Security 10808 Published by

Red Hat has released an updated krb5 package which fix a remote buffer overflow:

"The Kerberos 5 network authentication system contains an RPC library which includes an XDR decoder derived from Sun's RPC implementation. The Sun implementation was recently demonstrated to be vulnerable to a heap overflow. It is believed that the attacker needs to be able to authenticate to the kadmin daemon for this attack to be successful. No exploits are known to currently exist."

Download