Oval Definition:
oval:com.ubuntu.xenial:def:20091384000
Revision Date
:
2009-05-28
Version
:
1
Title
:
CVE-2009-1384 on Ubuntu 16.04 LTS (xenial) - low.
Description
:
pam_krb5 2.2.14 through 2.3.4, as used in Red Hat Enterprise Linux (RHEL) 5, generates different password prompts depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
CVE-2009-1384
Platform(s)
:
Ubuntu 16.04 LTS
Product(s)
:
Definition Synopsis
Ubuntu 16.04 LTS (xenial) is installed.
AND
The 'libpam-krb5' package in xenial is affected and needs fixing.
BACK