Oval Definition:	oval:org.mitre.oval:tst:30237
Comment: krb5 is earlier than 0:1.2.7-28 Type: rpminfo_test Namespace: linux Check_Existence: at_least_one_exists Check: at least one State Operator: AND References Object: oval:org.mitre.oval:obj:14120 State: oval:org.mitre.oval:ste:9635 Referencing Definitions Definition ID Class Title Last Modified oval:org.mitre.oval:def:10014 V The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service (infinite loop) via a certain BER encoding. 2013-04-29 oval:org.mitre.oval:def:10267 V Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code. 2013-04-29 oval:org.mitre.oval:def:10709 V Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code. 2013-04-29
BACK