USN-755-1: Kerberos vulnerabilities

07 April 2009

Kerberos vulnerabilities

Releases

Packages

Details

Multiple flaws were discovered in the Kerberos GSS-API and ASN.1 routines
that did not correctly handle certain requests. An unauthenticated remote
attacker could send specially crafted traffic to crash services using
the Kerberos library, leading to a denial of service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 8.10
Ubuntu 8.04
Ubuntu 7.10
Ubuntu 6.06

After a standard system upgrade you need to restart any services using
the Kerberos libraries to effect the necessary changes.