c. ESX third party update for Service Console krb5 RPM

This patch updates the krb5-libs and krb5-workstation RPMs to version 1.6.1-63.el5_7 to resolve a security issue.



By default, the affected krb5-telnet and ekrb5-telnet services do not run. The krb5 telnet daemon is an xinetd service. You can run the following commands to check if krb5 telnetd is enabled:





/sbin/chkconfig --list krb5-telnet

/sbin/chkconfig --list ekrb5-telnet

You can run the following commands to disable krb5 telnet daemon:

/sbin/chkconfig krb5-telnet off

/sbin/chkconfig ekrb5-telnet off

The Common Vulnerabilities and Exposures project ( cve.mitre.org) has assigned the name CVE-2011-4862 to this issue.

Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.