Subject: Re: security flaw in Kerberos?
To: None <>
From: Johan A.van Zanten <>
List: netbsd-users
Date: 09/02/2004 21:21:00
Steve Bellovin <> wrote:
> -- which I assume 
> applies to NetBSD, too, though I haven't verified this.

 I don't think that's a good assumption to make.  NetBSD's Kerberos
 implementation (the implementation that is installed by default with the
 OS) is based on Heimdal, which is a seperate distribution of Kerberos
 v5. (It's not the MIT dist. of Kerberos.)  I think it's a complete
 rewrite, but i cannot remember for certain.

 I've done some nominal comparisons of the patches supplied by MIT and the
what's in /usr/src/crypto/dist/heimdal, and the patches really don't look

 I believe some of the Heimdal developers read these lists, so perhaps
than can give a more authoritative reply.