SUSE-SA:2010:006 -- SUSE krb5 remote code executionID: oval:org.secpod.oval:def:400053 | Date: (C)2012-01-31 (M)2021-09-11 |
Class: PATCH | Family: unix |
Specially crafted AES and RC4 packets could allow unauthenticated remote attackers to trigger an integer underflow that leads to heap memory corruption CVE-2009-4212. Remote attackers could potentially exploit that to execute arbitrary code. openSUSE 11.2 is also affected by the following problem: Specially crafted ticket requests could crash the kerberos server CVE-2009-3295.
Platform: |
openSUSE 11.1 |
openSUSE 11.0 |
openSUSE 11.2 |