8.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
0.013 Low
EPSS
Percentile
85.9%
Kerberos is an authentication system which allows clients and services to
authenticate to each other with the help of a trusted third party, a
Kerberos Key Distribution Center (KDC).
A buffer overflow was found in the KADM5 administration server (kadmind)
when it was used with an LDAP back end for the KDC database. A remote,
authenticated attacker could potentially use this flaw to execute arbitrary
code on the system running kadmind. (CVE-2014-4345)
All krb5 users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
updated packages, the krb5kdc and kadmind daemons will be restarted
automatically.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | ppc64 | krb5-devel | < 1.6.1-80.el5_11 | krb5-devel-1.6.1-80.el5_11.ppc64.rpm |
RedHat | 5 | s390 | krb5-libs | < 1.6.1-80.el5_11 | krb5-libs-1.6.1-80.el5_11.s390.rpm |
RedHat | 5 | s390 | krb5-devel | < 1.6.1-80.el5_11 | krb5-devel-1.6.1-80.el5_11.s390.rpm |
RedHat | 5 | x86_64 | krb5-libs | < 1.6.1-80.el5_11 | krb5-libs-1.6.1-80.el5_11.x86_64.rpm |
RedHat | 5 | i386 | krb5-libs | < 1.6.1-80.el5_11 | krb5-libs-1.6.1-80.el5_11.i386.rpm |
RedHat | 5 | x86_64 | krb5-server-ldap | < 1.6.1-80.el5_11 | krb5-server-ldap-1.6.1-80.el5_11.x86_64.rpm |
RedHat | 5 | ppc | krb5-devel | < 1.6.1-80.el5_11 | krb5-devel-1.6.1-80.el5_11.ppc.rpm |
RedHat | 5 | s390x | krb5-debuginfo | < 1.6.1-80.el5_11 | krb5-debuginfo-1.6.1-80.el5_11.s390x.rpm |
RedHat | 5 | x86_64 | krb5-workstation | < 1.6.1-80.el5_11 | krb5-workstation-1.6.1-80.el5_11.x86_64.rpm |
RedHat | 5 | x86_64 | krb5-debuginfo | < 1.6.1-80.el5_11 | krb5-debuginfo-1.6.1-80.el5_11.x86_64.rpm |