Sun Alert 256728 Multiple Security Vulnerabilities in the Solaris Kerberos 'Mech' Libraries May Lead To Execution of Arbitrary Code, Unauthorized Access to Data or a Denial of Service (DoS) Condition

Product: Sun Enterprise Authentication Mechanism 1.0.1 Solaris 9 Operating System Solaris 10 Operating System OpenSolaris

Multiple security vulnerabilities in the Solaris Kerberos (see kerberos(5)) mech_krb5 library and the mech_spnego(5) library may allow remote unprivileged users to cause certain Kerberos applications and daemons, including the Kerberos administration daemon (kadmind(1M)) to crash. These issues may also lead to unauthorized information disclosure and execution of arbitrary code with the privileges of the root user.

These issues are also described in the following documents:


These issues are also described in the following documents:


State: Resolved
First released: 07-Apr-2009
Comments:

Post a Comment:
Comments are closed for this entry.
About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
2
3
4
5
6
7
8
9
10
11
12
13
14
16
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today