Press CTRL-D to bookmark us
Welcome Guest Login / Register / Members
Search in  
Top Submit newsSubscribe
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
 

 Sponsored links

Want to become one of our authors and see your work published on ALLSeek.iNFO ?
 
 Heimdal Kerberos 'kadmind' Buffer Overflow Lets Remote Users Execute Arbitrary Code With Root Privileges
Categorie: Vulnerability
Posted: 2002-10-24 by ReCall
Views: 326
Source: Click here
 		Current Rating: Not rated
Poor Best
 Details
<b>Description:</b> A buffer overflow vulnerability was reported in 'kadmind', the administrative access server for the Kerberos database in the Heimdal distribution. A remote user may be able to execute arbitrary code on the system with root level privileges.



It is reported that kadmind in Heimdal releases earlier than 0.5.1 has a buffer overflow in the kerberos version 4 compatibility code. If compiled with support for the Kerberos 4 kadmin protocol, kadmind is vulnerable.



A remote user can cause arbitrary code to be executed with root level privileges.



To determine if kadmind is vulnerable you can run:



# /usr/heimdal/libexec/kadmind --version

kadmind (Heimdal 0.5.1, KTH-KRB 1.2)

Copyright (c) 1999-2002 Kungliga Tekniska H gskolan

Send bug-reports to heimdal-bugs@pdc.kth.se



Non-vulnerable versions reportedly include Heimdal 0.5.1 and binaries that do *not* show a Kerberos 4 version string (KTH- KRB 1.2 in the example).



Impact: A remote user can execute arbitrary code with root privileges to gain root access on the system.



<b>Solution:</b> The vendor has released a fixed version (0.5.1), available at:



ftp://ftp.pdc.kth.se/pub/heimdal/src



If you are running a version older than 0.5.1 and have Kerberos 4 support enabled in kadmind, the vendor indicates that you should disable it until you have time to upgrade.
 
Syndication
Permalink Email this

The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=127

User comments (post your comments here)

Only registerd members can post comments and articles
 
Previous articleBack to news listNext article
 


InterJOB.su
Bookmark us | Set As Homepage | Advertising | Contact Us | Recomend us | Link us | Links | Terms

SpyLOG Page Rank Checker
LAST QUERIES