Wind River Support Network

HomeDefectsLIN6-8543

Fixed

LIN6-8543 : Security Advisory - krb5 - CVE-2014-5351

Created: Oct 14, 2014 Updated: Dec 3, 2018

Resolved Date: Jun 10, 2015

Found In Version: 6.0.0.15

Fix Version: 6.0.0.15

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authenticated users to forge tickets by leveraging administrative access.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5351

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38