OVAL Reference oval:com.ubuntu.precise:def:20149423000

Oval Definition:

oval:com.ubuntu.precise:def:20149423000

Revision Date:	2015-02-19	Version:	1
Title:	CVE-2014-9423 on Ubuntu 12.04 LTS (precise) - low.
Description:	The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (aka krb5) 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized interposer data to clients, which allows remote attackers to obtain sensitive information from process heap memory by sniffing the network for data in a handle field.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2014-9423
Platform(s):	Ubuntu 12.04 LTS	Product(s):
Definition Synopsis
Ubuntu 12.04 LTS (precise) is installed. AND The 'krb5' package in precise was vulnerable but has been fixed (note: '1.10+dfsg~beta1-2ubuntu0.6').