SynopsisThe remote Debian host is missing a security-related update.
DescriptionDerek Chan discovered that the PAM module for the Heimdal Kerberos implementation allows reinitialisation of user credentials when run from a setuid context, resulting in potential local denial of service by overwriting the credential cache file or to local privilege escalation.
SolutionUpgrade the libpam-heimdal package.
For the stable distribution (etch), this problem has been fixed in version 2.5-1etch1.
For the upcoming stable distribution (lenny), this problem has been fixed in version 3.10-2.1.