Oval Definition:oval:org.mitre.oval:def:2002
Revision Date:2006-09-27Version:17
Title:Multiple Buffer Overflows in Kerberos 5 (krb5_aname_to_localname)
Description:Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2004-0523
Platform(s):Sun Solaris 7
Product(s):Solaris Enterprise Authentication Mechanism (SEAM)
Definition Synopsis
  • Software section
  • Kerberos 5 installed
  • AND Solaris 7,8,or 9 installed
  • Solaris 8 Installed
  • OR Solaris 7 Installed
  • OR Solaris 9 Installed
  • AND NOT Patch 112908-16 or later installed
  • AND NOT Patch 112536-05 or later installed
  • AND Patches 112237-11 and 112390-09 or greater installed
  • Patch 112237-11 or later installed
  • AND Patch 112390-09 or later installed
  • AND Configuration section
  • /etc/krb5/krb5.conf is configured with a kerberos domain
  • AND /etc/krb5/krb5.conf is configured with explicit or rules-based mapping
    • BACK