CVE-2020-17049 is not only bypass acount is sensitive. You *CAN* obtain tickets with "Kerberos only delegation", not only with "protocol transition" Pre-requiste are still important, but attack surface is a little bit bigger :) Sorry for bad message @jakekarnes42

4:18 PM · Dec 10, 2020

2
51
165
I deleted previous tweets, cause I was wrong, and I do not want people to get wrong messages because of it. I suppose my 2016 test domain November update was enough to limit the scope?
1
0
12
Indeed it was , was focused on technical not on real release of updates 😬
0
0
2