:O'Reilly Network: Insecurities in a Nutshell: KTH Kerberos, Red Hat PAM, and More
O'Reilly Network: Insecurities in a Nutshell: KTH Kerberos, Red Hat PAM, and More Dec 14, 2000, 16 :12 UTC (0 Talkback[s]) (5309 reads) (Other stories by Noel Davis)
"Problems this week include root exploits in the MarkVision printer drivers package, local and remote root exploits in KTH Kerberos, buffer overflows in Red Hat's PAM, a discussion of security problems with web-based applications, and an example of one of these web-based security problems in phpGroupWare."
"KTH Kerberos
Kerberos is a network authentication protocol that uses a secret-key to provide authentication over insecure networks. There are two primary Kerberos packages: MIT and KTH. KTH Kerberos is included in OpenBSD and FreeBSD. There are three vulnerabilities in KTH Kerberos IV: It honors some environmental variables, there is a buffer overflow in the protocol parsing code, and there is a race condition in the ticket file writing code. These problems can lead to local and remote root vulnerabilities."
"Red Hat PAM
There is a problem with the PAM system in Red Hat 7 and an update that was issued for Red Hat 6.x. Both versions included a module named pam_localuser. This module is vulnerable to a buffer overflow. Even though this module is not used by default, Red Hat has released a new version that fixes the buffer overflow and fixes some other bugs."
