A null pointer dereference flaw was found in the MIT krb5 GSS-API library where certain invalid GSS-API tokens could cause a GSS-API acceptor (server, such as kadmind) to crash. An authenticated remote attacker could take advantage of this flaw to cause GSS-API application servers, that link against the GSS-API library, to crash. This flaw affects all known releases of MIT krb5 up to and including krb5-1.8.1. A patch to correct this is available from http://web.mit.edu/kerberos/advisories/2010-005-patch.txt This issue is known as CVE-2010-1321. Acknowledgements: Red Hat would like to thank the MIT Kerberos Team for responsibly reporting this issue. Upstream acknowledges Shawn Emery of Oracle as the original reporter.
This is now public: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-005.txt
krb5-1.6.3-31.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/krb5-1.6.3-31.fc11
krb5-1.7.1-9.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/krb5-1.7.1-9.fc12
krb5-1.7.1-10.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/krb5-1.7.1-10.fc13
This issue has been addressed in following products: Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2010:0423 https://rhn.redhat.com/errata/RHSA-2010-0423.html
krb5-1.7.1-10.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
krb5-1.6.3-31.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
krb5-1.7.1-9.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
Update 22 of Oracle/Sun Java also addresses CVE-2010-1321. Reference: http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
This issue has been addressed in following products: Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Via RHSA-2010:0770 https://rhn.redhat.com/errata/RHSA-2010-0770.html
This issue has been addressed in following products: Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Via RHSA-2010:0807 https://rhn.redhat.com/errata/RHSA-2010-0807.html
This issue has been addressed in following products: Extras for Red Hat Enterprise Linux 6 Via RHSA-2010:0873 https://rhn.redhat.com/errata/RHSA-2010-0873.html
This issue has been addressed in following products: Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Via RHSA-2010:0935 https://rhn.redhat.com/errata/RHSA-2010-0935.html
This issue has been addressed in following products: Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Extras for Red Hat Enterprise Linux 6 Via RHSA-2010:0987 https://rhn.redhat.com/errata/RHSA-2010-0987.html
This issue has been addressed in following products: Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Via RHSA-2011:0152 https://rhn.redhat.com/errata/RHSA-2011-0152.html
This issue has been addressed in following products: Red Hat Network Satellite Server v 5.4 Via RHSA-2011:0880 https://rhn.redhat.com/errata/RHSA-2011-0880.html