[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
- read forum
- new topic
- search

- meetings list
- recent additions
- add your info
 top 100 sites
- visit top sites
- sign up now
- members

- add your url
- add domain
- search box
- link to us

- our projects
- free email
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : Kerberos password authentication issues

Title: Kerberos password authentication issues
Released by:
Date: 28th August 2000
Printable version: Click here
Kerberos password authentication issues


Kerberized programs that perform password authentication may be

vulnerable to an attacker with the ability to spoof KDC responses

(either as a race condition on the LAN, or via DNS cache poisoning,

spoofed ICMP redirects or router advertisments, etc.).

This is an old, well-known issue among Kerberos developers, but with

more application developers adding Kerberos password authentication to

their software (esp. with the advent of such support in Windows 2000),

some review may be necessary.

Standard (undocumented) procedure for Kerberos password authentication

involves the acquisition of a Kerberos ticket-granting ticket (TGT)

using the user's password, verification of the TGT via acquisition of

a service ticket for the host itself, and verification of the service

ticket using the host's key (known only to the host and the real KDC).

However, many programs still allow login in certain exceptional cases,

as described in the BSD klogin.c:


          * If we got a TGT, get a local "rcmd" ticket and check it so

  * as to ensure that we are not talking to a bogus Kerberos server.


          * There are 2 cases where we still allow a login:

          *      1: the VERIFY_SERVICE doesn't exist in the KDC

          *      2: local host has no srvtab, as (hopefully) indicated by a

          *         return value of RD_AP_UNDEC from krb_rd_req().


Such cases are commonplace in large Kerberos realms with poorly

centralized administrative control, where participating hosts don't

always get keys, much less keytabs installed containing them.

The correct, arguably draconian behaviour is to simply disallow login

for these cases instead (as OpenBSD does). Programs without access to

the host's keytab, however, will always be vulnerable to such an

attack, as they have no way to verify the validity of a KDC reply.

Microsoft Kerberos v5 domain login in Windows 2000 is not vulnerable

to this attack, as it requires the recovery of authorization data in

the decrypted service ticket acquired with the TGT.

Demonstration code to perform Kerberos v4, v5, and AFS KDC AS spoofing:





(C) 1999-2000 All rights reserved.