Ubuntu Update For Krb5, Librpcsecgss Vulnerability USN-511-2 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-511-2

Solution

Please Install the Updated Packages.

Insight

USN-511-1 fixed vulnerabilities in krb5 and librpcsecgss. The fixes were incomplete, and only reduced the scope of the vulnerability, without fully solving it. This update fixes the problem. Original advisory details: It was discovered that the libraries handling RPCSEC_GSS did not correctly validate the size of certain packet structures. An unauthenticated remote user could send a specially crafted request and execute arbitrary code with root privileges.

Affected

krb5, librpcsecgss vulnerability on Ubuntu 6.06 LTS , Ubuntu 6.10 , Ubuntu 7.04

Severity

Classification

CVE CVE-2007-4743

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Ubuntu Update for clamav USN-2488-2
Ubuntu Update for cpio vulnerability USN-650-1
Ubuntu Update for dhcp3 USN-1108-2
Ubuntu Update for bind9 vulnerability USN-1070-1
Ubuntu Update for clamav vulnerabilities USN-926-1

Ubuntu Update for krb5, librpcsecgss vulnerability USN-511-2

Take action and discover your vulnerabilities