USN-755-1: Kerberos vulnerabilities
7 April 2009
- krb5 -
Multiple flaws were discovered in the Kerberos GSS-API and ASN.1 routines
that did not correctly handle certain requests. An unauthenticated remote
attacker could send specially crafted traffic to crash services using
the Kerberos library, leading to a denial of service.
The problem can be corrected by updating your system to the following package versions:
After a standard system upgrade you need to restart any services using
the Kerberos libraries to effect the necessary changes.