Sol Jerome discovered that kadmind service in krb5, a system for authenticating users and services on a network, allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number. For the stable distribution (lenny), this problem has been fixed in version 1.6.dfsg.4~beta1-5lenny3. The testing distribution (squeeze), and the unstable distribution (sid) are not affected by this issue. We recommend that you upgrade your krb5 package.
Sol Jerome discovered that kadmind service in krb5, a system for authenticating users and services on a network, allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number.
For the stable distribution (lenny), this problem has been fixed in version 1.6.dfsg.4~beta1-5lenny3.
The testing distribution (squeeze), and the unstable distribution (sid) are not affected by this issue.
We recommend that you upgrade your krb5 package.
MD5 checksums of the listed files are available in the original advisory.