[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

USN-940-1 -- krb5 vulnerabilities

ID: oval:org.secpod.oval:def:700180Date: (C)2011-01-28   (M)2024-01-02
Class: PATCHFamily: unix




It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service. Joel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos did not correctly verify certain packet structures. An unauthenticated remote attacker could send specially crafted traffic to cause the KDC or kadmind services to crash, leading to a denial of service

Platform:
Ubuntu 8.04
Ubuntu 9.10
Ubuntu 6.06
Ubuntu 9.04
Product:
krb5
Reference:
USN-940-1
CVE-2007-5902
CVE-2007-5971
CVE-2007-5972
CVE-2010-1320
CVE-2010-1321
CVE    5
CVE-2007-5902
CVE-2007-5972
CVE-2010-1320
CVE-2007-5971
...
CPE    4
cpe:/o:ubuntu:ubuntu_linux:8.04
cpe:/o:ubuntu:ubuntu_linux:9.10
cpe:/o:ubuntu:ubuntu_linux:9.04
cpe:/o:ubuntu:ubuntu_linux:6.06
...

© SecPod Technologies