Oval Definition:oval:org.mitre.oval:def:11936
Revision Date:2015-04-20Version:30
Title:HP-UX Running Kerberos, Remote Unauthorized Modification.
Description:MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2010-1324
Platform(s):HP-UX 11
Product(s):
Definition Synopsis
  • Criteria meets HP Security Bulletin HPSBUX02623
  • HP-UX B.11.31
  • AND filesets tests
  • KRB5-Client.KRB5-PRG is installed
  • OR KRB5-Client.KRB5-64SLIB is installed
  • OR KRB5-Client.KRB5-IA32SLIB is installed
  • OR KRB5-Client.KRB5-IA64SLIB is installed
  • OR KRB5-Client.KRB5-RUN is installed
  • OR KRB5-Client.KRB5-SHLIB is installed
  • AND NOT Patch PHSS_41775 is installed
  • OR Criteria meets HP Security Bulletin HPSBUX02623
  • HP-UX B.11.23
  • AND filesets tests
  • krb5client.KRB5-64SLIB-A version is less than D.1.6.2.09
  • OR krb5client.KRB5-PRG-A version is less than D.1.6.2.09
  • OR krb5client.KRB5-RUN-A version is less than D.1.6.2.09
  • OR krb5client.KRB5-SHLIB-A version is less than D.1.6.2.09
  • OR krb5client.KRB5IA32SLIB-A version is less than D.1.6.2.09
  • OR krb5client.KRB5IA64SLIB-A version is less than D.1.6.2.09
  • OR Criteria meets HP Security Bulletin HPSBUX02623
  • HP-UX B.11.11
  • AND filesets tests
  • krb5client.KRB5-64SLIB-A version is less than C.1.3.5.11
  • OR krb5client.KRB5-PRG-A version is less than C.1.3.5.11
  • OR krb5client.KRB5-RUN-A version is less than C.1.3.5.11
  • OR krb5client.KRB5-SHLIB-A version is less than C.1.3.5.11
  • OR Criteria meets HP Security Bulletin HPSBUX02623
  • HP-UX B.11.31
  • AND filesets tests
  • krb5client.KRB5-64SLIB-A version is less than E.1.6.2.09
  • OR krb5client.KRB5-PRG-A version is less than E.1.6.2.09
  • OR krb5client.KRB5-RUN-A version is less than E.1.6.2.09
  • OR krb5client.KRB5-SHLIB-A version is less than E.1.6.2.09
  • OR krb5client.KRB5IA32SLIB-A version is less than E.1.6.2.09
  • OR krb5client.KRB5IA64SLIB-A version is less than E.1.6.2.09
  • BACK