[Forgot Password]
Login  Register Subscribe

24003

 
 

131573

 
 

108566

 
 

909

 
 

85401

 
 

134

Paid content will be excluded from the download.


Download | Alert*
OVAL

USN-940-1 -- krb5 vulnerabilities

ID: oval:org.secpod.oval:def:700180Date: (C)2011-01-28   (M)2018-03-27
Class: PATCHFamily: unix




It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service. Joel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos did not correctly verify certain packet structures. An unauthenticated remote attacker could send specially crafted traffic to cause the KDC or kadmind services to crash, leading to a denial of service

Platform:
Ubuntu 8.04
Ubuntu 9.10
Ubuntu 6.06
Ubuntu 9.04
Product:
krb5
Reference:
USN-940-1
CVE-2007-5902
CVE-2007-5971
CVE-2007-5972
CVE-2010-1320
CVE-2010-1321
CVE    5
CVE-2007-5902
CVE-2007-5972
CVE-2010-1320
CVE-2007-5971
...
CPE    4
cpe:/o:ubuntu:ubuntu_linux:9.10
cpe:/o:ubuntu:ubuntu_linux:8.04
cpe:/o:ubuntu:ubuntu_linux:9.04
cpe:/o:ubuntu:ubuntu_linux:6.06
...

© SecPod Technologies