The widely used Kerberos authentication protocol has a flaw in it that could be exploited by malicious hackers, according to TheRegister. The issue is believed to be serious and at least one exploit is known to exist "in the wild". The hole, which affects MIT Kerberos 5 up to and including krb5-1.2.6 and all Kerberos 4 versions, potentially allows malicious users to gain root access to authentication servers.
A stack buffer overflow in the implementation of the Kerberos version 4 compatibility administration daemon (kadmind4) of the MIT krb5 distribution has been identified as the root cause of the problem. The kadmind4 daemon supplied with MIT krb5 is intended for use in sites that require compatibility with legacy administrative clients. Sites that do not have this requirement are not likely to be running this daemon.
Kerberos, which was developed by MIT, is a widely used means for securely authenticating a request for a service in a computer network. [TheRegister]
Sun joins WS-I board
In a move that may signal the end of hostilities over Web services standards, Sun Microsystems has joined the Web Services Interoperability (WS-I) board, a body backed primarily by IBM and Microsoft. According to CBROnline, the company says it joined WS-I as a result of requests from analysts, the media and WS-I members.
Joining the WS-I organisation ends months of tension between Sun and the other WS-I members. The company initiated its campaign to become a board member earlier this year, after the WS-I was founded, without Sun, in February by 50 organisations. The company called its exclusion "inconceivable", while Microsoft said it could see no need to expand the board and in so doing, allow Sun to join. Things worsened in April, when Sun cast doubts over the agenda of certain WS-I members, in particular IBM. Sun said it was likely that IBM would try to exact royalties from patented technologies that it allowed to be used in the WS-I`s work. [CBROnline]
HP plans dual-core Itanium
While Intel does not plan to get dual-core 64-bit Itanium processors into the field until sometime in the middle of this decade, HP, which has staked its future on the Itaniums, can`t sit around and wait for Intel while its competitors all deliver or ready their own dual core processors for enterprise servers. This is why HP is planning to deliver a dual-core PA-8800 next year. HP appears to have figured out a way to package two Itanium chips together in a single package so they can plug into one slot.
It`s not two cores on a single chip, but two processors side-by-side, sharing one slot and a single L2 cache memory. This will allow HP to double the SMP scalability of its servers without having to significantly re-engineer its server platforms.
IBM was the first to market with a dual-core processor, with the 1.1GHz and 1.3GHz Power4 chips that made their debut in the pSeries 690 server in October 2001. That chip includes two full Power4 cores, a shared 1.5MB L1/L2 cache, and the interconnection electronics to create an eight-way SMP module from four Power4 chips, all packaged on a single multi-chip module. Both Sun and HP are known to be working on dual-core chips in their respective UltraSparc and PA-RISC processors. [CBROnline]
Share