FreeBSD Information for VU#759265
Kerberos client code buffer overflow in kdc_reply_cipher()
- Vendor Information Help Date Notified: 11 Dec 2000
- Statement Date:
- Date Updated: 14 Dec 2000
Status
Affected
Vendor Statement
FreeBSD includes the externally maintained KTH Kerberos software as an optional component of the FreeBSD base system. Therefore, systems which have installed the Kerberos 4 components are vulnerable to these problems as described in the CERT advisory. Patches have been committed to the FreeBSD source tree and an advisory will be released shortly detailing the precise impact on vulnerable FreeBSD systems.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Vendor References
None
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.