Red Hat Bugzilla – Bug 143443
CAN-2004-1189 heap buffer overflow in password history mechanism [MITKRB5-SA-2004-004]
Last modified: 2007-11-30 17:10:57 EST
Probably also affect RHEL!
From Security Advisory:
The MIT Kerberos 5 administration library (libkadm5srv) contains a
heap buffer overflow in password history handling code which could be
exploited to execute arbitrary code on a Key Distribution Center (KDC)
host. The overflow occurs during a password change of a principal
with a certain password history state. An administrator must have
performed a certain password policy change in order to create the
An authenticated user, not necessarily one with administrative
privileges, could execute arbitrary code on the KDC host, compromising
an entire Kerberos realm.
*** This bug has been marked as a duplicate of 142904 ***
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.