A Security Vulnerability in the Management of Solaris Kerberos (see kerberos(5)) may Lead to a User Denial of Service (DoS) Attack
The Kerberos credential renewal feature in Sun Solaris 8 9 and 10 and OpenSolaris build snv_01 through snv_104 allows local users to cause a denial of service (authentication failure) via unspecified vectors related to incorrect cache file permissions and lack of credential storage by the store_cred function in pam_krb5.
- Sun Solaris 8
- Sun Solaris 9
- Sun Solaris 10