openSUSE 10 Security Update : krb5 (krb5-3045)
High Nessus Plugin ID 27308
SynopsisThe remote openSUSE host is missing a security update.
DescriptionA bug in the function krb5_klog_syslog() leads to a buffer overflow which could be exploited to execute arbitrary code (CVE-2007-0957).
A double-free bug in the GSS-API library could crash kadmind. It's potentially also exploitable to execute arbitrary code (CVE-2007-1216).
SolutionUpdate the affected krb5 packages.