Ubuntu Security Notice 916-1 - Emmanuel Bouillon discovered that Kerberos did not correctly handle certain message types. An unauthenticated remote attacker could send specially crafted traffic to cause the KDC to crash, leading to a denial of service. Nalin Dahyabhai, Jan iankko Lieskovsky, and Zbysek Mraz discovered that Kerberos did not correctly handle certain GSS packets. An unauthenticated remote attacker could send specially crafted traffic that would cause services using GSS-API to crash, leading to a denial of service.
df591f94dbb4d50dea322b699e1c376ae7a8357f3687817b6e910bc94d5e7374
MIT krb5 Security Advisory 2010-002 - In MIT krb5 releases krb5-1.7 and later, the SPNEGO GSS-API mechanism can experience an assertion failure when receiving certain invalid messages. This can cause a GSS-API application to crash.
8b74aaf71f23d59e52c2c5e99d47fcfed5c74bdf28f1258ddc4c501fa74f3d46