libgssapi prior to 0.6-13.7, as used by the ISC BIND named daemon in SUSE Linux Enterprise Server 10 SP 1, terminates upon an initialization error, which allows remote malicious users to cause a denial of service (daemon exit) via a GSS-TSIG request. NOTE: this issue probably affects other daemons that attempt to initialize this library within a chroot configuration or other invalid configuration.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
suse suse linux 10 |