Red Hat Inc. Information for VU#885830
MIT Kerberos 5 allows unauthenticated attacker to cause MIT krb5 Key Distribution Center to overflow a heap buffer by one byte
- Vendor Information Help Date Notified: 10 May 2005
- Statement Date:
- Date Updated: 11 Jul 2005
Red Hat, Inc
This issue affects the Kerberos packages shipped with Red Hat Enterprise
Linux. For Red Hat Enterprise Linux 2.1 and Red Hat Enterprise Linux 3
this issue is critical severity. Please see our advisory for more
Red Hat Enterprise Linux 4 contains checks within glibc that detect
double-free flaws. Therefore on Red Hat Enterprise Linux 4 successful
exploitation of this issue can only lead to a denial of service (KDC
crash) which is important severity. Please see our advisory for more
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.