krb5: kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)
It was found that the MIT Kerberos administration server kadmind incorrectly accepted certain authentication requests for two-component server principal names. A remote attacker able to acquire a key with a particularly named principal such as "kad/x" could use this flaw to impersonate any user t...