Vulnerability CVE-2007-0957 - CERT Civis.Net

Vulnerability Name:

CVE-2007-0957 (CCN-33411)

Assigned:

2007-04-03

Published:

2007-04-03

Updated:

2021-02-02

Summary:

Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Kerberos administration daemon (kadmind) and Key Distribution Center (KDC), in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via crafted arguments, possibly involving certain format string specifiers.

CVSS v3 Severity:

9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): Required
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

9.0 High (CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)
6.7 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

9.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)
6.7 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: SGI
Type: Broken Link
20070401-01-P

Source: MITRE
Type: CNA
CVE-2007-0957

Source: CCN
Type: Apple Security Update 2007-004
About Security Update 2007-004

Source: CONFIRM
Type: Broken Link
http://docs.info.apple.com/article.html?artnum=305391

Source: CCN
Type: Apple Web site
Apple security updates

Source: APPLE
Type: Mailing List, Third Party Advisory
APPLE-SA-2007-04-19

Source: SUSE
Type: Broken Link
SUSE-SA:2007:025

Source: CCN
Type: RHSA-2007-0095
Critical: krb5 security update

Source: SECUNIA
Type: Third Party Advisory
24706

Source: SECUNIA
Type: Third Party Advisory
24735

Source: SECUNIA
Type: Third Party Advisory
24736

Source: CCN
Type: SA24740
Kerberos Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
24740

Source: SECUNIA
Type: Third Party Advisory
24750

Source: SECUNIA
Type: Third Party Advisory
24757

Source: SECUNIA
Type: Third Party Advisory
24785

Source: SECUNIA
Type: Third Party Advisory
24786

Source: CCN
Type: SA24798
Novell Kerberos KDC "krb5_klog_syslog()" Buffer Overflow

Source: SECUNIA
Type: Third Party Advisory
24798

Source: SECUNIA
Type: Third Party Advisory
24817

Source: CCN
Type: SA24966
Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
24966

Source: CCN
Type: SA25464
Sun Solaris Kerberos kadm5 Library Vulnerability

Source: SECUNIA
Type: Third Party Advisory
25464

Source: GENTOO
Type: Third Party Advisory
GLSA-200704-02

Source: CCN
Type: SECTRACK ID: 1017849
Kerberos kadmin/KDC Stack Overflow in krb5_klog_syslog() Lets Remote Authenticated Users Execute Arbitrary Code

Source: CCN
Type: Sun Alert ID: 102930
Security Vulnerability in the Kerberos kadm5 Library May Allow Execution of Arbitrary Code

Source: SUNALERT
Type: Broken Link
102930

Source: CCN
Type: ASA-2007-143
krb5 security update (RHSA-2007-0095)

Source: CCN
Type: ASA-2007-221
Security Vulnerability in the Kerberos kadm5 Library May Allow Execution of Arbitrary Code (Sun 102930)

Source: CCN
Type: MITKRB5-SA-2007-002
KDC, kadmind stack overflow in krb5_klog_syslog

Source: CONFIRM
Type: Patch, Vendor Advisory
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-002-syslog.txt

Source: DEBIAN
Type: Third Party Advisory
DSA-1276

Source: DEBIAN
Type: DSA-1276
krb5 -- several vulnerabilities

Source: CCN
Type: GLSA-200704-02
MIT Kerberos 5: Arbitrary remote code execution

Source: CCN
Type: US-CERT VU#704024
MIT Kerberos 5 administration daemon stack overflow in krb5_klog_syslog()

Source: CERT-VN
Type: Third Party Advisory, US Government Resource
VU#704024

Source: MANDRIVA
Type: Third Party Advisory
MDKSA-2007:077

Source: REDHAT
Type: Third Party Advisory
RHSA-2007:0095

Source: BUGTRAQ
Type: Third Party Advisory, VDB Entry
20070403 MITKRB5-SA-2007-002: KDC, kadmind stack overflow in krb5_klog_syslog [CVE-2007-0957]

Source: BUGTRAQ
Type: Third Party Advisory, VDB Entry
20070404 rPSA-2007-0063-1 krb5 krb5-server krb5-services krb5-test krb5-workstation

Source: BUGTRAQ
Type: Third Party Advisory, VDB Entry
20070405 FLEA-2007-0008-1: krb5

Source: BID
Type: Third Party Advisory, VDB Entry
23285

Source: CCN
Type: BID-23285
MIT Kerberos 5 KAdminD Server Stack Buffer Overflow Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1017849

Source: CCN
Type: TLSA-2007-24
Three vulnerabilities discovered in krb5

Source: CCN
Type: USN-449-1
krb5 vulnerabilities

Source: UBUNTU
Type: Third Party Advisory
USN-449-1

Source: CERT
Type: Third Party Advisory, US Government Resource
TA07-093B

Source: CERT
Type: Third Party Advisory, US Government Resource
TA07-109A

Source: VUPEN
Type: Third Party Advisory
ADV-2007-1218

Source: VUPEN
Type: Third Party Advisory
ADV-2007-1250

Source: VUPEN
Type: Third Party Advisory
ADV-2007-1470

Source: VUPEN
Type: Third Party Advisory
ADV-2007-1983

Source: XF
Type: Third Party Advisory, VDB Entry
kerberos-krb5klogsyslog-bo(33411)

Source: XF
Type: UNKNOWN
kerberos-krb5klogsyslog-bo(33411)

Source: CCN
Type: iDefense Labs PUBLIC ADVISORY: 04.03.07
Multiple Vendor Kerberos kadmind Buffer Overflow Vulnerability

Source: OVAL
Type: Broken Link, Third Party Advisory
oval:org.mitre.oval:def:10757

Source: CCN
Type: Novell Security Alert 3618705
Security Update: KDC and kadmin stack overflow in krb5_klog_syslog

Source: SUSE
Type: SUSE-SA:2007:025
krb5 security problems

Vulnerable Configuration:

Configuration 1:

cpe:/a:mit:kerberos_5:*:*:*:*:*:*:*:* (Version < 1.6.1)

Configuration 2:

cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/a:mit:kerberos_5:1.3:-:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.5:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.3.5:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.3.6:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.4:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.6:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos:5-1.5.4:*:*:*:*:*:*:*

AND

cpe:/o:sun:solaris:8::x86:*:*:*:*:*

OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*

OR cpe:/o:sun:solaris:8::sparc:*:*:*:*:*

OR cpe:/o:sun:solaris:9::x86:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*

OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*

OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:*

OR cpe:/o:sun:solaris:10::x86:*:*:*:*:*

OR cpe:/o:suse:suse_linux:10.0::oss:*:*:*:*:*

OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*

OR cpe:/o:suse:suse_linux:10.1::personal:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2006::x86-64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*

OR cpe:/o:turbolinux:turbolinux:*:*:personal:*:*:*:*:*

OR cpe:/o:turbolinux:turbolinux:*:*:home:*:*:*:*:*

OR cpe:/o:turbolinux:turbolinux:*:*:multimedia:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux:9.3:*:*:*:*:*:*:*

OR cpe:/o:sun:solaris:9::sparc:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20070957	V	CVE-2007-0957	2022-06-30
oval:org.opensuse.security:def:42341	P	Security update for polkit (Moderate)	2022-02-18
oval:org.opensuse.security:def:112519	P	krb5-1.19.2-2.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:42339	P	Security update for systemd (Moderate)	2022-01-11
oval:org.opensuse.security:def:32241	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:26183	P	Security update for xorg-x11-server (Important)	2021-12-14
oval:org.opensuse.security:def:32243	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:31719	P	Security update for glib-networking (Important)	2021-12-13
oval:org.opensuse.security:def:31717	P	Security update for openssh (Important)	2021-12-06
oval:org.opensuse.security:def:31711	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:31710	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:31709	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:31708	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:32219	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-11-19
oval:org.opensuse.security:def:32221	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-11-19
oval:org.opensuse.security:def:26163	P	Security update for bind (Important)	2021-11-11
oval:org.opensuse.security:def:26161	P	Security update for samba (Important)	2021-11-10
oval:org.opensuse.security:def:42138	P	Security update for qemu (Important)	2021-11-03
oval:org.opensuse.security:def:42136	P	Security update for salt (Moderate)	2021-10-27
oval:org.opensuse.security:def:31285	P	Security update for MozillaFirefox (Important)	2021-10-15
oval:org.opensuse.security:def:31283	P	Security update for apache2 (Important)	2021-10-06
oval:org.opensuse.security:def:26140	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:26142	P	Security update for apache2 (Important)	2021-10-06
oval:org.opensuse.security:def:106010	P	krb5-1.19.2-2.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:26114	P	Security update for openexr (Important)	2021-09-02
oval:org.opensuse.security:def:31262	P	Security update for openexr (Important)	2021-09-02
oval:org.opensuse.security:def:26112	P	Security update for sssd (Important)	2021-08-30
oval:org.opensuse.security:def:32177	P	Security update for bind (Moderate)	2021-08-30
oval:org.opensuse.security:def:31260	P	Security update for aspell (Important)	2021-08-25
oval:org.opensuse.security:def:32175	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:32153	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-07-27
oval:org.opensuse.security:def:32155	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-07-27
oval:org.opensuse.security:def:31654	P	Security update for MozillaFirefox (Important)	2021-07-16
oval:org.opensuse.security:def:31651	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:31645	P	Security update for ovmf (Important)	2021-06-22
oval:org.opensuse.security:def:31209	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-06-18
oval:org.opensuse.security:def:31211	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2021-06-18
oval:org.opensuse.security:def:31643	P	Security update for apache2 (Important)	2021-06-17
oval:org.opensuse.security:def:31200	P	Security update for java-1_8_0-openjdk (Moderate)	2021-06-15
oval:org.opensuse.security:def:31199	P	Security update for freeradius-server (Moderate)	2021-06-11
oval:org.opensuse.security:def:31198	P	Security update for caribou (Important)	2021-06-10
oval:org.opensuse.security:def:32116	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:31197	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:31634	P	Security update for qemu (Important)	2021-06-08
oval:org.opensuse.security:def:42572	P	krb5-1.6.3-133.49.66.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36430	P	krb5-devel-1.6.3-133.49.66.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:31633	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:42574	P	krb5-plugin-kdb-ldap-1.6.3-133.49.66.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36165	P	krb5-1.6.3-133.49.66.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:31632	P	Security update for MozillaFirefox (Important)	2021-06-08
oval:org.opensuse.security:def:36167	P	krb5-plugin-kdb-ldap-1.6.3-133.49.66.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:31631	P	Security update for gstreamer-plugins-bad (Important)	2021-06-07
oval:org.opensuse.security:def:26058	P	Security update for postgresql10 (Moderate)	2021-05-27
oval:org.opensuse.security:def:26059	P	Security update for postgresql12 (Moderate)	2021-05-27
oval:org.opensuse.security:def:26055	P	Security update for hivex (Moderate)	2021-05-26
oval:org.opensuse.security:def:26056	P	Security update for curl (Moderate)	2021-05-26
oval:org.opensuse.security:def:31619	P	Security update for python3 (Important)	2021-05-17
oval:org.opensuse.security:def:31617	P	Security update for samba (Important)	2021-05-04
oval:org.opensuse.security:def:32087	P	Security update for cups (Important)	2021-04-30
oval:org.opensuse.security:def:32085	P	Security update for tomcat (Important)	2021-04-29
oval:org.opensuse.security:def:32898	P	Security update for qemu (Important)	2021-04-16
oval:org.opensuse.security:def:32896	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:32067	P	Security update for fwupdate (Important)	2021-04-08
oval:org.opensuse.security:def:32065	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:26216	P	Security update for MozillaFirefox (Important)	2021-03-31
oval:org.opensuse.security:def:26214	P	Security update for wavpack (Important)	2021-03-24
oval:org.opensuse.security:def:31354	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:33091	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:31352	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:33089	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:26202	P	Security update for MozillaFirefox (Important)	2021-03-01
oval:org.opensuse.security:def:26200	P	Security update for glibc (Moderate)	2021-02-25
oval:org.opensuse.security:def:31653	P	Security update for sudo (Important)	2021-01-26
oval:org.opensuse.security:def:31652	P	Security update for openssh (Moderate)	2021-01-05
oval:org.opensuse.security:def:32114	P	Security update for java-1_7_1-ibm (Moderate)	2021-01-04
oval:org.opensuse.security:def:26061	P	Security update for dovecot22 (Important)	2021-01-04
oval:org.opensuse.security:def:32019	P	Security update for clamav (Important)	2020-12-22
oval:org.opensuse.security:def:25980	P	Security update for MozillaFirefox (Critical)	2020-12-21
oval:org.opensuse.security:def:25979	P	Security update for xen (Moderate)	2020-12-18
oval:org.opensuse.security:def:31566	P	Security update for python (Important)	2020-12-11
oval:org.opensuse.security:def:32009	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:32011	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:35932	P	krb5-1.6.3-133.49.54.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35576	P	krb5-plugin-kdb-ldap-1.6.3-133.12 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35934	P	krb5-plugin-kdb-ldap-1.6.3-133.49.54.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41981	P	krb5-1.6.3-133.27.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35729	P	krb5-1.6.3-133.48.48.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41983	P	krb5-plugin-kdb-ldap-1.6.3-133.12 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35731	P	krb5-plugin-kdb-ldap-1.6.3-133.12 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35574	P	krb5-1.6.3-133.27.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:32000	P	Security update for python-setuptools (Important)	2020-12-02
oval:org.opensuse.security:def:31411	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:31417	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31564	P	Security update for squid3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26658	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26711	P	gnutls on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27393	P	empathy on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25726	P	Security update for python36 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25688	P	Security update for systemd (Important)	2020-12-01
oval:org.opensuse.security:def:25624	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:25857	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25806	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32387	P	Security update for tomcat6 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26541	P	evince on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33130	P	krb5-plugin-kdb-ldap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25127	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31487	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:31863	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:31796	P	Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:32017	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32539	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31043	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25792	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:25999	P	Security update for zziplib (Moderate)	2020-12-01
oval:org.opensuse.security:def:25910	P	Security update for gstreamer-0_10-plugins-base (Low)	2020-12-01
oval:org.opensuse.security:def:25998	P	Security update for libreoffice (Important)	2020-12-01
oval:org.opensuse.security:def:26258	P	Security update for openconnect (Moderate)	2020-12-01
oval:org.opensuse.security:def:26729	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25281	P	Security update for squid (Important)	2020-12-01
oval:org.opensuse.security:def:25201	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:31851	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:31998	P	Security update for jpeg (Moderate)	2020-12-01
oval:org.opensuse.security:def:31914	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:31975	P	Security update for jasper (Important)	2020-12-01
oval:org.opensuse.security:def:32657	P	evince on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31056	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26291	P	Security update for python-reportlab (Important)	2020-12-01
oval:org.opensuse.security:def:26898	P	freetype2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25484	P	Security update for libqt4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25294	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:25331	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:25467	P	Security update for ucode-intel (Important)	2020-12-01
oval:org.opensuse.security:def:32297	P	Security update for procps (Moderate)	2020-12-01
oval:org.opensuse.security:def:32451	P	Security update for xen (Moderate)	2020-12-01
oval:org.opensuse.security:def:31400	P	Security update for perl-Archive-Zip (Moderate)	2020-12-01
oval:org.opensuse.security:def:31496	P	Security update for python-imaging	2020-12-01
oval:org.opensuse.security:def:26609	P	libxslt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26432	P	Security update for ansible (Moderate)	2020-12-01
oval:org.opensuse.security:def:26755	P	libnetpbm10 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27163	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25715	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25558	P	Security update for systemd (Moderate)	2020-12-01
oval:org.opensuse.security:def:25567	P	Security update for java-11-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:25706	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:25755	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:32348	P	Security update for sqlite3 (Important)	2020-12-01
oval:org.opensuse.security:def:32409	P	Security update for wget (Moderate)	2020-12-01
oval:org.opensuse.security:def:31413	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:31757	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:31818	P	Security update for audiofile (Moderate)	2020-12-01
oval:org.opensuse.security:def:32500	P	cyrus-imapd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31042	P	Security update for Linux kernel	2020-12-01
oval:org.opensuse.security:def:25728	P	Security update for python-cffi, python-cryptography (Moderate)	2020-12-01
oval:org.opensuse.security:def:25918	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25824	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:25859	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:25959	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:26012	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:26694	P	expat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25280	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25137	P	Security update for SDL (Moderate)	2020-12-01
oval:org.opensuse.security:def:31853	P	Security update for coreutils (Important)	2020-12-01
oval:org.opensuse.security:def:31865	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:31798	P	Security update for OpenEXR (Moderate)	2020-12-01
oval:org.opensuse.security:def:32541	P	krb5-plugin-kdb-ldap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31045	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26001	P	Security update for openexr (Moderate)	2020-12-01
oval:org.opensuse.security:def:26000	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:26260	P	Security update for Mesa (Moderate)	2020-12-01
oval:org.opensuse.security:def:26731	P	krb5-plugin-kdb-ldap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25283	P	Security update for SUSE Manager Client Tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:25203	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:25410	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:32857	P	expat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31399	P	Security update for perl (Moderate)	2020-12-01
oval:org.opensuse.security:def:26321	P	Security update for kcoreaddons (Moderate)	2020-12-01
oval:org.opensuse.security:def:26293	P	Security update for raptor (Important)	2020-12-01
oval:org.opensuse.security:def:26393	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26446	P	Security update for kconfig, kdelibs4 (Important)	2020-12-01
oval:org.opensuse.security:def:27128	P	fuse on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25714	P	Security update for libpng16 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25494	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25486	P	Security update for openssl-1_1 (Important)	2020-12-01
oval:org.opensuse.security:def:25469	P	Security update for ncurses (Moderate)	2020-12-01
oval:org.opensuse.security:def:25702	P	Security update for libvpx (Moderate)	2020-12-01
oval:org.opensuse.security:def:32299	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:32453	P	Security update for xfsprogs (Moderate)	2020-12-01
oval:org.opensuse.security:def:31402	P	Security update for perl-DBD-mysql (Moderate)	2020-12-01
oval:org.opensuse.security:def:31507	P	Security update for python27 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31498	P	Security update for python-numpy (Important)	2020-12-01
oval:org.opensuse.security:def:26434	P	Security update for pdns (Important)	2020-12-01
oval:org.opensuse.security:def:31862	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:27165	P	krb5-plugin-kdb-ldap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25717	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:25560	P	Security update for openldap2 (Important)	2020-12-01
oval:org.opensuse.security:def:25767	P	Security update for DirectFB (Important)	2020-12-01
oval:org.opensuse.security:def:25708	P	Security update for mariadb-100 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25757	P	Security update for flash-player (Moderate)	2020-12-01
oval:org.opensuse.security:def:25843	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:25901	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:26574	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25126	P	Security update for ovmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:31766	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31807	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31759	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:31820	P	Security update for augeas (Moderate)	2020-12-01
oval:org.opensuse.security:def:32502	P	dhcp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31044	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25991	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:25920	P	Security update for gstreamer-plugins-base (Moderate)	2020-12-01
oval:org.opensuse.security:def:25826	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25961	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26014	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:26696	P	file-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25282	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:25139	P	Security update for sqlite3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31941	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:31855	P	Security update for crash (Low)	2020-12-01
oval:org.opensuse.security:def:31951	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:32694	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31128	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:26264	P	Security update for gegl (Moderate)	2020-12-01
oval:org.opensuse.security:def:26344	P	Security update for mbedtls (Moderate)	2020-12-01
oval:org.opensuse.security:def:26490	P	Security update for pdns (Moderate)	2020-12-01
oval:org.opensuse.security:def:26931	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25483	P	Security update for freeradius-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:25356	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25412	P	Security update for gcc10 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25551	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:32859	P	file-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31401	P	Security update for perl-DBD-mysql (Moderate)	2020-12-01
oval:org.opensuse.security:def:31415	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31409	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26556	P	gmime on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26395	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:26448	P	Security update for phpMyAdmin (Important)	2020-12-01
oval:org.opensuse.security:def:27130	P	g3utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25716	P	Security update for librsvg (Moderate)	2020-12-01
oval:org.opensuse.security:def:25496	P	Security update for ceph (Important)	2020-12-01
oval:org.opensuse.security:def:25686	P	Security update for wicked (Important)	2020-12-01
oval:org.opensuse.security:def:25622	P	Security update for wavpack (Moderate)	2020-12-01
oval:org.opensuse.security:def:25704	P	Security update for ppp (Important)	2020-12-01
oval:org.opensuse.security:def:25804	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32385	P	Security update for tightvnc (Important)	2020-12-01
oval:org.opensuse.security:def:26539	P	emacs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33128	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25125	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31485	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:31509	P	Security update for python27 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26697	P	findutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31864	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:27428	P	krb5-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25790	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:25769	P	Security update for gd (Low)	2020-12-01
oval:org.opensuse.security:def:25908	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:25912	P	Security update for zziplib (Moderate)	2020-12-01
oval:org.opensuse.security:def:25845	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:25903	P	Security update for util-linux (Important)	2020-12-01
oval:org.opensuse.security:def:26576	P	krb5-plugin-kdb-ldap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25128	P	Security update for w3m (Moderate)	2020-12-01
oval:org.opensuse.security:def:31849	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:31768	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31809	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31912	P	Security update for gcc43 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31973	P	Security update for jakarta-taglibs-standard (Important)	2020-12-01
oval:org.opensuse.security:def:32655	P	emacs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31054	P	Security update for the Linux kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26896	P	foomatic-filters on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25482	P	Security update for man (Moderate)	2020-12-01
oval:org.opensuse.security:def:25292	P	Security update for libX11 (Important)	2020-12-01
oval:org.opensuse.security:def:25329	P	Security update for spice-gtk (Moderate)	2020-12-01
oval:org.opensuse.security:def:31943	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:31953	P	Security update for gstreamer-0_10-plugins-base (Moderate)	2020-12-01
oval:org.opensuse.security:def:32696	P	krb5-plugin-kdb-ldap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31130	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:26405	P	Security update for sox (Moderate)	2020-12-01
oval:org.opensuse.security:def:26346	P	Security update for irssi (Moderate)	2020-12-01
oval:org.opensuse.security:def:26492	P	Security update for icingaweb2 (Important)	2020-12-01
oval:org.opensuse.security:def:26933	P	krb5-plugin-kdb-ldap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25485	P	Security update for cups (Important)	2020-12-01
oval:org.opensuse.security:def:25358	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:25565	P	Security update for SUSE Manager Client Tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:25553	P	Security update for mutt (Important)	2020-12-01
oval:org.opensuse.security:def:32346	P	Security update for sqlite3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32407	P	Security update for wget (Moderate)	2020-12-01
oval:org.mitre.oval:def:18864	P	DSA-1276-1 krb5 - several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:22677	P	ELSA-2007:0095: krb5 security update (Critical)	2014-05-26
oval:org.mitre.oval:def:10757	V	Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Kerberos administration daemon (kadmind) and Key Distribution Center (KDC), in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via crafted arguments, possibly involving certain format string specifiers.	2013-04-29
oval:com.redhat.rhsa:def:20070095	P	RHSA-2007:0095: krb5 security update (Critical)	2008-03-20
oval:org.debian:def:1276	V	several vulnerabilities	2007-04-03