MIT Kerberos 5 KAdminD Server Rename_Principal_2_SVC() Function Stack Buffer Overflow Vulnerability

MIT Kerberos 5 KAdminD Server Rename_Principal_2_SVC() Function Stack Buffer Overflow Vulnerability

References:

HPSBUX02544 SSRT100107 rev.1 - HP-UX Running Kerberos, Remote Denial of Service (HP)
Kerberos Homepage (MIT)
VU#554257 (US-CERT)
iDefense Security Advisory 06.26.07: Multiple Vendor Kerberos kadmind (labs-no-reply@idefense.com)
MITKRB5-SA-2007-005: kadmind vulnerable to buffer overflow (tlyu@MIT.EDU)
ASA-2007-294 krb5 security update (RHSA-2007-0562) (Avaya)
Avaya Security Advisory ASA-2007-304: Security Vulnerability in the Kerberos Adm (Avaya Inc )
Multiple Vendor Kerberos kadmind Rename Principal Buffer Overflow Vulnerability (iDefense Labs)
RHSA-2007:0384-4: krb5 security update (Red Hat)
RHSA-2007:0562-2: krb5 security update (Red Hat)
Security Vulnerability: kadmind stack buffer overflow vulnerability (Novell)
Sun Alert ID: 102985 Security Vulnerability in the Kerberos Administration Daemo (Sun)

Privacy Statement
Copyright 2010, SecurityFocus