2 matches found
Astra Linux – Vulnerability in freeipa
A vulnerability was discovered in FreeIPA regarding the initial implementation of MS-SFU by MIT Kerberos. This implementation lacked a condition for granting the “forwardable” flag on S4U2Self tickets. Fixing this issue required adding a special case for the checkallowedtodelegate function: If th...
freeipa: delegation rules allow a proxy service to impersonate any user to access another target service
A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos was missing a condition for granting the "forwardable" flag on S4U2Self tickets. Fixing this mistake required adding a special case for the checkallowedtodelegate function: If the target service...