lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Tue, 30 Aug 2005 18:00:22 +0100
From: "Andrew McCullough" <amccullough@...eus.co.uk>
To: <bugtraq@...urityfocus.com>
Subject: MS05-042 Security Update Problems


Hello All,

Has anyone else experienced problems after applying the Kerberos
Security Update? We're running 2k3 server (Enterprise) as a DC with
standard application set. Following the application of this patch we
started seeing Kerberos and KDC issues. Once the patch had been applied
we started seeing KDC (event ID 7) errors - "The Security Account
Manager failed a KDC request in an unexpected way" and this error
repeated for each DC on our domain.

Following this, we started seeing Kerberos errors - Kerberos (event ID
4) - The Kerberos client received a KRB_AP_ERR_MODIFIED error from the
server computername. The target name was cifs/anothercomputer. This
indicates that the password used to encrypt the Kerberos service ticket
is different than that on the target server.

This error had not appeared previously and no changes had been made to
the mentioned computer or the target.

We also experienced issues with a fileserver local to this DC being
unable to print - presumably due to being unable to authenticate printer
users. 

Having removed the Kerberos patch from the problem DC all appears to
have returned to normal, however we'd like to know if anyone else has
had this problem or if there are any ways to resolve the issues we had?

Thanks in advance,

Andy McCullough
Information Technology & Telecommunications
WorkDirections UK
Email: amccullough@...kdirections.co.uk


Andrew McCullough
Information Technology & Telecommunications
WorkDirections UK
Email: amccullough@...kdirections.co.uk
 


**********************************************************************
The information, including attachments, contained in this e-mail is confidential and may be subject to legal professional privilege. It is intended solely for the addressee. If you receive this e-mail by mistake please promptly inform us by reply e-mail and then delete the e-mail and destroy any printed copy. You must not disclose or use in any way the information in the e-mail. 



There is no warranty that this email is error or virus free. It may be a private communication, and if so, does not represent the views of the Ingeus Group of Companies or its management. If it is a private communication, care should be taken in opening it to ensure that undue offence is not given.

**********************************************************************

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ