|
GLEG Advisory
Advisory:
Name: Heimdal kadmind version4 remote heap overflow
Date: 6 May 2004
CVE candidate: CAN-2004-0434
Author: Evgeny Demidov
Description:
There exists a remote preauth heap overflow vulnerability in Heimdal
kadmind version4 support.
All versions of Heimdal including 0.6.1 are known to be vulnerable.
Its recommended to disable Kerberos 4 support by runing kadmind
with --no-kerberos4 option.
Fix:
FreeBSD has issued an advisory:
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/
/FreeBSD-SA-04:09.kadmind.asc
Latest Heimdal snapshot also fixes the problem.
History:
The vulnerability has been discovered several months ago
by Evgeny Demidov during Heimdal source code audit.
It has been made availabe to VulnDisco clients two weeks ago.
Thanks:
Heimdal development team has been ready with a patch in a couple of hours
after initial contact.
|
