Buffer overflow in the RPC library (lib/rpc/rpc_dtablesize.c) used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.2.2, and probably other versions before 1.3, when running on systems whose unistd.h does not define the FD_SETSIZE macro, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering a large number of open file descriptors.
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0948
Also:
Buffer overflow in the RPC library used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.4 through 1.6.3 allows remote attackers to execute arbitrary code by triggering a large number of open file descriptors.
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0947
IDENTIFIER = WIND120120
WIND00125163.zip is for 1.4
WIND00125164.zip is for 1.5
WIND00120154.zip is for 2.0
1. Unzip the patch under [install_dir]/updates
2. From the [install_dir]/updates directory, run the command "../maintenance/mtool/mtool_linux"
3. Follow the instructions for installing the point patch.
4. Once the patch has been installed, run the command "make -C build krb5.rebuild" to rebuild the krb5 package with the source file fix.
5. Run "make fs" next
6. Upload the kernel and rootfs into the target and boot it up.
