Your submission was sent successfully! Close

USN-755-1: Kerberos vulnerabilities

7 April 2009

Kerberos vulnerabilities




Multiple flaws were discovered in the Kerberos GSS-API and ASN.1 routines
that did not correctly handle certain requests. An unauthenticated remote
attacker could send specially crafted traffic to crash services using
the Kerberos library, leading to a denial of service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 8.10
Ubuntu 8.04
Ubuntu 7.10
Ubuntu 6.06

After a standard system upgrade you need to restart any services using
the Kerberos libraries to effect the necessary changes.