Oval Definition:	oval:org.mitre.oval:def:13432
Revision Date: 2014-06-30 Version: 20 Title: USN-940-1 -- krb5 vulnerabilities Description: It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service. Joel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos did not correctly verify certain packet structures. An unauthenticated remote attacker could send specially crafted traffic to cause the KDC or kadmind services to crash, leading to a denial of service Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2007-5902 CVE-2007-5971 CVE-2007-5972 CVE-2010-1320 CVE-2010-1321 USN-940-1 USN-940-1 Platform(s): Ubuntu 6.06 Ubuntu 8.04 Ubuntu 9.04 Ubuntu 9.10 Product(s): krb5 Definition Synopsis Release section Ubuntu 8.04 is installed AND Architecture section Architecture independet section Installed architecture is all AND krb5-doc DPKG is earlier than 1.6.dfsg.3~beta1-2ubuntu1.5 OR Architecture depended section Supported architectures section Installed architecture is amd64 OR Installed architecture is i386 OR Installed architecture is powerpc OR Installed architecture is sparc OR Installed architecture is lpia AND Packages section krb5-rsh-server DPKG is earlier than 1.6.dfsg.3~beta1-2ubuntu1.5 OR krb5-telnetd DPKG is earlier than 1.6.dfsg.3~beta1-2ubuntu1.5 OR libkrb53 DPKG is earlier than 1.6.dfsg.3~beta1-2ubuntu1.5 OR libkrb5-dev DPKG is earlier than 1.6.dfsg.3~beta1-2ubuntu1.5 OR krb5-ftpd DPKG is earlier than 1.6.dfsg.3~beta1-2ubuntu1.5 OR krb5-pkinit DPKG is earlier than 1.6.dfsg.3~beta1-2ubuntu1.5 OR krb5-admin-server DPKG is earlier than 1.6.dfsg.3~beta1-2ubuntu1.5 OR libkadm55 DPKG is earlier than 1.6.dfsg.3~beta1-2ubuntu1.5 OR libkrb5-dbg DPKG is earlier than 1.6.dfsg.3~beta1-2ubuntu1.5 OR krb5-user DPKG is earlier than 1.6.dfsg.3~beta1-2ubuntu1.5 OR krb5-clients DPKG is earlier than 1.6.dfsg.3~beta1-2ubuntu1.5 OR krb5-kdc DPKG is earlier than 1.6.dfsg.3~beta1-2ubuntu1.5 OR Release section Ubuntu 9.10 is installed AND Architecture section Architecture independet section Installed architecture is all AND krb5-doc DPKG is earlier than 1.7dfsg~beta3-1ubuntu0.6 OR Architecture depended section Supported architectures section Installed architecture is amd64 OR Installed architecture is i386 OR Installed architecture is powerpc OR Installed architecture is sparc OR Installed architecture is lpia AND Packages section krb5-rsh-server DPKG is earlier than 1.7dfsg~beta3-1ubuntu0.6 OR libk5crypto3 DPKG is earlier than 1.7dfsg~beta3-1ubuntu0.6 OR krb5-kdc-ldap DPKG is earlier than 1.7dfsg~beta3-1ubuntu0.6 OR krb5-telnetd DPKG is earlier than 1.7dfsg~beta3-1ubuntu0.6 OR libkrb5support0 DPKG is earlier than 1.7dfsg~beta3-1ubuntu0.6 OR libkdb5-4 DPKG is earlier than 1.7dfsg~beta3-1ubuntu0.6 OR libkrb5-dev DPKG is earlier than 1.7dfsg~beta3-1ubuntu0.6 OR krb5-ftpd DPKG is earlier than 1.7dfsg~beta3-1ubuntu0.6 OR krb5-pkinit DPKG is earlier than 1.7dfsg~beta3-1ubuntu0.6 OR libkadm5srv6 DPKG is earlier than 1.7dfsg~beta3-1ubuntu0.6 OR krb5-clients DPKG is earlier than 1.7dfsg~beta3-1ubuntu0.6 OR libkrb5-3 DPKG is earlier than 1.7dfsg~beta3-1ubuntu0.6 OR libkrb5-dbg DPKG is earlier than 1.7dfsg~beta3-1ubuntu0.6 OR krb5-user DPKG is earlier than 1.7dfsg~beta3-1ubuntu0.6 OR krb5-kdc DPKG is earlier than 1.7dfsg~beta3-1ubuntu0.6 OR libgssrpc4 DPKG is earlier than 1.7dfsg~beta3-1ubuntu0.6 OR libkadm5clnt6 DPKG is earlier than 1.7dfsg~beta3-1ubuntu0.6 OR libgssapi-krb5-2 DPKG is earlier than 1.7dfsg~beta3-1ubuntu0.6 OR krb5-admin-server DPKG is earlier than 1.7dfsg~beta3-1ubuntu0.6 OR Release section Ubuntu 6.06 is installed AND Architecture section Architecture independet section Installed architecture is all AND krb5-doc DPKG is earlier than 1.4.3-5ubuntu0.11 OR Architecture depended section Supported architectures section Installed architecture is sparc OR Installed architecture is powerpc OR Installed architecture is amd64 OR Installed architecture is i386 AND Packages section krb5-rsh-server DPKG is earlier than 1.4.3-5ubuntu0.11 OR krb5-telnetd DPKG is earlier than 1.4.3-5ubuntu0.11 OR libkrb53 DPKG is earlier than 1.4.3-5ubuntu0.11 OR libkrb5-dev DPKG is earlier than 1.4.3-5ubuntu0.11 OR krb5-ftpd DPKG is earlier than 1.4.3-5ubuntu0.11 OR krb5-admin-server DPKG is earlier than 1.4.3-5ubuntu0.11 OR libkadm55 DPKG is earlier than 1.4.3-5ubuntu0.11 OR krb5-user DPKG is earlier than 1.4.3-5ubuntu0.11 OR krb5-clients DPKG is earlier than 1.4.3-5ubuntu0.11 OR krb5-kdc DPKG is earlier than 1.4.3-5ubuntu0.11 OR Release section Ubuntu 9.04 is installed AND Architecture section Architecture independet section Installed architecture is all AND krb5-doc DPKG is earlier than 1.6.dfsg.4~beta1-5ubuntu2.4 OR Architecture depended section Supported architectures section Installed architecture is amd64 OR Installed architecture is i386 OR Installed architecture is powerpc OR Installed architecture is sparc OR Installed architecture is lpia AND Packages section krb5-rsh-server DPKG is earlier than 1.6.dfsg.4~beta1-5ubuntu2.4 OR krb5-kdc-ldap DPKG is earlier than 1.6.dfsg.4~beta1-5ubuntu2.4 OR krb5-telnetd DPKG is earlier than 1.6.dfsg.4~beta1-5ubuntu2.4 OR libkrb53 DPKG is earlier than 1.6.dfsg.4~beta1-5ubuntu2.4 OR libkrb5-dev DPKG is earlier than 1.6.dfsg.4~beta1-5ubuntu2.4 OR krb5-ftpd DPKG is earlier than 1.6.dfsg.4~beta1-5ubuntu2.4 OR krb5-pkinit DPKG is earlier than 1.6.dfsg.4~beta1-5ubuntu2.4 OR krb5-admin-server DPKG is earlier than 1.6.dfsg.4~beta1-5ubuntu2.4 OR libkadm55 DPKG is earlier than 1.6.dfsg.4~beta1-5ubuntu2.4 OR libkrb5-dbg DPKG is earlier than 1.6.dfsg.4~beta1-5ubuntu2.4 OR krb5-user DPKG is earlier than 1.6.dfsg.4~beta1-5ubuntu2.4 OR krb5-clients DPKG is earlier than 1.6.dfsg.4~beta1-5ubuntu2.4 OR krb5-kdc DPKG is earlier than 1.6.dfsg.4~beta1-5ubuntu2.4
BACK