Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 551
Alerts This Week
Warning Icon 1 551

Scientific Linux SL5: SLSA-2014:1255-1 Moderate KRB5 Buffer Overflow

Scientific Large Esm H446
Moderate: krb5 security update
Date: Mon, 13 Oct 2014 17:51:38 +0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Bonnie King 
Subject: Security ERRATA Moderate: krb5 on SL5.x i386/x86_64
MIME-Version: 1.0

Synopsis: Moderate: krb5 security update
Advisory ID: SLSA-2014:1255-1
Issue Date: 2014-09-17
CVE Numbers: CVE-2014-4345
--

A buffer overflow was found in the KADM5 administration server (kadmind)
when it was used with an LDAP back end for the KDC database. A remote,
authenticated attacker could potentially use this flaw to execute
arbitrary code on the system running kadmind. (CVE-2014-4345)

After installing the updated packages, the krb5kdc and kadmind daemons
will be restarted automatically.
--

SL5
 x86_64
 krb5-debuginfo-1.6.1-80.el5_11.i386.rpm
 krb5-debuginfo-1.6.1-80.el5_11.x86_64.rpm
 krb5-libs-1.6.1-80.el5_11.i386.rpm
 krb5-libs-1.6.1-80.el5_11.x86_64.rpm
 krb5-workstation-1.6.1-80.el5_11.x86_64.rpm
 krb5-devel-1.6.1-80.el5_11.i386.rpm
 krb5-devel-1.6.1-80.el5_11.x86_64.rpm
 krb5-server-1.6.1-80.el5_11.x86_64.rpm
 krb5-server-ldap-1.6.1-80.el5_11.x86_64.rpm
 i386
 krb5-debuginfo-1.6.1-80.el5_11.i386.rpm
 krb5-libs-1.6.1-80.el5_11.i386.rpm
 krb5-workstation-1.6.1-80.el5_11.i386.rpm
 krb5-devel-1.6.1-80.el5_11.i386.rpm
 krb5-server-1.6.1-80.el5_11.i386.rpm
 krb5-server-ldap-1.6.1-80.el5_11.i386.rpm

- Scientific Linux Development Team