cpe:/a:mit:kerberos:5-1.3 cpe:/a:mit:kerberos:5-1.3.1 cpe:/a:mit:kerberos:5-1.3.2 cpe:/a:mit:kerberos:5-1.3.3 cpe:/a:mit:kerberos:5-1.3.4 cpe:/a:mit:kerberos:5-1.3.5 cpe:/a:mit:kerberos:5-1.3.6 cpe:/a:mit:kerberos:5-1.4 cpe:/a:mit:kerberos:5-1.4.1 cpe:/a:mit:kerberos:5-1.4.2 cpe:/a:mit:kerberos:5-1.4.3 cpe:/a:mit:kerberos:5-1.4.4 cpe:/a:mit:kerberos:5-1.5 cpe:/a:mit:kerberos:5-1.5.1 cpe:/a:mit:kerberos:5-1.5.2 cpe:/a:mit:kerberos:5-1.5.3 cpe:/a:mit:kerberos:5-1.6 cpe:/a:mit:kerberos:5-1.6.1 cpe:/a:mit:kerberos:5-1.6.2 cpe:/a:mit:kerberos:5-1.6.3 cpe:/a:mit:kerberos:5-1.7 CVE-2009-4212 2010-01-13T14:30:00.607-05:00 2017-09-18T21:29:56.343-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2010-01-14T08:36:00.000-05:00 SUNALERT 1021779 SECTRACK 1023440 SUNALERT 275530 BID 37749 SECUNIA 38080 SECUNIA 38108 SECUNIA 38126 SECUNIA 38140 SECUNIA 38184 SECUNIA 38203 SECUNIA 38696 SECUNIA 40220 VUPEN ADV-2010-0096 VUPEN ADV-2010-0129 VUPEN ADV-2010-1481 APPLE APPLE-SA-2010-06-15-1 DEBIAN DSA-1969 FEDORA FEDORA-2010-0503 FEDORA FEDORA-2010-0515 HP HPSBOV02682 MANDRIVA MDVSA-2010:006 REDHAT RHSA-2010:0029 REDHAT RHSA-2010:0095 HP SSRT100495 UBUNTU USN-881-1 CONFIRM http://support.apple.com/kb/HT4188 CONFIRM http://support.avaya.com/css/P8/documents/100074869 CONFIRM http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=545015 Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.