This issue did not affect the versions of the pam_krb5 packages, as shipped with Red Hat Enterprise Linux 3 and 4. The issue was addressed in the pam_krb5 packages as shipped with Red Hat Enterprise Linux 5 via:
CVSS v2 metrics
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
|Red Hat Enterprise Linux 5 (pam_krb5)||RHSA-2010:0258||2010-03-29|