Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 510
Alerts This Week
Warning Icon 1 510

openSUSE 11.4/11.3: 2012:0051-1 Important: krb5-appl Remote Execution

opensuse
Calendar Grey January 5, 2012
Dist Opensuse Esm H88
Important Ubuntu patch fixes gdm3 memory leak vulnerability impacting greeter. Update your systems immediately!
An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata is ...

Description

This update of krb5 applications fixes two security issues.

CVE-2011-4862: A remote code execution in the kerberized

telnet daemon was fixed. (This only affects the ktelnetd

from the krb5-appl RPM, not the regular telnetd supplied by

SUSE.)

CVE-2011-1526 / MITKRB5-SA-2011-005: Fixed krb5 ftpd

unauthorized file access problems.

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch krb5-appl-5593

- openSUSE 11.3:

zypper in -t patch krb5-appl-5593

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 11.4 (i586 x86_64):

krb5-appl-clients-1.0-7.12.1

krb5-appl-servers-1.0-7.12.1

- openSUSE 11.3 (i586 x86_64):

krb5-appl-clients-1.0-4.5.1

krb5-appl-servers-1.0-4.5.1

References

https://www.suse.com/security/cve/CVE-2011-4862.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2012:0051-1
Rating: important
Affected Products: openSUSE 11.4 openSUSE 11.3

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.