Problem Description:
There is a programming error in the Heimdal implementation
that used an unauthenticated, plain-text version of the
KDC-REP service name found in a ticket.
Impact:
An attacker who has control of the network between a
client and the service it talks to will be able to impersonate
the service, allowing a successful man-in-the-middle (MITM)
attack that circumvents the mutual authentication.