[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

USN-940-1 -- krb5 vulnerabilities

ID: oval:org.secpod.oval:def:700180Date: (C)2011-01-28   (M)2017-10-04
Class: PATCHFamily: unix




It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service. Joel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos did not correctly verify certain packet structures. An unauthenticated remote attacker could send specially crafted traffic to cause the KDC or kadmind services to crash, leading to a denial of service

Platform:
Ubuntu 8.04
Ubuntu 9.10
Ubuntu 6.06
Ubuntu 9.04
Product:
krb5
Reference:
USN-940-1
CVE-2007-5902
CVE-2007-5971
CVE-2007-5972
CVE-2010-1320
CVE-2010-1321
CVE    5
CVE-2007-5902
CVE-2007-5972
CVE-2010-1320
CVE-2010-1321
...
CPE    1
cpe:/o:ubuntu:ubuntu_linux:8.04

© 2013 SecPod Technologies