Patch: Kerberos Administration Daemon

Multiple Kerberos distributions contain a remotely exploitable buffer overflow in the Kerberos administration daemon. Remote attackers have exploited this vulnerability to gain root privileges on vulnerable systems.

Vulnerable systems are MIT Kerberos versions 4 and 5 up to and including krb5-1.2.6, KTH eBones prior to version 1.2.1, KTH Heimdal prior to version 0.5.1, and Kerberos implementations derived from vulnerable MIT or KTH code.

For a patch, click here.

Join the newsletter!

Error: Please check your email address.

More about MIT

Show Comments