Oval Definition:oval:org.mitre.oval:def:12121
Revision Date:2015-04-20Version:30
Title:HP-UX Running Kerberos, Remote Unauthorized Modification.
Description:MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2010-1323
Platform(s):HP-UX 11
Product(s):
Definition Synopsis
  • Criteria meets HP Security Bulletin HPSBUX02623
  • HP-UX B.11.31
  • AND filesets tests
  • KRB5-Client.KRB5-PRG is installed
  • OR KRB5-Client.KRB5-64SLIB is installed
  • OR KRB5-Client.KRB5-IA32SLIB is installed
  • OR KRB5-Client.KRB5-IA64SLIB is installed
  • OR KRB5-Client.KRB5-RUN is installed
  • OR KRB5-Client.KRB5-SHLIB is installed
  • AND NOT Patch PHSS_41775 is installed
  • OR Criteria meets HP Security Bulletin HPSBUX02623
  • HP-UX B.11.23
  • AND filesets tests
  • krb5client.KRB5-64SLIB-A version is less than D.1.6.2.09
  • OR krb5client.KRB5-PRG-A version is less than D.1.6.2.09
  • OR krb5client.KRB5-RUN-A version is less than D.1.6.2.09
  • OR krb5client.KRB5-SHLIB-A version is less than D.1.6.2.09
  • OR krb5client.KRB5IA32SLIB-A version is less than D.1.6.2.09
  • OR krb5client.KRB5IA64SLIB-A version is less than D.1.6.2.09
  • OR Criteria meets HP Security Bulletin HPSBUX02623
  • HP-UX B.11.11
  • AND filesets tests
  • krb5client.KRB5-64SLIB-A version is less than C.1.3.5.11
  • OR krb5client.KRB5-PRG-A version is less than C.1.3.5.11
  • OR krb5client.KRB5-RUN-A version is less than C.1.3.5.11
  • OR krb5client.KRB5-SHLIB-A version is less than C.1.3.5.11
  • OR Criteria meets HP Security Bulletin HPSBUX02623
  • HP-UX B.11.31
  • AND filesets tests
  • krb5client.KRB5-64SLIB-A version is less than E.1.6.2.09
  • OR krb5client.KRB5-PRG-A version is less than E.1.6.2.09
  • OR krb5client.KRB5-RUN-A version is less than E.1.6.2.09
  • OR krb5client.KRB5-SHLIB-A version is less than E.1.6.2.09
  • OR krb5client.KRB5IA32SLIB-A version is less than E.1.6.2.09
  • OR krb5client.KRB5IA64SLIB-A version is less than E.1.6.2.09
    • BACK