Apache mod_auth_kerb <= 5.20 Buffer Overflow
Low Nessus Network Monitor Plugin ID 3816
SynopsisThe remote host is vulnerable to a buffer overflow.
DescriptionThe remote host is running the Apache mod_auth_kerb Kerberos authentication module. This version of mod_auth_kerb is reported to be vulnerable to a remote buffer overflow. The details of the attack are not yet known, however, it is alleged that an attacker would be able to crash the system or execute arbitrary code. In order to exploit this flaw, an attacker would only need to send a malformed Kerberos authentication request.
SolutionUpgrade to a version higher than 5.20.