CVE-2008-0948

Name of the Vulnerable Software and Affected Versions MIT Kerberos 5 (krb5) versions 1.2.2 through 1.3

Description The issue is related to a buffer overflow in the RPC library used by libgssrpc and kadmind. This can be triggered when the system's unistd.h does not define the FD SETSIZE macro, allowing remote attackers to cause a denial of service or possibly execute arbitrary code by opening a large number of file descriptors. Multiple vulnerabilities in the krb5 package may lead to breaches in confidentiality, integrity, and availability of protected information, and these can be exploited remotely.

Recommendations For versions 1.2.2 through 1.3, consider updating to a version after 1.3 to resolve the issue. As a temporary workaround, consider restricting the number of open file descriptors to prevent the buffer overflow. Avoid using the RPC library in sensitive operations until the issue is resolved.