KTH Kerberos Telnet implementations do not strictly enforce client encryption request

Overview A vulnerability exists in the KTH Kerberos IV and Kerberos V Heimdal Telnet implementations. When a KTH Kerberos Telnet client requests data encryption and the server does not appear to support it, the client will establish the connection using no encryption. A properly located attacker...