Packages
- krb5 -
Details
It was discovered that krb5 did not correctly handle certain krb4
requests. An unauthenticated remote attacker could exploit this flaw
by sending a specially crafted traffic, which could expose sensitive
information, cause a crash, or execute arbitrary code. (CVE-2008-0062,
CVE-2008-0063)
A flaw was discovered in the kadmind service's handling of file
descriptors. An unauthenticated remote attacker could send specially
crafted requests that would cause a crash, resulting in a denial of
service. Only systems with configurations allowing large numbers of
open file descriptors were vulnerable. (CVE-2008-0947)
It was discovered that krb5 did not correctly handle certain krb4
requests. An unauthenticated remote attacker could exploit this flaw
by sending a specially crafted traffic, which could expose sensitive
information, cause a crash, or execute arbitrary code. (CVE-2008-0062,
CVE-2008-0063)
A flaw was discovered in the kadmind service's handling of file
descriptors. An unauthenticated remote attacker could send specially
crafted requests that would cause a crash, resulting in a denial of
service. Only systems with configurations allowing large numbers of
open file descriptors were vulnerable. (CVE-2008-0947)
Update instructions
In general, a standard system upgrade is sufficient to effect the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 7.10 gutsy | libkrb53 – 1.6.dfsg.1-7ubuntu0.1 | ||
| libkadm55 – 1.6.dfsg.1-7ubuntu0.1 | |||
| 7.04 feisty | libkrb53 – 1.4.4-5ubuntu3.4 | ||
| libkadm55 – 1.4.4-5ubuntu3.4 | |||
| 6.10 edgy | libkrb53 – 1.4.3-9ubuntu1.6 | ||
| libkadm55 – 1.4.3-9ubuntu1.6 | |||
| 6.06 dapper | libkrb53 – 1.4.3-5ubuntu0.7 | ||
| libkadm55 – 1.4.3-5ubuntu0.7 | |||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.