USN-1290-1: Kerberos vulnerability
8 December 2011
The Kerberos Key Distribution Center (KDC) could be made to crash.
Releases
Packages
- krb5 - MIT Kerberos Network Authentication Protocol
Details
Simo Sorce discovered that a NULL pointer dereference existed in
the Kerberos Key Distribution Center (KDC). An authenticated remote
attacker could use this to cause a denial of service.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 11.10
In general, a standard system update will make all the necessary changes.