MITKRB5-SA-2003-05: Buffer overrun and underrun in principal name handling
Ken Raeburn
raeburn at MIT.EDU
Thu Mar 20 16:47:22 EST 2003
This advisory has been updated on our web site.
The patch is now contained in a separate text file, with a separate
PGP signature available.
The advisory text now notes that it includes information also
published in the following vulnerability notes:
CVE CAN-2003-0082
Buffer underrun
CVE CAN-2003-0072
Array overrun -- only the portions that appeared to affect a server
with no strange realm configurations were included here.
This announcement and related security advisories may be found on the
MIT Kerberos security advisory page at:
http://web.mit.edu/kerberos/www/advisories/index.html
The main MIT Kerberos web page is at:
http://web.mit.edu/kerberos/www/index.html
Ken
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 231 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/kerberos-announce/attachments/20030320/8d9dc660/attachment.bin
More information about the kerberos-announce
mailing list