Attacking and Fixing the Microsoft Windows Kerberos Login Service
The paper implemented and tested a recent attack called pass-the-ticket on various real Kerberos implementations. The attack allows a malicious user to physically login as a different one on a target host, under the assumption he is able to mount a man-in-the-middle attack between the attacked host and the Kerberos server. The results are that all recent Microsoft Windows operating systems are vulnerable to the attack while the MIT Kerberos implementation version 1.6.3, tested on Linux, is not. The paper has reported through CERT the vulnerability to Microsoft that will fix it in the next service pack.