MIT Kerberos 5 Release 1.5.3 with security fixes

The MIT Kerberos Team announces the availability of MIT Kerberos 5 Release 1.5.3. This is primarily a security update release. Fixed issues include:

* Fix MITKRB5-SA-2007-001: telnetd allows login as arbitrary user [CVE-2007-0956, VU#220816]

* Fix MITKRB5-SA-2007-002: buffer overflow in krb5_klog_syslog [CVE-2007-0957, VU#704024]

* Fix MITKRB5-SA-2007-003: double-free in kadmind – the RPC library could perform a double-free due to a GSS-API library bug [CVE-2007-1216, VU#419344]




Share this