Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!


Critical security flaws found in Kerberos

Save your company's valuable data with Proxy Sentinel™ from Internet Security. Click here for all the details.

September 2, 2004

Security vulnerabilities in a technology widely used for network authentication have left computers running Unix, Linux and Mac OS X potentially open to an Internet attack. The security flaws could allow an online intruder to gain access to computers running a security feature known as Kerberos.

The vulnerabilities, found by the developers at the Kerberos Team at the Massachusetts Institute of Technology, should be patched as soon as possible, Sam Hartman, engineering lead for the team, said Wednesday.

"I would not expect this to lead to a worm," Hartman said. "Most sites will patch it because patching is easy to do. Whereas, if you do have a compromise, it is a lot of work to recover."

Kerberos is the keystone to security for many networks. The software essentially acts as a gatekeeper, identifying the people who are allowed to access computers in the network and those who are not. That makes the software flaws particularly pernicious.

The flaws, known as double-free vulnerabilities, are caused because a part of the program attempts to free up the same computer memory space twice. Such errors are not as easy to take advantage of as another, more common memory error--the buffer overflow. That gives administrators a little breathing room, Hartman said.

"We have no reason to believe that anyone has produced an exploit program," he said. "Moreover, this is not something where we have seen an attack in the wild."

Kerberos is a building block of many network security devices and software. Microsoft uses the mechanism to control security in its Active Directory authentication. However, the company uses a homegrown version of Kerberos that is not affected by the flaws, Hartman said.

However, Sun Microsystems' Solaris, Linux from Red Hat and Mandrake, and OS X all use Kerberos. Some companies, such as Red Hat, have announced patches for the problem, but not all have.

Even if a worm may not be created to exploit the flaws, administrators need to patch the issue as soon as possible, said Alfred Huger, senior director for security at network protection firm Symantec. "We see a lot of it in customer environments," he said. "It is very common."

Busy company IT managers frequently will not place high priority on vulnerabilities that have not been exploited by hackers. Yet, Huger stressed that thinking that way is asking for trouble.

"A worm likely won't be created using this flaw, but that means that it may stay unpatched, and that is really dangerous, especially with something that serves up your authentication," he said.

The Computer Emergency Response Team coordinated the Kerberos advisory, MIT's Hartman said.

The publication of the advisory went much smoother than a year ago, when another flaw in Kerberos was found. That information was leaked out early by an unknown person who claimed to have access to the network.

Administrators should check their operating system vendor's Web site for more information on the recent flaws.

Source: C-Net News


Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.


Back to the top of the page.         

You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.

Click here to order your Proxy Sentinel™ Internet security server today!

Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing



| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet Security.ca 2003    Terms of use    Privacy agreement    Legal disclaimer