|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200405-23] Heimdal: Kerberos 4 buffer overflow in kadmin Vulnerability Scan
Vulnerability Scan Summary Heimdal: Kerberos 4 buffer overflow in kadmin
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200405-23
(Heimdal: Kerberos 4 buffer overflow in kadmin)
A buffer overflow was discovered in kadmind, a server for administrative
access to the Kerberos database.
Impact
By sending a specially formatted message to kadmind, a remote attacker may
be able to crash kadmind causing a denial of service, or execute arbitrary
code with the permissions of the kadmind process.
Workaround
For a temporary workaround, providing you do not require Kerberos 4
support, you may turn off Kerberos 4 kadmin by running kadmind with the
--no-kerberos4 option.
References:
http://www.pdc.kth.se/heimdal/advisory/2004-05-06/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0434
Solution:
All Heimdal users should upgrade to the latest stable version:
# emerge sync
# emerge -pv ">=app-crypt/heimdal-0.6.2"
# emerge ">=app-crypt/heimdal-0.6.2"
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|