Ubuntu 6.06 LTS / 6.10 : krb5 vulnerability (USN-408-1)
High Nessus Plugin ID 27996
SynopsisThe remote Ubuntu host is missing one or more security-related patches.
DescriptionThe server-side portion of Kerberos' RPC library had a memory management flaw which allowed users of that library to call a function pointer located in unallocated memory. By doing specially crafted calls to the kadmind server, a remote attacker could exploit this to execute arbitrary code with root privileges on the target computer.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected packages.