Vulnerability CVE-2008-0062 - CERT Civis.Net

Vulnerability Name:

CVE-2008-0062 (CCN-41275)

Assigned:

2008-03-18

Published:

2008-03-18

Updated:

2018-10-15

Summary:

KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer dereference or double-free.

CVSS v3 Severity:

10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2008-0062

Source: CCN
Type: Apple Web site
About Security Update 2008-002

Source: CONFIRM
Type: UNKNOWN
http://docs.info.apple.com/article.html?artnum=307562

Source: APPLE
Type: UNKNOWN
APPLE-SA-2008-03-18

Source: SUSE
Type: UNKNOWN
SUSE-SA:2008:016

Source: HP
Type: UNKNOWN
SSRT100495

Source: CCN
Type: RHSA-2008-0164
Critical: krb5 security and bugfix update

Source: CCN
Type: RHSA-2008-0180
Critical: krb5 security update

Source: CCN
Type: RHSA-2008-0181
Critical: krb5 security update

Source: CCN
Type: RHSA-2008-0182
Critical: krb5 security update

Source: CCN
Type: SA29420
Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
29420

Source: SECUNIA
Type: UNKNOWN
29423

Source: SECUNIA
Type: UNKNOWN
29424

Source: CCN
Type: SA29428
Kerberos Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
29428

Source: SECUNIA
Type: UNKNOWN
29435

Source: SECUNIA
Type: UNKNOWN
29438

Source: SECUNIA
Type: UNKNOWN
29450

Source: SECUNIA
Type: UNKNOWN
29451

Source: SECUNIA
Type: UNKNOWN
29457

Source: SECUNIA
Type: UNKNOWN
29462

Source: SECUNIA
Type: UNKNOWN
29464

Source: SECUNIA
Type: UNKNOWN
29516

Source: CCN
Type: SA29663
Novell Kerberos KDC Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
29663

Source: CCN
Type: SA30535
VMware ESX Server Multiple Security Updates

Source: SECUNIA
Type: UNKNOWN
30535

Source: CCN
Type: SECTRACK ID: 1019626
Kerberos KDC Double-Free Bug Lets Remote Users Deny Service, Obtain Information, or Execute Arbitrary Code

Source: CCN
Type: ASA-2008-144
krb5 security update (RHSA-2008-0181)

Source: CCN
Type: ASA-2008-177
krb5 security update (RHSA-2008-0180)

Source: CCN
Type: ASA-2008-178
krb5 security update (RHSA-2008-0182)

Source: CONFIRM
Type: UNKNOWN
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5022520.html

Source: CONFIRM
Type: UNKNOWN
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5022542.html

Source: CONFIRM
Type: Patch
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt

Source: CCN
Type: MIT krb5 Security Advisory 2008-001
double-free, uninitialized data vulnerabilities in krb5kdc

Source: CONFIRM
Type: UNKNOWN
http://wiki.rpath.com/Advisories:rPSA-2008-0112

Source: CONFIRM
Type: UNKNOWN
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112

Source: DEBIAN
Type: UNKNOWN
DSA-1524

Source: DEBIAN
Type: DSA-1524
krb5 -- several vulnerabilities

Source: CCN
Type: GLSA-200803-31
MIT Kerberos 5: Multiple vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200803-31

Source: CCN
Type: US-CERT VU#895609
MIT Kerberos krb4-enabled KDC contains multiple vulnerabilities

Source: CERT-VN
Type: US Government Resource
VU#895609

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:069

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:070

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:071

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0164

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0180

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0181

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0182

Source: BUGTRAQ
Type: UNKNOWN
20080318 MITKRB5-SA-2008-001: double-free, uninitialized data vulnerabilities in krb5kdc

Source: BUGTRAQ
Type: UNKNOWN
20080319 rPSA-2008-0112-1 krb5 krb5-server krb5-services krb5-test krb5-workstation

Source: BUGTRAQ
Type: UNKNOWN
20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues

Source: BID
Type: UNKNOWN
28303

Source: CCN
Type: BID-28303
MIT Kerberos 5 KDC Multiple Memory Corruption Based Information Disclosure Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1019626

Source: CCN
Type: TLSA-2008-20
Four vulnerabilities discovered in krb5

Source: CCN
Type: USN-587-1
Kerberos vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-587-1

Source: CCN
Type: VMSA-2008-0009
Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues

Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/security/advisories/VMSA-2008-0009.html

Source: VUPEN
Type: UNKNOWN
ADV-2008-0922

Source: VUPEN
Type: UNKNOWN
ADV-2008-0924

Source: VUPEN
Type: UNKNOWN
ADV-2008-1102

Source: VUPEN
Type: UNKNOWN
ADV-2008-1744

Source: XF
Type: UNKNOWN
krb5-kdc-code-execution(41275)

Source: XF
Type: UNKNOWN
krb5-kdc-code-execution(41275)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9496

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-2637

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-2647

Source: SUSE
Type: SUSE-SA:2008:016
CUPS heap overflow problem

Vulnerable Configuration:

Configuration 1:

cpe:/o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*

AND

cpe:/a:mit:kerberos_5:*:*:*:*:*:*:*:* (Version <= 1.6.3_kdc)

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration CCN 1:

cpe:/a:mit:kerberos:5-1.6.3:*:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*

OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*

OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*

OR cpe:/a:vmware:workstation:6.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.5.z::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.5.z::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.6.z:ga:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.6.z:ga:es:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*

OR cpe:/a:vmware:ace:2.0:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*

OR cpe:/a:vmware:server:1.0.3:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:*

OR cpe:/a:vmware:ace:2.0.3:*:*:*:*:*:*:*

OR cpe:/a:vmware:ace:2.0.1:*:*:*:*:*:*:*

OR cpe:/a:vmware:ace:2.0.2:*:*:*:*:*:*:*

OR cpe:/a:vmware:esx_server:3.5:*:*:*:*:*:*:*

OR cpe:/a:vmware:server:1.0:*:*:*:*:*:*:*

OR cpe:/a:vmware:fusion:1.0:*:*:*:*:*:*:*

OR cpe:/a:vmware:workstation:6.0.1:*:*:*:*:*:*:*

OR cpe:/a:vmware:workstation:6.0.2:*:*:*:*:*:*:*

OR cpe:/a:vmware:workstation:6.0.3:*:*:*:*:*:*:*

OR cpe:/a:vmware:server:1.0.1:*:*:*:*:*:*:*

OR cpe:/a:vmware:server:1.0.2:*:*:*:*:*:*:*

OR cpe:/a:vmware:server:1.0.4:*:*:*:*:*:*:*

OR cpe:/a:vmware:server:1.0.5:*:*:*:*:*:*:*

OR cpe:/a:vmware:fusion:1.1:*:*:*:*:*:*:*

OR cpe:/a:vmware:fusion:1.1.1:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20080062	V	CVE-2008-0062	2022-06-30
oval:org.opensuse.security:def:112519	P	krb5-1.19.2-2.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:42339	P	Security update for systemd (Moderate)	2022-01-11
oval:org.opensuse.security:def:26183	P	Security update for xorg-x11-server (Important)	2021-12-14
oval:org.opensuse.security:def:32241	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:31717	P	Security update for openssh (Important)	2021-12-06
oval:org.opensuse.security:def:31708	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:31709	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:32219	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-11-19
oval:org.opensuse.security:def:26161	P	Security update for samba (Important)	2021-11-10
oval:org.opensuse.security:def:42136	P	Security update for salt (Moderate)	2021-10-27
oval:org.opensuse.security:def:31283	P	Security update for apache2 (Important)	2021-10-06
oval:org.opensuse.security:def:26140	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:106010	P	krb5-1.19.2-2.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:26112	P	Security update for sssd (Important)	2021-08-30
oval:org.opensuse.security:def:31260	P	Security update for aspell (Important)	2021-08-25
oval:org.opensuse.security:def:32175	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:32153	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-07-27
oval:org.opensuse.security:def:31651	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:31209	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-06-18
oval:org.opensuse.security:def:31643	P	Security update for apache2 (Important)	2021-06-17
oval:org.opensuse.security:def:31198	P	Security update for caribou (Important)	2021-06-10
oval:org.opensuse.security:def:31197	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:36165	P	krb5-1.6.3-133.49.66.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36430	P	krb5-devel-1.6.3-133.49.66.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42572	P	krb5-1.6.3-133.49.66.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:31632	P	Security update for MozillaFirefox (Important)	2021-06-08
oval:org.opensuse.security:def:31631	P	Security update for gstreamer-plugins-bad (Important)	2021-06-07
oval:org.opensuse.security:def:26059	P	Security update for postgresql12 (Moderate)	2021-05-27
oval:org.opensuse.security:def:26055	P	Security update for hivex (Moderate)	2021-05-26
oval:org.opensuse.security:def:26056	P	Security update for curl (Moderate)	2021-05-26
oval:org.opensuse.security:def:31617	P	Security update for samba (Important)	2021-05-04
oval:org.opensuse.security:def:32085	P	Security update for tomcat (Important)	2021-04-29
oval:org.opensuse.security:def:32896	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:32065	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:26214	P	Security update for wavpack (Important)	2021-03-24
oval:org.opensuse.security:def:31352	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:33089	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:26200	P	Security update for glibc (Moderate)	2021-02-25
oval:org.opensuse.security:def:31652	P	Security update for openssh (Moderate)	2021-01-05
oval:org.opensuse.security:def:32114	P	Security update for java-1_7_1-ibm (Moderate)	2021-01-04
oval:org.opensuse.security:def:25980	P	Security update for MozillaFirefox (Critical)	2020-12-21
oval:org.opensuse.security:def:25979	P	Security update for xen (Moderate)	2020-12-18
oval:org.opensuse.security:def:32009	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:35574	P	krb5-1.6.3-133.27.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35729	P	krb5-1.6.3-133.48.48.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41981	P	krb5-1.6.3-133.27.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35932	P	krb5-1.6.3-133.49.54.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25483	P	Security update for freeradius-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:26291	P	Security update for python-reportlab (Important)	2020-12-01
oval:org.opensuse.security:def:32385	P	Security update for tightvnc (Important)	2020-12-01
oval:org.opensuse.security:def:32694	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25329	P	Security update for spice-gtk (Moderate)	2020-12-01
oval:org.opensuse.security:def:31496	P	Security update for python-imaging	2020-12-01
oval:org.opensuse.security:def:25998	P	Security update for libreoffice (Important)	2020-12-01
oval:org.opensuse.security:def:25558	P	Security update for systemd (Moderate)	2020-12-01
oval:org.opensuse.security:def:31766	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26393	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26694	P	expat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25991	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:25467	P	Security update for ucode-intel (Important)	2020-12-01
oval:org.opensuse.security:def:26490	P	Security update for pdns (Moderate)	2020-12-01
oval:org.opensuse.security:def:25767	P	Security update for DirectFB (Important)	2020-12-01
oval:org.opensuse.security:def:26711	P	gnutls on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25702	P	Security update for libvpx (Moderate)	2020-12-01
oval:org.opensuse.security:def:31796	P	Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:27163	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25280	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25908	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:32500	P	cyrus-imapd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26321	P	Security update for kcoreaddons (Moderate)	2020-12-01
oval:org.opensuse.security:def:25804	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25292	P	Security update for libX11 (Important)	2020-12-01
oval:org.opensuse.security:def:31507	P	Security update for python27 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32407	P	Security update for wget (Moderate)	2020-12-01
oval:org.opensuse.security:def:25715	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31849	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:26556	P	gmime on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26012	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:31042	P	Security update for Linux kernel	2020-12-01
oval:org.opensuse.security:def:25484	P	Security update for libqt4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26574	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25790	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:31998	P	Security update for jpeg (Moderate)	2020-12-01
oval:org.opensuse.security:def:26658	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26896	P	foomatic-filters on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31054	P	Security update for the Linux kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25622	P	Security update for wavpack (Moderate)	2020-12-01
oval:org.opensuse.security:def:31863	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:26755	P	libnetpbm10 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31400	P	Security update for perl-Archive-Zip (Moderate)	2020-12-01
oval:org.opensuse.security:def:25999	P	Security update for zziplib (Moderate)	2020-12-01
oval:org.opensuse.security:def:31818	P	Security update for audiofile (Moderate)	2020-12-01
oval:org.opensuse.security:def:25126	P	Security update for ovmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:25857	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:31951	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:27428	P	krb5-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25482	P	Security update for man (Moderate)	2020-12-01
oval:org.opensuse.security:def:31485	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:32346	P	Security update for sqlite3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32655	P	emacs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25201	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:31409	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25959	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:32451	P	Security update for xen (Moderate)	2020-12-01
oval:org.opensuse.security:def:25494	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26344	P	Security update for mbedtls (Moderate)	2020-12-01
oval:org.opensuse.security:def:25901	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:25410	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:33128	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25686	P	Security update for wicked (Important)	2020-12-01
oval:org.opensuse.security:def:31853	P	Security update for coreutils (Important)	2020-12-01
oval:org.opensuse.security:def:26432	P	Security update for ansible (Moderate)	2020-12-01
oval:org.opensuse.security:def:26729	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25551	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:31757	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:27128	P	fuse on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25824	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:31862	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:26264	P	Security update for gegl (Moderate)	2020-12-01
oval:org.opensuse.security:def:25755	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:31973	P	Security update for jakarta-taglibs-standard (Important)	2020-12-01
oval:org.opensuse.security:def:25281	P	Security update for squid (Important)	2020-12-01
oval:org.opensuse.security:def:31415	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32539	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25714	P	Security update for libpng16 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26405	P	Security update for sox (Moderate)	2020-12-01
oval:org.opensuse.security:def:25843	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:32857	P	expat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25356	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31564	P	Security update for squid3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26539	P	emacs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25726	P	Security update for python36 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31941	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:26609	P	libxslt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26258	P	Security update for openconnect (Moderate)	2020-12-01
oval:org.opensuse.security:def:31043	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25565	P	Security update for SUSE Manager Client Tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:31807	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26446	P	Security update for kconfig, kdelibs4 (Important)	2020-12-01
oval:org.opensuse.security:def:31399	P	Security update for perl (Moderate)	2020-12-01
oval:org.opensuse.security:def:25918	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26697	P	findutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26931	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25125	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31128	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:25706	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:31912	P	Security update for gcc43 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27393	P	empathy on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31411	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:32297	P	Security update for procps (Moderate)	2020-12-01
oval:org.opensuse.security:def:32017	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25137	P	Security update for SDL (Moderate)	2020-12-01
oval:org.opensuse.security:def:25910	P	Security update for gstreamer-0_10-plugins-base (Low)	2020-12-01
oval:org.mitre.oval:def:17145	P	USN-587-1 -- krb5 vulnerabilities	2014-06-30
oval:org.mitre.oval:def:20288	P	DSA-1524-1 krb5 - multiple vulnerabilities	2014-06-23
oval:org.mitre.oval:def:8094	P	DSA-1524 krb5 -- several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:22707	P	ELSA-2008:0164: krb5 security and bugfix update (Critical)	2014-05-26
oval:org.mitre.oval:def:9496	V	KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer dereference or double-free.	2013-04-29
oval:com.redhat.rhsa:def:20080164	P	RHSA-2008:0164: krb5 security and bugfix update (Critical)	2008-03-18
oval:com.redhat.rhsa:def:20080180	P	RHSA-2008:0180: krb5 security update (Critical)	2008-03-18
oval:com.redhat.rhsa:def:20080181	P	RHSA-2008:0181: krb5 security update (Critical)	2008-03-18
oval:org.debian:def:1524	V	several vulnerabilities	2008-03-18