MIT Kerberos 5 KAdminD Server Rename_Principal_2_SVC() Function Stack Buffer Overflow Vulnerability

MIT Kerberos 5 KAdminD Server Rename_Principal_2_SVC() Function Stack Buffer Overflow Vulnerability

Solution:
The vendor has released fixes to address this issue. Please see the references for more information.

Sun Solaris 10.0

Sun 120473-12
http://sunsolve.sun.cmo/patches/

Sun T120473-12
http://sunsolve.sun.com/tpatches

Sun SEAM 1.0.1

Sun 110060-22
SPARC platform
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -110060-22-1

Sun 110061-22
x86 platform
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -110061-22-1

MIT Kerberos 5 1.5.3

MIT 2007-005-patch.txt
http://web.mit.edu/kerberos/advisories/2007-005-patch.txt

Apple Mac OS X Server 10.3.9

Apple SecUpdSrvr2007-007Pan.dmg For Mac OS X Server v10.3.9
http://www.apple.com/support/downloads/

Apple Mac OS X 10.3.9

Apple SecUpd2007-007Pan.dmg For Mac OS X v10.3.9
http://www.apple.com/support/downloads/

Apple Mac OS X 10.4.10

Apple SecUpd2007-007Ti.dmg For Mac OS X v10.4.10 (PowerPC)
http://www.apple.com/support/downloads/

Apple SecUpd2007-007Univ.dmg For Mac OS X v10.4.10 (Universal)
http://www.apple.com/support/downloads/

SGI ProPack 3.0 SP6

SGI Patch 10421
ftp://oss.sgi.com/projects/sgi_propack/download/

Trustix Secure Linux 3.0

Trustix kerberos5-1.4.1-9tr.i586.rpm
ftp://ftp.trustix.org/pub/trustix/updates/

Trustix kerberos5-devel-1.4.1-9tr.i586.rpm
ftp://ftp.trustix.org/pub/trustix/updates/

Trustix kerberos5-libs-1.4.1-9tr.i586.rpm
ftp://ftp.trustix.org/pub/trustix/updates/

Trustix Secure Linux 3.0.5

Trustix kerberos5-1.4.3-5tr.i586.rpm
ftp://ftp.trustix.org/pub/trustix/updates/

Trustix kerberos5-devel-1.4.3-5tr.i586.rpm
ftp://ftp.trustix.org/pub/trustix/updates/

Trustix kerberos5-libs-1.4.3-5tr.i586.rpm
ftp://ftp.trustix.org/pub/trustix/updates/