[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

112965

 
 

909

 
 

87888

 
 

136

Paid content will be excluded from the download.


Download | Alert*
OVAL

USN-940-1 -- krb5 vulnerabilities

ID: oval:org.secpod.oval:def:700180Date: (C)2011-01-28   (M)2018-03-27
Class: PATCHFamily: unix




It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service. Joel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos did not correctly verify certain packet structures. An unauthenticated remote attacker could send specially crafted traffic to cause the KDC or kadmind services to crash, leading to a denial of service

Platform:
Ubuntu 8.04
Ubuntu 9.10
Ubuntu 6.06
Ubuntu 9.04
Product:
krb5
Reference:
USN-940-1
CVE-2007-5902
CVE-2007-5971
CVE-2007-5972
CVE-2010-1320
CVE-2010-1321
CVE    5
CVE-2007-5902
CVE-2007-5972
CVE-2010-1320
CVE-2007-5971
...
CPE    4
cpe:/o:ubuntu:ubuntu_linux:6.06
cpe:/o:ubuntu:ubuntu_linux:9.04
cpe:/o:ubuntu:ubuntu_linux:9.10
cpe:/o:ubuntu:ubuntu_linux:8.04
...

© SecPod Technologies