website: http://web.mit.edu/kerberos/www/
License: MIT
Vendor: Fedora Project
Description:


Kerberos is a network authentication system. The krb5-pkinit
package contains the PKINIT plugin, which allows clients
to obtain initial credentials from a KDC using a private key and a
certificate.

Packages

krb5-pkinit-1.13.1-3.fc22.i686 [150 KiB] Changelog by Roland Mainz (2015-05-04):
- fix for CVE-2015-2694 (#1216133) "requires_preauth bypass
  in PKINIT-enabled KDC".
  In MIT krb5 1.12 and later, when the KDC is configured with
  PKINIT support, an unauthenticated remote attacker can
  bypass the requires_preauth flag on a client principal and
  obtain a ciphertext encrypted in the principal's long-term
  key.  This ciphertext could be used to conduct an off-line
  dictionary attack against the user's password.

Listing created by Repoview-0.6.6-6.fc21