Scientific Linux Security Update : krb5 on SL3.x, SL4.x, SL5.x i386/x86_64
Medium Nessus Plugin ID 60793
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionA NULL pointer dereference flaw was discovered in the MIT Kerberos Generic Security Service Application Program Interface (GSS-API) library. A remote, authenticated attacker could use this flaw to crash any server application using the GSS-API authentication mechanism, by sending a specially crafted GSS-API token with a missing checksum field. (CVE-2010-1321)
All running services using the MIT Kerberos libraries must be restarted for the update to take effect.
SolutionUpdate the affected packages.