-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - -------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200210-008 - - -------------------------------------------------------------------- PACKAGE : kth-krb & heimdal SUMMARY : Remote root explot DATE : 2002-10-26 16:00 UTC EXPLOIT : remote - - -------------------------------------------------------------------- All versions of the kadmind daemon are vulnerable to a remote root exploit, if compiled with support for the Kerberos 4 kadmin protocol. SOLUTION It is recommended that all Gentoo Linux users who are running app-crypt/heimdal-0.5 & app-crypt/kth-krb-1.2 and earlier update their systems as follows: emerge rsync emerge kth-krb emerge heimdal emerge clean - - -------------------------------------------------------------------- aliz@gentoo.org - GnuPG key is available at www.gentoo.org/~aliz - - -------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9ur0ufT7nyhUpoZMRAkoVAJ965emvno57NuDf+58fSrZwzQZlSACffxmg gRYeSIc/Flih9VXh6gtCrcw= =D8Jl -----END PGP SIGNATURE-----
