Mandriva Update For Krb5 MDKSA-2007:007 (krb5) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability in the NVIDIA Xorg driver was discovered by Derek Abdine who found that it did not correctly verify the size of buffers used to render text glyphs, resulting in a crash of the server when displaying very long strings of text. If a user was tricked into viewing a specially crafted series of glyphs, this flaw could be exploited to run arbitrary code with root privileges. This vulnerability exists in driver versions 1.0-8762 and 1.0-8774 and is corrected in 1.0-8776 which is being provided with this update. The packages can be found in the non-free/updates media.

Affected

krb5 on Mandriva Linux 2007.0, Mandriva Linux 2007.0/X86_64

Severity

Classification

CVE CVE-2006-5379

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:049-1 (pycrypto)
Mandrake Security Advisory MDVSA-2009:030 (amarok)
Mandrake Security Advisory MDVSA-2009:189 (apache-mod_auth_mysql)
Mandrake Security Advisory MDVSA-2009:075 (firefox)
Mandrake Security Advisory MDVSA-2009:099 (openafs)

Mandriva Update for krb5 MDKSA-2007:007 (krb5)

Take action and discover your vulnerabilities