Ubuntu Update For Krb5 Vulnerabilities USN-916-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-916-1

Solution

Please Install the Updated Packages.

Insight

Emmanuel Bouillon discovered that Kerberos did not correctly handle certain message types. An unauthenticated remote attacker could send specially crafted traffic to cause the KDC to crash, leading to a denial of service. (CVE-2010-0283) Nalin Dahyabhai, Jan iankko Lieskovsky, and Zbysek Mraz discovered that Kerberos did not correctly handle certain GSS packets. An unauthenticated remote attacker could send specially crafted traffic that would cause services using GSS-API to crash, leading to a denial of service. (CVE-2010-0628)

Affected

krb5 vulnerabilities on Ubuntu 9.10

Severity

Classification

CVE CVE-2010-0283, CVE-2010-0628
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Ubuntu Update for dhcp vulnerability USN-531-1
Ubuntu Update for bash USN-2362-1
Ubuntu Update for bash USN-2363-2
Ubuntu Update for eglibc USN-1396-1
Ubuntu Update for ffmpeg vulnerability USN-630-1

Ubuntu Update for krb5 vulnerabilities USN-916-1

Take action and discover your vulnerabilities