DescriptionBuffer overflow in the RPC library (lib/rpc/rpc_dtablesize.c) used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.2.2, and probably other versions before 1.3, when running on systems whose unistd.h does not define the FD_SETSIZE macro, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering a large number of open file descriptors.
Overall state of this security issue: Resolved
This issue is currently rated as having critical severity.
|National Vulnerability Database|
- SUSE-SA:2008:016, published Wed, 19 Mar 2008 10:00:00 +0000
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE Linux Enterprise Server 11 SP1|| |
|SUSE Linux Enterprise Server 11 SP2|| |
|SUSE Linux Enterprise Server 11 SP3|| |
|SUSE Linux Enterprise Server 11 SP4|| |
|SUSE Linux Enterprise Software Development Kit 11 SP4|| |