Ubuntu Update For Krb5, Librpcsecgss Vulnerability USN-511-2 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-511-2

Solution

Please Install the Updated Packages.

Insight

USN-511-1 fixed vulnerabilities in krb5 and librpcsecgss. The fixes were incomplete, and only reduced the scope of the vulnerability, without fully solving it. This update fixes the problem. Original advisory details: It was discovered that the libraries handling RPCSEC_GSS did not correctly validate the size of certain packet structures. An unauthenticated remote user could send a specially crafted request and execute arbitrary code with root privileges.

Affected

krb5, librpcsecgss vulnerability on Ubuntu 6.06 LTS , Ubuntu 6.10 , Ubuntu 7.04

Severity

Classification

CVE CVE-2007-4743
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Ubuntu Update for devhelp, epiphany-browser, midbrowser, yelp update USN-626-2
Ubuntu Update for base-files vulnerability USN-968-1
Ubuntu Update for cupsys vulnerabilities USN-598-1
Ubuntu Update for clamav USN-2488-2
Ubuntu Update for avahi vulnerabilities USN-992-1

Ubuntu Update for krb5, librpcsecgss vulnerability USN-511-2

Take action and discover your vulnerabilities