Ubuntu Security Notice : USN-940-2 Kerberos vulnerability

Users of Ubuntu Security Notice please be advised of an USN-940-2 Kerberos vulnerability that has been identified.

To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Amplify’d from www.criticalwatch.com

USN-940-2: USN-940-2 Kerberos vulnerability

Ubuntu Security Notice

A security issue affects the following Ubuntu releases: Ubuntu 10.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 10.04 LTS: krb5-admin-server 1.8.1+dfsg-2ubuntu0.2 In general, a standard system update will make all the necessary changes. Details follow: USN-940-1 fixed vulnerabilities in Kerberos. This update provides the corresponding updates for Ubuntu 10.04.

Original advisory details: Joel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos did not correctly verify certain packet structures. An unauthenticated remote attacker could send specially crafted traffic to cause the KDC or kadmind services to crash, leading to a denial of service. (CVE-2010-1320, CVE-2010-1321) Read more at www.criticalwatch.com

 

See this Amp at http://bit.ly/9YvsUp