Updated Kerberos packages for Red Hat Linux 9 fix a number of vulnerabilities found in MIT Kerberos.
Comment
Andreas Beck discovered that versions of pam_xauth supplied with Red Hat Linux since version 7.1 would forward authorization information from the root account to unprivileged users.
Al Viro found a buffer overflow in Window Maker 0.80.0 and earlier which may allow remote attackers to execute arbitrary code via a certain image file that is not properly handled when Window Maker uses width and height information to allocate a buffer.
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets.
Two Cross-site scripting vulnerabilities have been found that affect SquirrelMail version 1.2.7 and earlier.