MediumCheck or Attack Name: kerbbf
Using the Kerberos IV Brute Force attack, the Kerberos IV Key Distribution Center (KDC) enables anyone to request a ticket-granting ticket. Because certain parts of the ticket contents are known, and the ticket is encrypted with the user's password, attackers can mount a brute force attack on the KDC.
Obtain the latest Kerberos distribution from the Kerberos information site at http://web.mit.edu/network/kerberos-form.html.
Massachusetts Institute of Technology, Kerberos: The Network Authentication Protocol, http://web.mit.edu/kerberos/www/
CERT Advisory CA-96.03, Vulnerability in Kerberos 4 Key Server, http://www.cert.org/advisories/CA-96.03.kerberos_4_key_server.html
