2018-07-26 15:00:00
redhat
PUBLISHED
An authentication bypass flaw was found in the way krb5s certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances.