The remote host is missing an update to krb5 announced via advisory FEDORA-2009-2852.
Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update krb5' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-2852
Update Information: This update incorporates patches to fix potential read overflow and NULL pointer dereferences in the implementation of the SPNEGO GSSAPI mechanism (CVE-2009-0844, CVE-2009-0845), attempts to free an uninitialized pointer during protocol parsing (CVE-2009-0846), and a bug in length validation during protocol parsing (CVE-2009-0847). ChangeLog: * Tue Apr 7 2009 Nalin Dahyabhai 1.6.3-18 - add patches for read overflow and null pointer dereference in the implementation of the SPNEGO mechanism (CVE-2009-0844, CVE-2009-0845) - add patch for attempt to free uninitialized pointer in libkrb5 (CVE-2009-0846) - add patch to fix length validation bug in libkrb5 (CVE-2009-0847) * Tue Mar 17 2009 Nalin Dahyabhai 1.6.3-17 - libgssapi_krb5: backport fix for some errors which can occur when we fail to set up the server half of a context (CVE-2009-0845)
CVE CVE-2009-0844, CVE-2009-0845, CVE-2009-0846, CVE-2009-0847
CVSS Base Score: 10.0