Debian Information for VU#686862
MIT Kerberos 5 krb5_aname_to_localname() contains several heap overflows
- Vendor Information Help Date Notified: 02 Jun 2004
- Statement Date:
- Date Updated: 03 Jun 2004
It's a very low impact bug in aggrigate because the configuration is not the default and is poorly documented.
This problem is present in the version of Kerberos in woody.
Debian will release updated packages shortly.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.