Oval Definition:oval:org.mitre.oval:def:7450
Revision Date:2015-04-20Version:28
Title:HP-UX Running Kerberos, Remote Denial of Service (DoS), Execution of Arbitrary Code
Description:The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2010-1321
Platform(s):HP-UX 11
Product(s):
Definition Synopsis
  • Criteria meets HP Security Bulletin HPSBUX02544
  • HP-UX B.11.31
  • AND filesets tests
  • KRB5-Client.KRB5-PRG is installed
  • OR KRB5-Client.KRB5-64SLIB is installed
  • OR KRB5-Client.KRB5-IA32SLIB is installed
  • OR KRB5-Client.KRB5-IA64SLIB is installed
  • OR KRB5-Client.KRB5-RUN is installed
  • OR KRB5-Client.KRB5-SHLIB is installed
  • AND NOT Patch PHSS_41168 is installed
  • OR Criteria meets HP Security Bulletin HPSBUX02544
  • HP-UX B.11.23
  • AND filesets tests
  • KRB5-Client.KRB5-PRG is installed
  • OR KRB5-Client.KRB5-64SLIB is installed
  • OR KRB5-Client.KRB5-IA32SLIB is installed
  • OR KRB5-Client.KRB5-IA64SLIB is installed
  • OR KRB5-Client.KRB5-RUN is installed
  • OR KRB5-Client.KRB5-SHLIB is installed
  • AND NOT Patch PHSS_41167 is installed
  • OR Criteria meets HP Security Bulletin HPSBUX02544
  • HP-UX B.11.11
  • AND filesets tests
  • KRB5-Client.KRB5-SHLIB is installed
  • OR KRB5-Client.KRB5-PRG is installed
  • OR KRB5-Client.KRB5-RUN is installed
  • OR KRB5-Client.KRB5-64SLIB is installed
  • AND NOT Patch PHSS_41166 is installed
  • OR Criteria meets HP Security Bulletin HPSBUX02544
  • HP-UX B.11.23
  • AND filesets tests
  • krb5client.KRB5-64SLIB-A version is less than D.1.6.2.08
  • OR krb5client.KRB5-PRG-A version is less than D.1.6.2.08
  • OR krb5client.KRB5-RUN-A version is less than D.1.6.2.08
  • OR krb5client.KRB5-SHLIB-A version is less than D.1.6.2.08
  • OR krb5client.KRB5IA32SLIB-A version is less than D.1.6.2.08
  • OR krb5client.KRB5IA64SLIB-A version is less than D.1.6.2.08
  • OR Criteria meets HP Security Bulletin HPSBUX02544
  • HP-UX B.11.11
  • AND filesets tests
  • krb5client.KRB5-64SLIB-A version is less than C.1.3.5.10
  • OR krb5client.KRB5-PRG-A version is less than C.1.3.5.10
  • OR krb5client.KRB5-RUN-A version is less than C.1.3.5.10
  • OR krb5client.KRB5-SHLIB-A version is less than C.1.3.5.10
  • OR Criteria meets HP Security Bulletin HPSBUX02544
  • HP-UX B.11.31
  • AND filesets tests
  • krb5client.KRB5-64SLIB-A version is less than E.1.6.2.08
  • OR krb5client.KRB5-PRG-A version is less than E.1.6.2.08
  • OR krb5client.KRB5-RUN-A version is less than E.1.6.2.08
  • OR krb5client.KRB5-SHLIB-A version is less than E.1.6.2.08
  • OR krb5client.KRB5IA32SLIB-A version is less than E.1.6.2.08
  • OR krb5client.KRB5IA64SLIB-A version is less than E.1.6.2.08
    • BACK