MIT Kerberos 5: User-assisted execution of arbitrary code

MIT Kerberos 5: User-assisted execution of arbitrary code A vulnerability has been found in MIT Kerberos 5, possibly resulting in arbitrary code execution or a Denial of Service condition. mit-krb5 2014-12-31 2014-12-31 516334 517936 519518 523506 remote 1.13 1.13

MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol.

Multiple vulnerabilities have been discovered in MIT Kerberos 5. Please review the CVE identifiers referenced below for details.

A remote attacker could execute arbitrary code with the privileges of the process or cause Denial of Service.

There is no known workaround at this time.

All MIT Kerberos 5 users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=app-crypt/mit-krb5-1.13"

CVE-2014-4341 CVE-2014-4343 CVE-2014-4345 CVE-2014-5351 Zlogene Zlogene