Contributed by jose on from the quick-erratta dept.
OpenBSD 3.2, as shipped, is vulnerable to a kadmind remote exploit if the machine is configured as a kdc (which is not the case in the default install). A fix addressing this problem is available in the -STABLE branch, and as a standalone patch file, at the following location: ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/001_kadmin.patch For more information about errata and patch, please read the OpenBSD errata page: http://www.openbsd.org/errata.htmlThe patch is available via FTP and has been rolled into -stable already.
Thanks to Miod for coordinating this with us!
(Comments are closed)