Check the version of krb5-devel

Please Install the Updated Packages.

Kerberos is an authentication system which allows clients and services to authenticate to each other with the help of a trusted third party, a Kerberos Key Distribution Center (KDC). A buffer overflow was found in the KADM5 administration server (kadmind) when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind. (CVE-2014-4345) All krb5 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the krb5kdc and kadmind daemons will be restarted automatically.

krb5-devel on CentOS 5

Get the installed version with the help of detect NVT and check if the version is vulnerable or not.

• http://lists.centos.org/pipermail/centos-announce/2014-October/020678.html

---

Updated on 2015-03-25