Debian Security Advisory 1969 krb5 – integer underflow

It was discovered that krb5, a system for authenticating users and services on a network, is prone to integer underflow in the AES and RC4 decryption operations of the crypto library. A remote attacker can cause crashes, heap corruption, or, under extraordinarily unlikely conditions, arbitrary code execution.


For the old stable distribution (etch), this problem has been fixed in version 1.4.4-7etch8…

Read More