On Mon, Nov 16, 2020 at 10:48 AM Luke Hebert wrote:
> We've just started encountering problems at customer sites with
> Kerberos enabled clients as a result of how Microsoft appears to be
> approaching CVE-2020-17049
> <https://cve.mitre.org/cgi-bin/cvename.cgi?name=
: kerberos-boun...@mit.edu on behalf of Jeffrey
Altman
Sent: Tuesday, November 17, 2020 1:51 PM
To: Greg Hudson (ghud...@mit.edu); Robbie Harwood (rharw...@redhat.com);
kerberos@mit.edu
Subject: Re: CVE-2020-17049
On 11/17/2020 1:26 PM, Greg Hudson (ghud...@mit.edu) wrote:
> On 11/17/20 12:5
On 11/17/2020 1:26 PM, Greg Hudson (ghud...@mit.edu) wrote:
> On 11/17/20 12:53 PM, Jeffrey Altman wrote:
>> Just to set the record straight, Kerberos service tickets have never
>> been renewable unless they were obtained as initial tickets. Only
>> TGTs are renewable. This is true for MIT and He
On 11/17/20 12:53 PM, Jeffrey Altman wrote:
> Just to set the record straight, Kerberos service tickets have never
> been renewable unless they were obtained as initial tickets. Only
> TGTs are renewable. This is true for MIT and Heimdal as well as
> Active Directory.
Both initial and non-initia
unsubscribe
On Mon, Nov 16, 2020 at 10:58 AM Luke Hebert wrote:
> Hi,
>
> We've just started encountering problems at customer sites with Kerberos
> enabled clients as a result of how Microsoft appears to be approaching
> CVE-2020-17049
> <https://cve.mitre.org/cgi-bin
On 11/17/2020 12:16 PM, Robbie Harwood (rharw...@redhat.com) wrote:
> Luke Hebert writes:
>
>> Hi,
>> Disabling service
>> ticket and tgt renewability is not great and it obviously breaks long
>> running processes that rely on renewability of these items.
Just to set the record straight, Kerbero
Luke Hebert writes:
> Hi,
>
> We've just started encountering problems at customer sites with Kerberos
> enabled clients as a result of how Microsoft appears to be approaching
> CVE-2020-17049
> <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17049>. The
&
Hi,
We've just started encountering problems at customer sites with Kerberos
enabled clients as a result of how Microsoft appears to be approaching
CVE-2020-17049
<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17049>. The
details on this CVE are slim on Mitre and there is a s