Known Bugs in Kerberos 5 Release 1.0
Please check the main Kerberos page; some of these problems may have
been fixed in more recent releases.
- There are serious buffer overrun vulnerabilities in the krb4
compat code. See the
advisories
page for details.
- The gssrpc library has symbol collisions with the rpc library in
some of the libcs in certain operating systems without shared
libraries, notably some ports of NetBSD and MkLinux. For those
platforms which have rpc in libc and also contain NIS in libc,
compiling with static libraries will not work because of this
conflict. NetBSD users can either upgrade to the current tree, which
includes shared libraries for more ports, choose not to build kadmind
or kadmin, or recompile NetBSD without NIS support. MkLinux users
must either recompile without NIS or not build the administration
system.
- There are some problems with the login program locating programs
on some BSD systems.
- A host security problem with ksu has come to our
attention. This problem is fixed in the 1.1.1 release. A 1.0.7
release is in beta testing, for sites that are for one reason or
another unable to update to 1.1.1 or later (though we'd like to know
why, since we'd rather have you run the later code).
$Id: known-bugs.html,v 1.7 2000/05/17 20:42:41 tlyu Exp $
For comments/suggestions about this page, mail:
krbcore@mit.edu