FreeBSD : FreeBSD -- heimdal KDC-REP service name validation vulnerability (420243e9-a840-11e7-b5af-a4badb2f4699)
Medium Nessus Plugin ID 103656
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionThere is a programming error in the Heimdal implementation that used an unauthenticated, plain-text version of the KDC-REP service name found in a ticket. Impact : An attacker who has control of the network between a client and the service it talks to will be able to impersonate the service, allowing a successful man-in-the-middle (MITM) attack that circumvents the mutual authentication.
SolutionUpdate the affected packages.