KTH Kerberos Development Team Affected

Notified:  December 17, 2001 Updated: December 20, 2001

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

MIT Kerberos Development Team Not Affected

Notified:  December 18, 2001 Updated: February 10, 2002

Status

Not Affected

Vendor Statement

MIT Kerberos Telnet enforces the client's request to use encryption and aborts the connection if authentication or encryption cannot be negotiated.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.