Mandrake Linux Security Advisory : krb5 (MDKSA-2002:057)
Critical Nessus Plugin ID 13958
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionThe network authentication system in Kerberos 5 contains an RPC library that includes an XDR decoder derived from Sun's RPC implementation. This implemenation is vulnerable to a heap overflow.
With Kerberos, it is believed that an attacker would need to be able to successfully authenticate to kadmin to be able to exploit this vulnerability.
SolutionUpdate the affected packages.