Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Apache mod_auth_kerb <= 5.20 Buffer Overflow

Low

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running the Apache mod_auth_kerb Kerberos authentication module. This version of mod_auth_kerb is reported to be vulnerable to a remote buffer overflow. The details of the attack are not yet known, however, it is alleged that an attacker would be able to crash the system or execute arbitrary code. In order to exploit this flaw, an attacker would only need to send a malformed Kerberos authentication request.

Solution

Upgrade to a version higher than 5.20.