Oval Definition:	oval:org.mitre.oval:def:21983
Revision Date: 2014-02-24 Version: 44 Title: RHSA-2010:0925: krb5 security and bug fix update (Important) Description: MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4 key-derivation checksums, which might allow remote authenticated users to forge a (1) AD-SIGNEDPATH or (2) AD-KDC-ISSUED signature, and possibly gain privileges, by leveraging the small key space that results from certain one-byte stream-cipher operations. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2010-1323 CVE-2010-1324 CVE-2010-4020 RHSA-2010:0925-01 Platform(s): Red Hat Enterprise Linux 6 Product(s): krb5 Definition Synopsis The operating system installed on the system is Red Hat Enterprise Linux 6 AND Packages section krb5-devel is earlier than 0:1.8.2-3.el6_0.3 OR krb5-server-ldap is earlier than 0:1.8.2-3.el6_0.3 OR krb5-workstation is earlier than 0:1.8.2-3.el6_0.3 OR krb5-libs is earlier than 0:1.8.2-3.el6_0.3 OR krb5-pkinit-openssl is earlier than 0:1.8.2-3.el6_0.3 OR krb5-server is earlier than 0:1.8.2-3.el6_0.3 OR krb5 is earlier than 0:1.8.2-3.el6_0.3
BACK