[Forgot Password]
Login  Register Subscribe

24003

 
 

131573

 
 

108741

 
 

909

 
 

85475

 
 

134

Paid content will be excluded from the download.


Download | Alert*
OVAL

USN-924-1 -- krb5 vulnerabilities

ID: oval:org.secpod.oval:def:700183Date: (C)2011-01-28   (M)2018-03-27
Class: PATCHFamily: unix




Sol Jerome discovered that the Kerberos kadmind service did not correctly free memory. An unauthenticated remote attacker could send specially crafted traffic to crash the kadmind process, leading to a denial of service. It was discovered that Kerberos did not correctly free memory in the GSSAPI library. If a remote attacker were able to manipulate an application using GSSAPI carefully, the service could crash, leading to a denial of service. It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service

Platform:
Ubuntu 8.10
Ubuntu 8.04
Ubuntu 9.04
Product:
krb5
Reference:
USN-924-1
CVE-2007-5901
CVE-2007-5902
CVE-2007-5971
CVE-2007-5972
CVE-2010-0629
CVE    5
CVE-2007-5902
CVE-2007-5972
CVE-2007-5901
CVE-2007-5971
...
CPE    3
cpe:/o:ubuntu:ubuntu_linux:8.04
cpe:/o:ubuntu:ubuntu_linux:8.10
cpe:/o:ubuntu:ubuntu_linux:9.04

© SecPod Technologies