Oval Definition:	oval:org.opensuse.security:def:201717439
Revision Date: 2022-06-30 Version: 1 Title: CVE-2017-17439 Description: In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c and the der_length_visible_string function in lib/asn1/der_length.c. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-17439 Mitre CVE-2017-17439 SUSE CVE-2017-17439 openSUSE-SU-2017:3268-1 openSUSE-SU-2018:2376-1 Platform(s): openSUSE Leap 42.2 openSUSE Leap 42.3 openSUSE Tumbleweed Product(s): Definition Synopsis openSUSE Leap 42.2 is installed AND Package Information libheimdal-7.4.0-2.6.1 is installed AND libheimdal is signed with openSUSE key OR libheimdal-devel-7.4.0-2.6.1 is installed AND libheimdal-devel is signed with openSUSE key Definition Synopsis openSUSE Leap 42.3 is installed AND Package Information libheimdal-7.5.0-9 is installed AND libheimdal is signed with openSUSE key OR libheimdal-devel-7.5.0-9 is installed AND libheimdal-devel is signed with openSUSE key Definition Synopsis openSUSE Tumbleweed is installed AND Package Information libheimdal-7.7.0-1.11 is installed OR libheimdal-devel-7.7.0-1.11 is installed
BACK