Patch: Kerberos Administration Daemon

Multiple Kerberos distributions contain a remotely exploitable buffer overflow in the Kerberos administration daemon. Remote attackers have exploited this vulnerability to gain root privileges on vulnerable systems.

Vulnerable systems are MIT Kerberos versions 4 and 5 up to and including krb5-1.2.6, KTH eBones prior to version 1.2.1, KTH Heimdal prior to version 0.5.1, and Kerberos implementations derived from vulnerable MIT or KTH code.

For a patch, click here.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about MIT

Show Comments