Oval Definition:oval:com.redhat.rhsa:def:20050045
Revision Date:2005-02-15Version:502
Title:RHSA-2005:045: krb5 security update (Moderate)
Description:Kerberos is a networked authentication system that uses a trusted third party (a KDC) to authenticate clients and servers to each other.

A heap based buffer overflow bug was found in the administration library of Kerberos 1.3.5 and earlier. This bug could allow an authenticated remote attacker to execute arbitrary commands on a realm's master Kerberos KDC. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1189 to this issue.

All users of krb5 should upgrade to these updated packages, which contain backported security patches to resolve these issues.
Family:unixClass:patch
Status:Reference(s):CVE-2004-1189
RHSA-2005:045-01
Platform(s):Red Hat Enterprise Linux 4
Product(s):
Definition Synopsis
  • Red Hat Enterprise Linux 4 is installed
  • AND Package Information
  • krb5-libs is earlier than 0:1.3.4-10
  • AND krb5-libs is signed with Red Hat master key
  • OR
  • krb5-devel is earlier than 0:1.3.4-10
  • AND krb5-devel is signed with Red Hat master key
  • OR
  • krb5-server is earlier than 0:1.3.4-10
  • AND krb5-server is signed with Red Hat master key
  • OR
  • krb5 is earlier than 0:1.3.4-10
  • AND krb5 is signed with Red Hat master key
  • OR
  • krb5-workstation is earlier than 0:1.3.4-10
  • AND krb5-workstation is signed with Red Hat master key
    • BACK