COMMAND

	Kerberos buffer overflow

SYSTEMS AFFECTED

	 krb5
	 Kerberos v4 administration server

PROBLEM

	In Martin Schulze, Debian Security Advisory, [DSA 183-1] :
	
	 http://www.debian.org/security/
	
	
	--snip--
	
	Tom Yu and Sam Hartman of MIT discovered another stack  buffer  overflow
	in the kadm_ser_wrap_in  function  in  the  Kerberos  v4  administration
	server. This kadmind bug has a working exploit code  circulating,  hence
	it is considered serious. The MIT krb5 implementation  includes  support
	for version 4, including a complete v4 library, server side support  for
	krb4, and limited client support for v4.
	
	--snap--

SOLUTION

	See your specific distributions udpates. Patches are available.