DSA-1722-1 libpam-heimdal -- programming errorID: oval:org.secpod.oval:def:600356 | Date: (C)2011-05-13 (M)2022-10-10 |
Class: PATCH | Family: unix |
Derek Chan discovered that the PAM module for the Heimdal Kerberos implementation allows reinitialisation of user credentials when run from a setuid context, resulting in potential local denial of service by overwriting the credential cache file or to local privilege escalation. For the stable distribution , this problem has been fixed in version 2.5-1etch1. For the upcoming stable distribution , this problem has been fixed in version 3.10-2.1. For the unstable distribution , this problem will be fixed soon. We recommend that you upgrade your libpam-heimdal package.