Scientific Linux SL6.x Moderate: CVE-2011-0285 krb5 Remote Attack

Apr 15, 2011 •

LinuxSecurity Advisories

1 - 2 min read

Scientific Large Esm H500

Topics Covered

security advisory remote attack moderate severity krb5 scientific linux

Moderate: krb5 security update

Date: Fri, 15 Apr 2011 10:05:52 -0500
Reply-To: Troy Dawson 
Sender: Security Errata for Scientific Linux

From: Troy Dawson 
Subject: Security ERRATA Moderate: krb5 on SL6.x i386/x86_64
Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it."

MIME-Version: 1.0

Synopsis:	Moderate: krb5 security update
Issue date:	2011-04-14
CVE Names:	CVE-2011-0285

An invalid free flaw was found in the password-changing capability of
the MIT Kerberos administration daemon, kadmind. A remote,
unauthenticated attacker could use this flaw to cause kadmind to abort
via a specially-crafted request. (CVE-2011-0285)

After installing the updated packages, the kadmind daemon will be
restarted automatically.

SL 6.x

 SRPMS:
krb5-1.8.2-3.el6_0.7.src.rpm
 i386:
krb5-devel-1.8.2-3.el6_0.7.i686.rpm
krb5-libs-1.8.2-3.el6_0.7.i686.rpm
krb5-pkinit-openssl-1.8.2-3.el6_0.7.i686.rpm
krb5-server-1.8.2-3.el6_0.7.i686.rpm
krb5-server-ldap-1.8.2-3.el6_0.7.i686.rpm
krb5-workstation-1.8.2-3.el6_0.7.i686.rpm
 x86_64:
krb5-devel-1.8.2-3.el6_0.7.i686.rpm
krb5-devel-1.8.2-3.el6_0.7.x86_64.rpm
krb5-libs-1.8.2-3.el6_0.7.i686.rpm
krb5-libs-1.8.2-3.el6_0.7.x86_64.rpm
krb5-pkinit-openssl-1.8.2-3.el6_0.7.x86_64.rpm
krb5-server-1.8.2-3.el6_0.7.x86_64.rpm
krb5-server-ldap-1.8.2-3.el6_0.7.i686.rpm
krb5-server-ldap-1.8.2-3.el6_0.7.x86_64.rpm
krb5-workstation-1.8.2-3.el6_0.7.x86_64.rpm

- Scientific Linux Development Team

Powered By

Linux Security Footer

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Your message here