SuSE Security Advisory SUSE-SA:2009:019 (krb5)

The remote host is missing updates announced in advisory SUSE-SA:2009:019.

The Kerberos implementation from MIT is vulnerable to four different security issues that range from a remote crash to to possible, but very unlikely, remote code execution. - CVE-2009-0844: The SPNEGO GSS-API implementation can read beyond the end of a buffer (network input) which leads to a crash. - CVE-2009-0845: A NULL pointer dereference in the SPNEGO code can lead to a crash which affects programs using the GSS-API. - CVE-2009-0846: The ASN.1 decoder can free an uninitialized NULL pointer which leads to a crash and can possibly lead to remote code execution. This bug can be exploited before any authen- tication happened, - CVE-2009-0847: The ASN.1 decoder incorrectly validates a length parameter which leads to malloc() errors any possibly to a crash.

Update your system with the packages as indicated in the referenced security advisory. https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:019