14 DAY TRIAL // Canonical has announced that quite a few Kerberos vulnerabilities have been found and fixed in its Ubuntu 14.04 LTS, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems.
The company has just released a new update for Kerberos, which is actually the MIT Kerberos Network Authentication Protocol, for anyone interested.
“It was discovered that Kerberos incorrectly handled certain invalid tokens. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be used to cause the daemon to crash, resulting in a denial of service,” reads the security notice.
Also, “It was discovered that Kerberos incorrectly handled certain mechanisms when used with SPNEGO. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be used to cause clients to crash, resulting in a denial of service.”
These are just a couple of the vulnerabilities identified by the developer, and for a more detailed description of the problems you can see Canonical's security notification. Users have been advised to upgrade their systems as soon as possible.
The flaws can be fixed if you upgrade your system(s) to the latest Kerberos-related packages specific to each distribution. To apply the patch, run the Update Manager application.
In general, a standard system update will make all the necessary changes. Surprisingly enough, users won't have to restart the PC or laptop in order to apply the patch.