Red Hat Security Advisory 2015-0794-01

Discussion in 'News Aggregator' started by Packet Storm, 10 Apr 2015.

  1. Packet Storm

    Packet Storm Guest

    Red Hat Security Advisory 2015-0794-01 - Kerberos is a networked authentication system which allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos KDC. The following security issues are fixed with this release: A use-after-free flaw was found in the way the MIT Kerberos libgssapi_krb5 library processed valid context deletion tokens. An attacker able to make an application using the GSS-API library could call the gss_process_context_token() function and use this flaw to crash that application.

    Continue reading...
     

Share This Page

Loading...