Bug 77004
Summary: | Buffer overflow in kadmind4 supplied with krb5 | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | jian liu <jian.liu> |
Component: | krb5 | Assignee: | Nalin Dahyabhai <nalin> |
Status: | CLOSED ERRATA | QA Contact: | Brian Brock <bbrock> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 7.2 | Keywords: | Security |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
URL: | http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2002-002-kadm4.txt | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2002-11-01 17:40:13 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
jian liu
2002-10-30 20:23:06 UTC
Releases of Red Hat Linux version 6.2 and higher include versions of MIT Kerberos that are vulnerable to this issue; however the vulnerable administration server, kadmind4, has never been enabled by default. We are currently working on producing errata packages. When complete these will be available along with our advisory at the URL below. At the same time users of the Red Hat Network will be able to update their systems using the 'up2date' tool. http://rhn.redhat.com/errata/RHSA-2002-242.html |