Kerberos: Moderate Security Update
Users of Kerberos please be advised of a Moderate security update that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
RHSA-2010:0926-01: [RHSA-2010:0926-01] Moderate: krb5 security update
Product: Red Hat Enterprise Linux
Synopsis: Moderate: krb5 security update
3. Description:Kerberos is a network authentication system which allows clients and
servers to authenticate to each other using symmetric encryption and a
trusted third party, the Key Distribution Center (KDC).Multiple checksum validation flaws were discovered in the MIT Kerberos
implementation. A remote attacker could use these flaws to tamper with
certain Kerberos protocol packets and, possibly, bypass authentication
mechanisms in certain configurations using Single-use Authentication
Mechanisms. (CVE-2010-1323)
All krb5 users should upgrade to these updated packages, which contain a
backported patch to correct these issues. After installing the updated
packages, the krb5kdc daemon will be restarted automatically.
Reply