Mandriva Linux Security Advisory 2010-245 - A vulnerability was discovered and corrected in krb5. An unauthenticated remote attacker could alter a SAM-2 challenge, affecting the prompt text seen by the user or the kind of response sent to the KDC. Under some circumstances, this can negate the incremental security benefit of using a single-use authentication mechanism token. An unauthenticated remote attacker has a 1/256 chance of forging KRB-SAFE messages in an application protocol if the targeted pre-existing session uses an RC4 session key. Few application protocols use KRB-SAFE messages.
c1eb3def1ba7ba3f94fbeddefddd6d6b778fe703923015422bedd0977a5d2938