openSUSE-SU-2011:1169-1 -- Suse krb5ID: oval:org.secpod.oval:def:400348 | Date: (C)2012-12-31 (M)2021-09-11 |
Class: PATCH | Family: unix |
The following issues have been fixed: - CVE-2011-1528: In releases krb5-1.8 and later, the KDC can crash due to an assertion failure. - CVE-2011-1529: In releases krb5-1.8 and later, the KDC can crash due to a null pointer dereference. Both bugs could be triggered by unauthenticated remote attackers. Additionally CVE-2011-1526 was fixed that allowed authenticated users to access files via krb5 ftpd they should not have access to.
Platform: |
openSUSE 11.4 |
openSUSE 11.3 |