nOf
the 32 seed bits, only 20 bits really change with any frequency, so Kerberos
v4 keys (in the MIT implementation) only have 20 bits of randomness
nThey
could be brute-force discovered in seconds
nThe
hole was in the MIT Kerberos sources for seven years!