Download Firefox: WindowsMac OS X
logo       
Google Custom Search
    AddThis Social Bookmark Button
<prev   next>

inetutils/telnet commands.c: msg#00000

Subject: inetutils/telnet commands.c 
CVSROOT:        /cvsroot/inetutils
Module name:    inetutils
Branch:         
Changes by:     Sergey Poznyakoff <gray@xxxxxxxxxxxxxxxxxx>     03/08/31 
18:31:59

Modified files:
        telnet         : commands.c 

Log message:
        (tn): Don't set hostname to DNS canonicalized value.
        Attackers may control DNS and fool the Kerberos authentication
        code to use the wrong realm for the server, and consequently the
        wrong KDC for the server, which the attackers could also control.
        Ultimately the attacker can fool the server authentication check
        in the client.
        
        Patch by Simon Josefsson <jas@xxxxxxxxxxx>

CVSWeb URLs:
http://savannah.gnu.org/cgi-bin/viewcvs/inetutils/inetutils/telnet/commands.c.diff?tr1=1.16&tr2=1.17&r1=text&r2=text
<Prev in Thread] Current Thread [Next in Thread>
Next by Date:  inetutils/telnet ChangeLog, Sergey Poznyakoff
Next by Thread:  inetutils/telnet ChangeLog, Sergey Poznyakoff
Indexes:  [Date] [Thread] [Top] [All Lists]

    ^^^ ADDITIONAL NAVIGATION ^^^

  
Google Custom Search

Recently Viewed:
yellowdog.gener...    python.sqlalche...    culture.studies...    ietf.tsvwg/2002...    java.mule.devel...    netbsd.ports.dr...    user-groups.lin...    gnu.core-utils....    kde.users.multi...    qnx.openqnx.dev...    systems.archos....    text.xml.xtm.tm...    mail.qpsmtpd/20...    audio.csound.de...    linux.jpackage....    freebsd.chat/20...    drivers.eepro10...    org.user-groups...    xfree86.newbie/...    hardware.microc...    editors.tex.tex...    voip.wengophone...    web.eprints.dev...    boot-loaders.gr...   
Home | blog view, Court Document Archive | USPTO Patent Archive (NEW!) | advertise | OSDir is an inevitable website. super tiny logo