Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200405-23] Heimdal: Kerberos 4 buffer overflow in kadmin Vulnerability Scan
Vulnerability Scan Summary
Heimdal: Kerberos 4 buffer overflow in kadmin
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200405-23
(Heimdal: Kerberos 4 buffer overflow in kadmin)
A buffer overflow was discovered in kadmind, a server for administrative
access to the Kerberos database.
By sending a specially formatted message to kadmind, a remote attacker may
be able to crash kadmind causing a denial of service, or execute arbitrary
code with the permissions of the kadmind process.
For a temporary workaround, providing you do not require Kerberos 4
support, you may turn off Kerberos 4 kadmin by running kadmind with the
All Heimdal users should upgrade to the latest stable version:
# emerge sync
# emerge -pv ">=app-crypt/heimdal-0.6.2"
# emerge ">=app-crypt/heimdal-0.6.2"
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.