Vulnerabilites related to mit - kerberos
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cygnus:cygnus_network_security:4.0:*:*:*:*:*:*:*", matchCriteriaId: "05857121-8827-45FD-886F-4269E0336036", vulnerable: true, }, { criteria: "cpe:2.3:a:cygnus:kerbnet:5.0:*:*:*:*:*:*:*", matchCriteriaId: "EE1B0821-64F1-46E3-8DD3-12FFD1B037F5", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:4.0:*:*:*:*:*:*:*", matchCriteriaId: "AFB8BD89-F049-4C3B-8744-E8D00D752DE0", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*", matchCriteriaId: "08FA60A9-10E1-4ACD-819C-17801FAD7671", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", matchCriteriaId: "344610A8-DB6D-4407-9304-916C419F648C", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", matchCriteriaId: "B7EC2B95-4715-4EC9-A10A-2542501F8A61", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", matchCriteriaId: "64775BEF-2E53-43CA-8639-A7E54F6F4222", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges.", }, ], id: "CVE-2000-0389", lastModified: "2024-11-20T23:32:23.580", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2000-05-16T04:00:00.000", references: [ { source: "cve@mitre.org", url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html", }, { source: "cve@mitre.org", url: "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2000-06.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2000-025.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/1220", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2000-06.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2000-025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/1220", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
mit | kerberos | 1.0 | |
mit | kerberos | 1.0.8 | |
mit | kerberos | 1.2.2.beta1 | |
mit | kerberos_5 | 1.0 | |
mit | kerberos_5 | 1.0.6 | |
mit | kerberos_5 | 1.1 | |
mit | kerberos_5 | 1.1.1 | |
mit | kerberos_5 | 1.2 | |
mit | kerberos_5 | 1.2 | |
mit | kerberos_5 | 1.2 | |
mit | kerberos_5 | 1.2.1 | |
mit | kerberos_5 | 1.2.2 | |
mit | kerberos_5 | 1.2.3 | |
mit | kerberos_5 | 1.2.4 | |
mit | kerberos_5 | 1.2.5 | |
mit | kerberos_5 | 1.2.6 | |
mit | kerberos_5 | 1.2.7 | |
mit | kerberos_5 | 1.3 | |
mit | kerberos_5 | 1.3 | |
mit | kerberos_5 | 1.3.3 | |
sgi | propack | 2.4 | |
sgi | propack | 3.0 | |
sun | seam | 1.0 | |
sun | seam | 1.0.1 | |
sun | seam | 1.0.2 | |
tinysofa | tinysofa_enterprise_server | 1.0 | |
tinysofa | tinysofa_enterprise_server | 1.0_u1 | |
sun | solaris | 8.0 | |
sun | solaris | 9.0 | |
sun | solaris | 9.0 | |
sun | sunos | 5.8 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:1.0:*:*:*:*:*:*:*", matchCriteriaId: "ACC18A69-28AC-4DED-AA9D-B050709A9D43", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:1.0.8:*:*:*:*:*:*:*", matchCriteriaId: "85336612-6B0A-46B0-B2E2-FF60A4D4DD01", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:1.2.2.beta1:*:*:*:*:*:*:*", matchCriteriaId: "D65D5B46-F8BD-41C4-86F2-D495F1EB4F47", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*", matchCriteriaId: "08FA60A9-10E1-4ACD-819C-17801FAD7671", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:*", matchCriteriaId: "E8973E93-0BBE-4BD3-9983-F6480FFEA228", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*", matchCriteriaId: "7A37987D-22F9-47AC-A07A-380F7E509BFE", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*", matchCriteriaId: "BE8C0C82-749E-4837-88F8-FB56A753B094", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2:beta1:*:*:*:*:*:*", matchCriteriaId: "4EA5E4B3-AD02-4E87-822B-8A6C91DA65FA", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2:beta2:*:*:*:*:*:*", matchCriteriaId: "1A0B70C1-476D-4FAF-BA96-CB3EB32B7BC5", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "8AD672FA-918D-48CB-BC03-4E412AF0DCCC", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "D0B363A4-BB7A-48A2-AE6B-BD2DDD46E7CB", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*", matchCriteriaId: "74EF42A5-EC47-4475-81D6-FD1E9C2B8A3C", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*", matchCriteriaId: "30F2CBEF-6FA1-4E07-8163-6AFEDC93FCE5", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*", matchCriteriaId: "D133CB0D-8A54-4DAA-9FE8-0B367544DE65", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*", matchCriteriaId: "7B2C23BD-1995-4F09-B444-87DDDE21817E", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*", matchCriteriaId: "EEF118BE-6351-4768-A3F0-DFE0065273D9", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*", matchCriteriaId: "7F01A83F-3BD1-4DED-979A-B4B6B23039FD", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*", matchCriteriaId: "6B1422F8-CC87-46EA-8649-A12D6E47335D", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*", matchCriteriaId: "F953CEBA-BAC0-48DF-A3D0-1FABCC9963E2", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", matchCriteriaId: "0702A32E-E577-403C-B4D9-15037D7100A5", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", matchCriteriaId: "29DC217F-C257-4A3C-9CBD-08010C30BEC3", vulnerable: true, }, { criteria: "cpe:2.3:a:sun:seam:1.0:*:*:*:*:*:*:*", matchCriteriaId: "401CA0B3-2C25-4E6A-B0A0-C5AC4E69F14A", vulnerable: true, }, { criteria: "cpe:2.3:a:sun:seam:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "111DAAB7-2309-4951-85F1-866D2D532528", vulnerable: true, }, { criteria: "cpe:2.3:a:sun:seam:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "CD6C1EDF-259A-4DE1-9E43-35671FBA9662", vulnerable: true, }, { criteria: "cpe:2.3:a:tinysofa:tinysofa_enterprise_server:1.0:*:*:*:*:*:*:*", matchCriteriaId: "A407E66E-FC1D-45E8-81C7-126472F5E7B3", vulnerable: true, }, { criteria: "cpe:2.3:a:tinysofa:tinysofa_enterprise_server:1.0_u1:*:*:*:*:*:*:*", matchCriteriaId: "83A54042-FC1E-4DE9-BA3A-8839131E32BC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*", matchCriteriaId: "1894C542-AA81-40A9-BF47-AE24C93C1ACB", vulnerable: true, }, { criteria: "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*", matchCriteriaId: "A711CDC2-412C-499D-9FA6-7F25B06267C6", vulnerable: true, }, { criteria: "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*", matchCriteriaId: "0B837BB7-5F62-4CD5-9C64-8553C28EA8A7", vulnerable: true, }, { criteria: "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*", matchCriteriaId: "A2475113-CFE4-41C8-A86F-F2DA6548D224", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.", }, { lang: "es", value: "Múltiples desbordamientos de búfer en krb5_aname_to_localname en MIT Kerberos 5 (krb5) 1.3.3 y anteriores permite a atacantes remtos ejecutar código de su elección como root", }, ], id: "CVE-2004-0523", lastModified: "2024-11-20T23:48:46.973", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-08-18T04:00:00.000", references: [ { source: "cve@mitre.org", url: "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc", }, { source: "cve@mitre.org", url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { source: "cve@mitre.org", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000860", }, { source: "cve@mitre.org", url: "http://lwn.net/Articles/88206/", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=108612325909496&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=108619161815320&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=108619250923790&w=2", }, { source: "cve@mitre.org", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101512-1", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2004/dsa-520", }, { source: "cve@mitre.org", url: "http://www.gentoo.org/security/en/glsa/glsa-200406-21.xml", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/686862", }, { source: "cve@mitre.org", url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:056", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2004-236.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/10448", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16268", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10295", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2002", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A724", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A991", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000860", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lwn.net/Articles/88206/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=108612325909496&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=108619161815320&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=108619250923790&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101512-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2004/dsa-520", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.gentoo.org/security/en/glsa/glsa-200406-21.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/686862", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:056", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2004-236.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/10448", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16268", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10295", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2002", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A724", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A991", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
mit | kerberos | 5-1.6.3 | |
mit | kerberos_5 | 1.6 | |
mit | kerberos_5 | 1.6.1 | |
mit | kerberos_5 | 1.6.2 | |
mit | kerberos_5 | 1.7 | |
mit | kerberos_5 | 1.7.1 | |
mit | kerberos_5 | 1.8 | |
mit | kerberos_5 | 1.8.1 | |
mit | kerberos_5 | 1.8.2 | |
mit | kerberos_5 | 1.8.3 | |
mit | kerberos_5 | 1.9 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:5-1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "032730AE-1E53-4CA2-96FD-AD60CD27F3CA", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", matchCriteriaId: "2C382DAA-68D2-4DD9-BE29-8EEB0BAF1A7A", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", matchCriteriaId: "73BB258E-51CF-4D12-836B-BCEA587A3F5F", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "F81DE01C-BA3B-40B4-BD85-17692F0AF8A8", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", matchCriteriaId: "DFB1190E-BE7A-4C6B-862D-D5747C64E980", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "4B09C090-B842-43C7-B8A6-DBF63D80FEC3", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", matchCriteriaId: "36823B2B-5C72-4FF3-9301-FB263EB8CE09", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", matchCriteriaId: "59AFA33E-FEBC-45F5-9EC6-8AA363163FB5", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", matchCriteriaId: "04D83332-B2FD-4E86-A76C-C3F1CD3B3A31", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", matchCriteriaId: "758A0011-20ED-414A-9DF3-50A161DF8BC2", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", matchCriteriaId: "86738633-C081-4440-9F75-A775D6DF2228", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \\n sequence.", }, { lang: "es", value: "La implementación unparse en el Key Distribution Center (KDC) de MIT Kerberos v5 (también conocido como krb5) v1.6.x a v1.9, cuando se usa un backend LDAP, permite a atacantes remotos provocar una denegación de servicio (agotamiento de descriptor de archivo y bloqueo del demonio) a través de un nombre principal que desencadena el uso de una secuencia de escape barra diagonal inversa, como se demuestra por una secuencia de \\n.", }, ], id: "CVE-2011-0281", lastModified: "2024-11-21T01:23:41.997", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2011-02-10T18:00:55.237", references: [ { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html", }, { source: "cve@mitre.org", url: "http://mailman.mit.edu/pipermail/kerberos/2010-December/016800.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/43260", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/43273", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/43275", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/46397", }, { source: "cve@mitre.org", url: "http://securityreason.com/securityalert/8073", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:024", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:025", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2011-0199.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2011-0200.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/516299/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/520102/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/46265", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id?1025037", }, { source: "cve@mitre.org", url: "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2011/0330", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2011/0333", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2011/0347", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2011/0464", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65324", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://mailman.mit.edu/pipermail/kerberos/2010-December/016800.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/43260", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/43273", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/43275", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/46397", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securityreason.com/securityalert/8073", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:025", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2011-0199.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2011-0200.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/516299/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/520102/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/46265", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id?1025037", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2011/0330", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2011/0333", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2011/0347", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2011/0464", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65324", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-310", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:4:*:*:*:*:*:*:*", matchCriteriaId: "45E4C7CB-044F-47C6-AB40-9D3542CB6326", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an attacker to create krb4 tickets for unauthorized principals using a cut-and-paste attack and \"ticket splicing.\"", }, { lang: "es", value: "Ciertas debilidades en la implementación de la versión 4 del protocolo Kerberos (krb4) en la distribución krb5, cuando se usan claves triple-DES para serviciso clave krb4, permite a un atacante crear tiques para principales no autorizados usando un ataque de \"cortar y pegar\" y \"empalme de tiques\".", }, ], id: "CVE-2003-0139", lastModified: "2024-11-20T23:44:04.003", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2003-03-24T05:00:00.000", references: [ { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=104791775804776&w=2", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2003/dsa-266", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2003/dsa-273", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/442569", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2003-051.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2003-052.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2003-091.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/317130/30/25250/threaded", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A250", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=104791775804776&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2003/dsa-266", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2003/dsa-273", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/442569", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2003-051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2003-052.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2003-091.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/317130/30/25250/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A250", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
mit | kerberos | 1.0 | |
mit | kerberos | 1.2.2.beta1 | |
mit | kerberos_5 | 1.0.6 | |
mit | kerberos_5 | 1.1 | |
mit | kerberos_5 | 1.1.1 | |
mit | kerberos_5 | 1.2 | |
mit | kerberos_5 | 1.2.1 | |
mit | kerberos_5 | 1.2.2 | |
mit | kerberos_5 | 1.2.3 | |
mit | kerberos_5 | 1.2.4 | |
mit | kerberos_5 | 1.2.5 | |
mit | kerberos_5 | 1.2.6 | |
mit | kerberos_5 | 1.2.7 | |
mit | kerberos_5 | 1.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:1.0:*:*:*:*:*:*:*", matchCriteriaId: "ACC18A69-28AC-4DED-AA9D-B050709A9D43", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:1.2.2.beta1:*:*:*:*:*:*:*", matchCriteriaId: "D65D5B46-F8BD-41C4-86F2-D495F1EB4F47", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:*", matchCriteriaId: "E8973E93-0BBE-4BD3-9983-F6480FFEA228", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*", matchCriteriaId: "7A37987D-22F9-47AC-A07A-380F7E509BFE", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*", matchCriteriaId: "BE8C0C82-749E-4837-88F8-FB56A753B094", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "8AD672FA-918D-48CB-BC03-4E412AF0DCCC", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "D0B363A4-BB7A-48A2-AE6B-BD2DDD46E7CB", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*", matchCriteriaId: "74EF42A5-EC47-4475-81D6-FD1E9C2B8A3C", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*", matchCriteriaId: "30F2CBEF-6FA1-4E07-8163-6AFEDC93FCE5", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*", matchCriteriaId: "D133CB0D-8A54-4DAA-9FE8-0B367544DE65", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*", matchCriteriaId: "7B2C23BD-1995-4F09-B444-87DDDE21817E", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*", matchCriteriaId: "EEF118BE-6351-4768-A3F0-DFE0065273D9", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*", matchCriteriaId: "6B1422F8-CC87-46EA-8649-A12D6E47335D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap (aka \"buffer underrun\").", }, { lang: "es", value: "El KDC (Centro de Distribución de Claves) en Kerberos 5 (krb5) 1.2.7 y anteriores, permite a atacantes remotos autentificados, causar la Denegación de Servicios (caída) en KDCs dentro del mismo dominio utilizando cierta petición de protocolo que produce la corrupción de la pila del KDC (también conocida como 'buffer underrun').", }, ], id: "CVE-2003-0082", lastModified: "2024-11-20T23:43:54.517", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2003-04-02T05:00:00.000", references: [ { source: "cve@mitre.org", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-54042-1", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2003/dsa-266", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2003-051.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2003-052.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2003-091.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/7185", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A244", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2536", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4430", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-54042-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2003/dsa-266", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2003-051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2003-052.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2003-091.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/7185", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A244", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2536", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4430", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
mit | kerberos | 5-1.5.4 | |
mit | kerberos_5 | 1.3 | |
mit | kerberos_5 | 1.3 | |
mit | kerberos_5 | 1.3.1 | |
mit | kerberos_5 | 1.3.2 | |
mit | kerberos_5 | 1.3.3 | |
mit | kerberos_5 | 1.3.4 | |
mit | kerberos_5 | 1.3.5 | |
mit | kerberos_5 | 1.3.6 | |
mit | kerberos_5 | 1.4 | |
mit | kerberos_5 | 1.4.1 | |
mit | kerberos_5 | 1.4.2 | |
mit | kerberos_5 | 1.4.3 | |
mit | kerberos_5 | 1.4.4 | |
mit | kerberos_5 | 1.5 | |
mit | kerberos_5 | 1.5.1 | |
mit | kerberos_5 | 1.5.2 | |
mit | kerberos_5 | 1.5.3 | |
mit | kerberos_5 | 1.6 | |
mit | kerberos_5 | 1.6.1 | |
mit | kerberos_5 | 1.6.2 | |
mit | kerberos_5 | 1.7 | |
mit | kerberos_5 | 1.7.1 | |
mit | kerberos_5 | 1.8 | |
mit | kerberos_5 | 1.8.1 | |
mit | kerberos_5 | 1.8.2 | |
mit | kerberos_5 | 1.8.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:5-1.5.4:*:*:*:*:*:*:*", matchCriteriaId: "5029A563-699D-4D65-8E94-01E44FD8EF01", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*", matchCriteriaId: "7F01A83F-3BD1-4DED-979A-B4B6B23039FD", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*", matchCriteriaId: "6B1422F8-CC87-46EA-8649-A12D6E47335D", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "ACEB5A36-8F72-417A-AC92-149612EC7BCB", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:*", matchCriteriaId: "7B8704B5-F37B-4C61-A924-3774A29BFEB3", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*", matchCriteriaId: "F953CEBA-BAC0-48DF-A3D0-1FABCC9963E2", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*", matchCriteriaId: "ED81A044-8A7B-4EEF-A4B3-EA49D76FAAED", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.3.5:*:*:*:*:*:*:*", matchCriteriaId: "30AA5727-BD83-45CF-B308-BA5F8A577B9D", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.3.6:*:*:*:*:*:*:*", matchCriteriaId: "0E088E64-6FBD-4148-8F78-506364B7BB1E", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:*", matchCriteriaId: "52F0EECF-7787-442B-9888-D22F7D36C3DE", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*", matchCriteriaId: "EF344AED-BE00-4A9B-A9DE-C6FB0BEE4617", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*", matchCriteriaId: "567406CA-58D8-453E-B36E-6D1D2EFC8EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*", matchCriteriaId: "7830E03F-A813-4E35-893E-BF27395CEFB3", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*", matchCriteriaId: "7764411E-C056-4696-822E-235F2620FAC4", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*", matchCriteriaId: "4DD315AE-868B-4061-BF01-CDBF59B02499", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*", matchCriteriaId: "B639DD5F-71C7-4D9B-BA5C-51CAF64140B6", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*", matchCriteriaId: "2B904DCE-D59F-45C7-A814-DE42CF02792D", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*", matchCriteriaId: "9957FE9E-1E89-4C27-852C-44F866A1834E", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", matchCriteriaId: "2C382DAA-68D2-4DD9-BE29-8EEB0BAF1A7A", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", matchCriteriaId: "73BB258E-51CF-4D12-836B-BCEA587A3F5F", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "F81DE01C-BA3B-40B4-BD85-17692F0AF8A8", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", matchCriteriaId: "DFB1190E-BE7A-4C6B-862D-D5747C64E980", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "4B09C090-B842-43C7-B8A6-DBF63D80FEC3", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", matchCriteriaId: "36823B2B-5C72-4FF3-9301-FB263EB8CE09", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", matchCriteriaId: "59AFA33E-FEBC-45F5-9EC6-8AA363163FB5", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", matchCriteriaId: "04D83332-B2FD-4E86-A76C-C3F1CD3B3A31", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", matchCriteriaId: "758A0011-20ED-414A-9DF3-50A161DF8BC2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys.", }, { lang: "es", value: "MIT Kerberos 5 (también conocido como krb5) v1.3.x, v1.4.x, v1.5.x, v1.6.x, v1.7.x, y v1.8.x hasta v1.8.3 no determina correctamente la aceptabilidad de las sumas de comprobación, lo que podría permitir a un atacante remoto modificar el user-visible prompt text, modificar una respuesta para el KDC (Key Distribution Center) o falsificar un mensaje KRB-SAFE mediante ciertas sumas de comprobación que (1) están sin clave o (2) usan claves RC4.", }, ], id: "CVE-2010-1323", lastModified: "2024-11-21T01:14:08.670", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.6, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 4.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2010-12-02T16:22:20.847", references: [ { source: "cve@mitre.org", url: "http://kb.vmware.com/kb/1035108", }, { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html", }, { source: "cve@mitre.org", url: "http://lists.vmware.com/pipermail/security-announce/2011/000133.html", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=129562442714657&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=129562442714657&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { source: "cve@mitre.org", url: "http://osvdb.org/69610", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/42399", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/42420", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/42436", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/43015", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/46397", }, { source: "cve@mitre.org", url: "http://support.apple.com/kb/HT4581", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2010/dsa-2129", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:245", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:246", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2010-0925.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2010-0926.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/514953/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/517739/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/520102/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/45118", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id?1024803", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-1030-1", }, { source: "cve@mitre.org", url: "http://www.vmware.com/security/advisories/VMSA-2011-0007.html", }, { source: "cve@mitre.org", url: "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2010/3094", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2010/3095", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2010/3101", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2010/3118", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2011/0187", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12121", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://kb.vmware.com/kb/1035108", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.vmware.com/pipermail/security-announce/2011/000133.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=129562442714657&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=129562442714657&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://osvdb.org/69610", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/42399", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/42420", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/42436", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/43015", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/46397", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.apple.com/kb/HT4581", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2010/dsa-2129", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:245", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:246", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2010-0925.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2010-0926.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/514953/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/517739/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/520102/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/45118", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id?1024803", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-1030-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/security/advisories/VMSA-2011-0007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2010/3094", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2010/3095", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2010/3101", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2010/3118", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2011/0187", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12121", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-310", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html | Broken Link | |
cve@mitre.org | http://ciac.llnl.gov/ciac/bulletins/k-051.shtml | Broken Link | |
cve@mitre.org | http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt | Patch, Vendor Advisory | |
cve@mitre.org | http://www.cert.org/advisories/CA-2000-11.html | Third Party Advisory, US Government Resource | |
cve@mitre.org | http://www.securityfocus.com/bid/1338 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html | Broken Link | |
af854a3a-2127-422b-91ae-364da2661108 | http://ciac.llnl.gov/ciac/bulletins/k-051.shtml | Broken Link | |
af854a3a-2127-422b-91ae-364da2661108 | http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.cert.org/advisories/CA-2000-11.html | Third Party Advisory, US Government Resource | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1338 | Third Party Advisory, VDB Entry |
Vendor | Product | Version | |
---|---|---|---|
cygnus_network_security_project | cygnus_network_security | - | |
kerbnet_project | kerbnet | - | |
mit | kerberos | * | |
mit | kerberos | 4.0 | |
mit | kerberos | 4.0 | |
mit | kerberos_5 | * | |
mit | kerberos_5 | 1.1 | |
mit | kerberos_5 | 1.1.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cygnus_network_security_project:cygnus_network_security:-:*:*:*:*:*:*:*", matchCriteriaId: "F324E654-8799-45DE-8ECA-779D33033CFE", vulnerable: true, }, { criteria: "cpe:2.3:a:kerbnet_project:kerbnet:-:*:*:*:*:*:*:*", matchCriteriaId: "A69B5EEC-B360-4F74-839C-1E4909C71126", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:*:*:*:*:*:*:*:*", matchCriteriaId: "83B5C118-EB9E-4CA1-B27A-5D245E334E27", versionEndExcluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:4.0:-:*:*:*:*:*:*", matchCriteriaId: "14393125-C495-47AF-ACC9-EF739A606DAB", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:4.0:patch10:*:*:*:*:*:*", matchCriteriaId: "C7EDE7F6-5216-40F3-8C31-C3544CDFFBEF", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", matchCriteriaId: "EC79658F-1838-40CA-AFB1-3E2B43E339CB", versionEndIncluding: "1.0.7", versionStartIncluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*", matchCriteriaId: "7A37987D-22F9-47AC-A07A-380F7E509BFE", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function.", }, ], id: "CVE-2000-0546", lastModified: "2024-11-20T23:32:44.983", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2000-06-09T04:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2000-11.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/1338", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2000-11.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/1338", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
mit | kerberos | 5-1.6.3 | |
mit | kerberos_5 | - | |
mit | kerberos_5 | 1.5 | |
mit | kerberos_5 | 1.5.1 | |
mit | kerberos_5 | 1.5.2 | |
mit | kerberos_5 | 1.5.3 | |
mit | kerberos_5 | 1.6 | |
mit | kerberos_5 | 1.6.1 | |
mit | kerberos_5 | 1.6.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:5-1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "032730AE-1E53-4CA2-96FD-AD60CD27F3CA", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:-:*:*:*:*:*:*:*", matchCriteriaId: "589D7E39-A243-49F9-8F67-4B9E92AE87DF", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*", matchCriteriaId: "4DD315AE-868B-4061-BF01-CDBF59B02499", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*", matchCriteriaId: "B639DD5F-71C7-4D9B-BA5C-51CAF64140B6", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*", matchCriteriaId: "2B904DCE-D59F-45C7-A814-DE42CF02792D", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*", matchCriteriaId: "9957FE9E-1E89-4C27-852C-44F866A1834E", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", matchCriteriaId: "2C382DAA-68D2-4DD9-BE29-8EEB0BAF1A7A", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", matchCriteriaId: "73BB258E-51CF-4D12-836B-BCEA587A3F5F", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "F81DE01C-BA3B-40B4-BD85-17692F0AF8A8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote attackers to cause a denial of service (daemon crash) and possibly obtain sensitive information via a crafted length value that triggers a buffer over-read.", }, { lang: "es", value: "La función get_input_token en la implementación SPNEGO de MIT Kerberos 5 (también conocido como krb5) v1.5 hasta v1.6.3 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) y posiblemente obtener información sensible a través de un valor length modificado que dispara una sobrescritura del búfer.", }, ], id: "CVE-2009-0844", lastModified: "2024-11-21T01:01:02.553", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2009-04-09T00:30:00.250", references: [ { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34594", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34617", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34622", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34628", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34630", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34637", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34640", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34734", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/35074", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200904-09.xml", }, { source: "cve@mitre.org", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256728-1", }, { source: "cve@mitre.org", url: "http://support.apple.com/kb/HT3549", }, { source: "cve@mitre.org", url: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", }, { source: "cve@mitre.org", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", }, { source: "cve@mitre.org", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", }, { source: "cve@mitre.org", url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-001.txt", }, { source: "cve@mitre.org", url: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", }, { source: "cve@mitre.org", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", }, { source: "cve@mitre.org", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", }, { source: "cve@mitre.org", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/662091", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:098", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2009-0408.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/502526/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/502546/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/34408", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id?1021867", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/usn-755-1", }, { source: "cve@mitre.org", tags: [ "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2009/0960", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2009/0976", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2009/1057", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2009/1106", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2009/1297", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2009/2248", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6339", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9474", }, { source: "cve@mitre.org", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html", }, { source: "cve@mitre.org", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34594", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34617", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34622", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34628", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34630", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34637", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34640", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34734", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/35074", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200904-09.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256728-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.apple.com/kb/HT3549", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-001.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/662091", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:098", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2009-0408.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/502526/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/502546/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/34408", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id?1021867", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/usn-755-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2009/0960", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2009/0976", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2009/1057", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2009/1106", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2009/1297", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2009/2248", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6339", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9474", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
mit | kerberos | 5-1.6.3 | |
mit | kerberos_5 | 1.3 | |
mit | kerberos_5 | 1.3.1 | |
mit | kerberos_5 | 1.3.2 | |
mit | kerberos_5 | 1.3.3 | |
mit | kerberos_5 | 1.3.4 | |
mit | kerberos_5 | 1.3.5 | |
mit | kerberos_5 | 1.3.6 | |
mit | kerberos_5 | 1.4 | |
mit | kerberos_5 | 1.4.1 | |
mit | kerberos_5 | 1.4.2 | |
mit | kerberos_5 | 1.4.3 | |
mit | kerberos_5 | 1.4.4 | |
mit | kerberos_5 | 1.5 | |
mit | kerberos_5 | 1.5.1 | |
mit | kerberos_5 | 1.5.2 | |
mit | kerberos_5 | 1.5.3 | |
mit | kerberos_5 | 1.6 | |
mit | kerberos_5 | 1.6.1 | |
mit | kerberos_5 | 1.6.2 | |
mit | kerberos_5 | 1.7 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:5-1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "032730AE-1E53-4CA2-96FD-AD60CD27F3CA", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*", matchCriteriaId: "7F01A83F-3BD1-4DED-979A-B4B6B23039FD", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "ACEB5A36-8F72-417A-AC92-149612EC7BCB", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:*", matchCriteriaId: "7B8704B5-F37B-4C61-A924-3774A29BFEB3", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*", matchCriteriaId: "F953CEBA-BAC0-48DF-A3D0-1FABCC9963E2", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*", matchCriteriaId: "ED81A044-8A7B-4EEF-A4B3-EA49D76FAAED", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.3.5:*:*:*:*:*:*:*", matchCriteriaId: "30AA5727-BD83-45CF-B308-BA5F8A577B9D", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.3.6:*:*:*:*:*:*:*", matchCriteriaId: "0E088E64-6FBD-4148-8F78-506364B7BB1E", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:*", matchCriteriaId: "52F0EECF-7787-442B-9888-D22F7D36C3DE", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*", matchCriteriaId: "EF344AED-BE00-4A9B-A9DE-C6FB0BEE4617", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*", matchCriteriaId: "567406CA-58D8-453E-B36E-6D1D2EFC8EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*", matchCriteriaId: "7830E03F-A813-4E35-893E-BF27395CEFB3", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*", matchCriteriaId: "7764411E-C056-4696-822E-235F2620FAC4", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*", matchCriteriaId: "4DD315AE-868B-4061-BF01-CDBF59B02499", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*", matchCriteriaId: "B639DD5F-71C7-4D9B-BA5C-51CAF64140B6", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*", matchCriteriaId: "2B904DCE-D59F-45C7-A814-DE42CF02792D", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*", matchCriteriaId: "9957FE9E-1E89-4C27-852C-44F866A1834E", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", matchCriteriaId: "2C382DAA-68D2-4DD9-BE29-8EEB0BAF1A7A", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", matchCriteriaId: "73BB258E-51CF-4D12-836B-BCEA587A3F5F", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "F81DE01C-BA3B-40B4-BD85-17692F0AF8A8", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", matchCriteriaId: "DFB1190E-BE7A-4C6B-862D-D5747C64E980", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.", }, { lang: "es", value: "Múltiples vulnerabilidades de desbordamiento de entero en la funcionalidad de desencriptado AES y RC4 en la biblioteca crypto en MIT Kerberos 5 (también conocido comokrb5) v1.3 a la v1.6.3, y 1.7 anterior a v1.7.1, permite a atacantes remotos provocar una denegación de servición (caída de demonio) o posiblemente la ejecución de código de su elección facilitando texto cifrado (ciphertext) con un tamaño menor al válido.", }, ], evaluatorImpact: "Per: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt\r\n\r\n\r\n\"Only releases krb5-1.3 and later are vulnerable, as\r\nearlier releases did not contain the functionality implemented by the\r\nvulnerable code.\r\n\r\nThis is an implementation vulnerability in MIT krb5, and is not a\r\nvulnerability in the Kerberos protocol.\"", evaluatorSolution: "Per: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt\r\n\r\n\r\nFIXES\r\n=====\r\n\r\n* The upcoming krb5-1.7.1 and krb5-1.6.4 releases will contain a fix\r\n for this vulnerability.\r\n\r\n* For the krb5-1.7 release, apply the patch available at:\r\n\r\n http://web.mit.edu/kerberos/advisories/2009-004-patch_1.7.txt\r\n\r\n A PGP-signed patch is available at\r\n\r\n http://web.mit.edu/kerberos/advisories/2009-004-patch_1.7.txt.asc\r\n\r\n\r\n* For the krb5-1.6 releases, apply the patch available at:\r\n\r\n http://web.mit.edu/kerberos/advisories/2009-004-patch_1.6.3.txt\r\n\r\n A PGP-signed patch is available at\r\n\r\n http://web.mit.edu/kerberos/advisories/2009-004-patch_1.6.3.txt.asc\r\n\r\n* The krb5-1.6.3 patch might apply successfully to older releases.\r\n", id: "CVE-2009-4212", lastModified: "2024-11-21T01:09:10.027", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2010-01-13T19:30:00.607", references: [ { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/38080", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/38108", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/38126", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/38140", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/38184", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/38203", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/38696", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/40220", }, { source: "cve@mitre.org", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1", }, { source: "cve@mitre.org", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1", }, { source: "cve@mitre.org", url: "http://support.apple.com/kb/HT4188", }, { source: "cve@mitre.org", url: "http://support.avaya.com/css/P8/documents/100074869", }, { source: "cve@mitre.org", url: "http://ubuntu.com/usn/usn-881-1", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2010/dsa-1969", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:006", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/37749", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id?1023440", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2010/0096", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2010/0129", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2010/1481", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=545015", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192", }, { source: "cve@mitre.org", url: "https://rhn.redhat.com/errata/RHSA-2010-0029.html", }, { source: "cve@mitre.org", url: "https://rhn.redhat.com/errata/RHSA-2010-0095.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/38080", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/38108", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/38126", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/38140", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/38184", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/38203", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/38696", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/40220", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.apple.com/kb/HT4188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.avaya.com/css/P8/documents/100074869", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://ubuntu.com/usn/usn-881-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2010/dsa-1969", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:006", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/37749", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id?1023440", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2010/0096", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2010/0129", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2010/1481", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=545015", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://rhn.redhat.com/errata/RHSA-2010-0029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://rhn.redhat.com/errata/RHSA-2010-0095.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-189", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
debian | debian_linux | 7.0 | |
mit | kerberos | 5-1.8 | |
mit | kerberos | 5-1.10.5 | |
mit | kerberos | 5-1.10.6 | |
mit | kerberos | 5-1.10.7 | |
mit | kerberos_5 | 1.7 | |
mit | kerberos_5 | 1.7.1 | |
mit | kerberos_5 | 1.8 | |
mit | kerberos_5 | 1.8.1 | |
mit | kerberos_5 | 1.8.2 | |
mit | kerberos_5 | 1.8.3 | |
mit | kerberos_5 | 1.8.4 | |
mit | kerberos_5 | 1.8.5 | |
mit | kerberos_5 | 1.8.6 | |
mit | kerberos_5 | 1.9 | |
mit | kerberos_5 | 1.9.1 | |
mit | kerberos_5 | 1.9.2 | |
mit | kerberos_5 | 1.9.3 | |
mit | kerberos_5 | 1.9.4 | |
mit | kerberos_5 | 1.10 | |
mit | kerberos_5 | 1.10.1 | |
mit | kerberos_5 | 1.10.2 | |
mit | kerberos_5 | 1.10.3 | |
mit | kerberos_5 | 1.10.4 | |
mit | kerberos_5 | 1.11 | |
mit | kerberos_5 | 1.11.1 | |
mit | kerberos_5 | 1.11.2 | |
mit | kerberos_5 | 1.11.3 | |
mit | kerberos_5 | 1.11.4 | |
mit | kerberos_5 | 1.12 | |
mit | kerberos_5 | 1.12.1 | |
redhat | enterprise_linux_desktop | 7.0 | |
redhat | enterprise_linux_hpc_node | 7.0 | |
redhat | enterprise_linux_server | 7.0 | |
redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:5-1.8:alpha1:*:*:*:*:*:*", matchCriteriaId: "932A9238-B5F1-440B-92B8-1CD17A2CC274", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:5-1.10.5:*:*:*:*:*:*:*", matchCriteriaId: "42238DD3-2CFB-4F88-9CB6-A2B6F71DBB9D", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:5-1.10.6:*:*:*:*:*:*:*", matchCriteriaId: "B8D48B3D-DE6C-47DA-8002-659AED084A04", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:5-1.10.7:*:*:*:*:*:*:*", matchCriteriaId: "DB845405-97B7-4609-A61E-68C5CCD374EA", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", matchCriteriaId: "DFB1190E-BE7A-4C6B-862D-D5747C64E980", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "4B09C090-B842-43C7-B8A6-DBF63D80FEC3", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", matchCriteriaId: "36823B2B-5C72-4FF3-9301-FB263EB8CE09", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", matchCriteriaId: "59AFA33E-FEBC-45F5-9EC6-8AA363163FB5", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", matchCriteriaId: "04D83332-B2FD-4E86-A76C-C3F1CD3B3A31", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", matchCriteriaId: "758A0011-20ED-414A-9DF3-50A161DF8BC2", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*", matchCriteriaId: "7768AED0-AE4C-4D4E-8D5D-5B618AB82966", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*", matchCriteriaId: "534104C5-966E-4740-A354-4F6C210FF25B", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*", matchCriteriaId: "78AF5659-C0E3-49C4-9CA7-FC3917C8AC49", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", matchCriteriaId: "86738633-C081-4440-9F75-A775D6DF2228", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*", matchCriteriaId: "C7BCFFEE-EA7A-4F26-97AA-31128A179745", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*", matchCriteriaId: "91A2D7F5-EBDE-4000-AC78-8DD6472E685A", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*", matchCriteriaId: "8E92BFA5-723E-4843-A8D8-BC1D32F34569", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*", matchCriteriaId: "34C27198-9B55-42FB-AA21-D8B4EB60D926", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", matchCriteriaId: "FC504264-A9E9-4433-B7AA-6D5015A93FF3", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", matchCriteriaId: "77FA352F-520C-4C05-AD52-FC8586DB16B1", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", matchCriteriaId: "9FFB18F7-CB08-4AE4-9DEC-55D047819A0A", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", matchCriteriaId: "637E858A-7C16-490C-99A8-F46440E5F504", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", matchCriteriaId: "22840B84-2EA4-4E96-A8D8-154AAEADB806", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", matchCriteriaId: "2D554BDC-CD7D-4572-B1E8-5F627F2C5916", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", matchCriteriaId: "65BCD38A-33AD-4FD7-AF5B-8470B24C4139", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", matchCriteriaId: "E11F9209-799A-428B-9513-DBD0F19C7BF4", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", matchCriteriaId: "1DA40FAA-B858-4282-8438-247E99FBB002", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", matchCriteriaId: "65795542-D886-46C4-8ECB-4630078DF66A", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", matchCriteriaId: "79A9FAE9-7219-4D6A-9E94-FFE20223537D", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", matchCriteriaId: "EA68BC90-FCFC-4C9B-8574-9029DB2358E9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3C84489B-B08C-4854-8A12-D01B6E45CF79", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session.", }, { lang: "es", value: "MIT Kerberos 5 (también conocido como krb5) 1.7.x hasta 1.12.x anterior a 1.12.2 permite a atacantes remotos causar una denegación de servicio (sobrelectura de buffer o referencia a puntero nulo y caída de aplicación) mediante la inyección de tokens inválidos en una sesión de la aplicación GSSAPI.", }, ], id: "CVE-2014-4342", lastModified: "2024-11-21T02:10:00.000", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-07-20T11:12:50.870", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2014-0345.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0439.html", }, { source: "cve@mitre.org", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/59102", }, { source: "cve@mitre.org", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/60082", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-3000", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/68908", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1030706", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/94903", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2014-0345.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0439.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/59102", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/60082", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-3000", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/68908", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1030706", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/94903", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
mit | kerberos | 5-1.6.3 | |
mit | kerberos_5 | 1.6 | |
mit | kerberos_5 | 1.6.1 | |
mit | kerberos_5 | 1.6.2 | |
mit | kerberos_5 | 1.7 | |
mit | kerberos_5 | 1.7.1 | |
mit | kerberos_5 | 1.8 | |
mit | kerberos_5 | 1.8.1 | |
mit | kerberos_5 | 1.8.2 | |
mit | kerberos_5 | 1.8.3 | |
mit | kerberos_5 | 1.9 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:5-1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "032730AE-1E53-4CA2-96FD-AD60CD27F3CA", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", matchCriteriaId: "2C382DAA-68D2-4DD9-BE29-8EEB0BAF1A7A", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", matchCriteriaId: "73BB258E-51CF-4D12-836B-BCEA587A3F5F", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "F81DE01C-BA3B-40B4-BD85-17692F0AF8A8", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", matchCriteriaId: "DFB1190E-BE7A-4C6B-862D-D5747C64E980", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "4B09C090-B842-43C7-B8A6-DBF63D80FEC3", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", matchCriteriaId: "36823B2B-5C72-4FF3-9301-FB263EB8CE09", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", matchCriteriaId: "59AFA33E-FEBC-45F5-9EC6-8AA363163FB5", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", matchCriteriaId: "04D83332-B2FD-4E86-A76C-C3F1CD3B3A31", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", matchCriteriaId: "758A0011-20ED-414A-9DF3-50A161DF8BC2", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", matchCriteriaId: "86738633-C081-4440-9F75-A775D6DF2228", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name.", }, { lang: "es", value: "El Key Distribution Center (KDC) en MIT Kerberos 5 (también conocido como krb5) v1.6.x hasta v1.9 cuando un se utiliza un backend LDAP, permite a atacantes remotos provocar una denegación de servicio (desreferencia a puntero nulo o sobre-lectura, y caída de demonio) a través de un nombre principal manipulada.", }, ], evaluatorComment: "Per: http://cwe.mitre.org/data/definitions/476.html\r\n\r\n'CWE-476: NULL Pointer Dereference'", id: "CVE-2011-0282", lastModified: "2024-11-21T01:23:42.163", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2011-02-10T18:00:55.287", references: [ { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/43260", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/43273", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/43275", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/46397", }, { source: "cve@mitre.org", url: "http://securityreason.com/securityalert/8073", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:024", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:025", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2011-0199.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2011-0200.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/516299/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/520102/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/46271", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id?1025037", }, { source: "cve@mitre.org", url: "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2011/0330", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2011/0333", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2011/0347", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2011/0464", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65323", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/43260", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/43273", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/43275", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/46397", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securityreason.com/securityalert/8073", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:025", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2011-0199.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2011-0200.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/516299/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/520102/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/46271", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id?1025037", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2011/0330", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2011/0333", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2011/0347", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2011/0464", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65323", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
mit | kerberos | 1.0 | |
mit | kerberos | 1.2.2.beta1 | |
mit | kerberos_5 | 1.0.6 | |
mit | kerberos_5 | 1.1 | |
mit | kerberos_5 | 1.1.1 | |
mit | kerberos_5 | 1.2 | |
mit | kerberos_5 | 1.2.1 | |
mit | kerberos_5 | 1.2.2 | |
mit | kerberos_5 | 1.2.3 | |
mit | kerberos_5 | 1.2.4 | |
mit | kerberos_5 | 1.2.5 | |
mit | kerberos_5 | 1.2.6 | |
mit | kerberos_5 | 1.2.7 | |
mit | kerberos_5 | 1.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:1.0:*:*:*:*:*:*:*", matchCriteriaId: "ACC18A69-28AC-4DED-AA9D-B050709A9D43", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:1.2.2.beta1:*:*:*:*:*:*:*", matchCriteriaId: "D65D5B46-F8BD-41C4-86F2-D495F1EB4F47", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:*", matchCriteriaId: "E8973E93-0BBE-4BD3-9983-F6480FFEA228", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*", matchCriteriaId: "7A37987D-22F9-47AC-A07A-380F7E509BFE", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*", matchCriteriaId: "BE8C0C82-749E-4837-88F8-FB56A753B094", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "8AD672FA-918D-48CB-BC03-4E412AF0DCCC", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "D0B363A4-BB7A-48A2-AE6B-BD2DDD46E7CB", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*", matchCriteriaId: "74EF42A5-EC47-4475-81D6-FD1E9C2B8A3C", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*", matchCriteriaId: "30F2CBEF-6FA1-4E07-8163-6AFEDC93FCE5", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*", matchCriteriaId: "D133CB0D-8A54-4DAA-9FE8-0B367544DE65", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*", matchCriteriaId: "7B2C23BD-1995-4F09-B444-87DDDE21817E", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*", matchCriteriaId: "EEF118BE-6351-4768-A3F0-DFE0065273D9", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*", matchCriteriaId: "6B1422F8-CC87-46EA-8649-A12D6E47335D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka \"array overrun\").", }, { lang: "es", value: "El KDC (Centro de Distribución de Claves) en Kerberos 5 (krb5) 1.2.7 y anteriores, permite a atacantes remotos autentificados, causar la Denegación de Servicios (por caída) en KDCs dentro del mismo dominio utilizando cierta petición de protocolo que causa una lectura fuera de límites en un array (también conocido como 'array overrun').", }, ], id: "CVE-2003-0072", lastModified: "2024-11-20T23:43:52.947", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2003-04-02T05:00:00.000", references: [ { source: "cve@mitre.org", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-54042-1", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2003/dsa-266", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2003-051.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2003-052.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/7184", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-54042-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2003/dsa-266", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2003-051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2003-052.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/7184", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cygnus:cygnus_network_security:4.0:*:*:*:*:*:*:*", matchCriteriaId: "05857121-8827-45FD-886F-4269E0336036", vulnerable: true, }, { criteria: "cpe:2.3:a:cygnus:kerbnet:5.0:*:*:*:*:*:*:*", matchCriteriaId: "EE1B0821-64F1-46E3-8DD3-12FFD1B037F5", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:4.0:*:*:*:*:*:*:*", matchCriteriaId: "AFB8BD89-F049-4C3B-8744-E8D00D752DE0", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*", matchCriteriaId: "08FA60A9-10E1-4ACD-819C-17801FAD7671", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", matchCriteriaId: "344610A8-DB6D-4407-9304-916C419F648C", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", matchCriteriaId: "B7EC2B95-4715-4EC9-A10A-2542501F8A61", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", matchCriteriaId: "64775BEF-2E53-43CA-8639-A7E54F6F4222", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.", }, ], id: "CVE-2000-0390", lastModified: "2024-11-20T23:32:23.733", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2000-05-16T04:00:00.000", references: [ { source: "cve@mitre.org", url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html", }, { source: "cve@mitre.org", url: "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2000-06.html", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/4884", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2000-025.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/1220", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2000-06.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/4884", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2000-025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/1220", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
mit | kerberos | 5-1.8 | |
mit | kerberos_5 | 1.7 | |
mit | kerberos_5 | 1.7.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:5-1.8:alpha:*:*:*:*:*:*", matchCriteriaId: "40089B12-0277-487D-AC68-5400A0DAF013", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", matchCriteriaId: "DFB1190E-BE7A-4C6B-862D-D5747C64E980", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "4B09C090-B842-43C7-B8A6-DBF63D80FEC3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid (1) AS-REQ or (2) TGS-REQ request.", }, { lang: "es", value: "El Key Distribution Center (KDC) en MIT Kerberos 5 (también conocido como krb5) v1.7 anterior a v1.7.2, y 1.8 alpha, permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y caída del demonio) a través de peticiones (1) AS-REQ o (2) TGS-REQ inválidas.", }, ], id: "CVE-2010-0283", lastModified: "2024-11-21T01:11:54.017", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2010-02-22T13:00:02.750", references: [ { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035222.html", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/38598", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/39023", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/40220", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1023593", }, { source: "cve@mitre.org", url: "http://support.apple.com/kb/HT4188", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-001.txt", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/509553/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/38260", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-916-1", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2010/1481", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035222.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/38598", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/39023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/40220", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1023593", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.apple.com/kb/HT4188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-001.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/509553/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/38260", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-916-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2010/1481", }, ], sourceIdentifier: "cve@mitre.org", vendorComments: [ { comment: "Not vulnerable. This issue did not affect the versions of MIT Kerberos 5 as shipped with Red Hat Enterprise Linux 3, 4 or 5. Those versions do not contain the vulnerable code that was introduced in krb5 1.7.", lastModified: "2010-02-22T00:00:00", organization: "Red Hat", }, ], vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:*:*:*:*:*:*:*:*", matchCriteriaId: "5E2AA956-6CB6-4981-B363-6E051E7A6441", versionEndIncluding: "5-1.16", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function \"strlen\" is getting a \"NULL\" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client.", }, { lang: "es", value: "Se ha descubierto un problema en MIT Kerberos 5 (también conocido como krb5) hasta la versión 1.16. La función predefinida \"strlen\" tiene una cadena \"NULL\" como valor de parámetro en plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c en el Key Distribution Center (KDC), lo que permite que usuarios autenticados remotos provoquen una denegación de servicio (desreferencia de puntero NULL) mediante un cliente kadmin modificado.", }, ], id: "CVE-2018-5710", lastModified: "2024-11-21T04:09:13.177", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-16T09:29:00.530", references: [ { source: "cve@mitre.org", url: "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Denial%20Of%20Service%28DoS%29", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Denial%20Of%20Service%28DoS%29", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
mit | kerberos | 5-1.10.5 | |
mit | kerberos | 5-1.10.6 | |
mit | kerberos | 5-1.10.7 | |
mit | kerberos_5 | 1.10 | |
mit | kerberos_5 | 1.10.1 | |
mit | kerberos_5 | 1.10.2 | |
mit | kerberos_5 | 1.10.3 | |
mit | kerberos_5 | 1.10.4 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:5-1.10.5:*:*:*:*:*:*:*", matchCriteriaId: "42238DD3-2CFB-4F88-9CB6-A2B6F71DBB9D", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:5-1.10.6:*:*:*:*:*:*:*", matchCriteriaId: "B8D48B3D-DE6C-47DA-8002-659AED084A04", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:5-1.10.7:*:*:*:*:*:*:*", matchCriteriaId: "DB845405-97B7-4609-A61E-68C5CCD374EA", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", matchCriteriaId: "FC504264-A9E9-4433-B7AA-6D5015A93FF3", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", matchCriteriaId: "77FA352F-520C-4C05-AD52-FC8586DB16B1", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", matchCriteriaId: "9FFB18F7-CB08-4AE4-9DEC-55D047819A0A", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", matchCriteriaId: "637E858A-7C16-490C-99A8-F46440E5F504", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", matchCriteriaId: "22840B84-2EA4-4E96-A8D8-154AAEADB806", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request, a different vulnerability than CVE-2013-1418.", }, { lang: "es", value: "Un módulo de base de datos de terceros sin especificar para Key Distribution Center (KDC) en MIT Kerberos 5 (también conocido como krb5) 1.10.x permite a usuarios remotos autenticados provocar una denegación de servicio (referencia a puntero NULL y cierre del demonio) a través de una petición manipulada, una vulnerabilidad diferente a CVE-2013-1418.", }, ], evaluatorComment: "CWE-476: NULL Pointer Dereference per http://cwe.mitre.org/data/definitions/476.html", id: "CVE-2013-6800", lastModified: "2024-11-21T01:59:43.790", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-11-18T02:55:10.063", references: [ { source: "cve@mitre.org", url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7757", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/63770", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/krb5/krb5/commit/c2ccf4197f697c4ff143b8a786acdd875e70a89d", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7757", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/63770", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/krb5/krb5/commit/c2ccf4197f697c4ff143b8a786acdd875e70a89d", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
cygnus_network_security_project | cygnus_network_security | - | |
kerbnet_project | kerbnet | - | |
mit | kerberos | * | |
mit | kerberos | 4.0 | |
mit | kerberos | 4.0 | |
mit | kerberos_5 | * | |
mit | kerberos_5 | 1.1 | |
mit | kerberos_5 | 1.1.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cygnus_network_security_project:cygnus_network_security:-:*:*:*:*:*:*:*", matchCriteriaId: "F324E654-8799-45DE-8ECA-779D33033CFE", vulnerable: true, }, { criteria: "cpe:2.3:a:kerbnet_project:kerbnet:-:*:*:*:*:*:*:*", matchCriteriaId: "A69B5EEC-B360-4F74-839C-1E4909C71126", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:*:*:*:*:*:*:*:*", matchCriteriaId: "83B5C118-EB9E-4CA1-B27A-5D245E334E27", versionEndExcluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:4.0:-:*:*:*:*:*:*", matchCriteriaId: "14393125-C495-47AF-ACC9-EF739A606DAB", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:4.0:patch10:*:*:*:*:*:*", matchCriteriaId: "C7EDE7F6-5216-40F3-8C31-C3544CDFFBEF", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", matchCriteriaId: "EC79658F-1838-40CA-AFB1-3E2B43E339CB", versionEndIncluding: "1.0.7", versionStartIncluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*", matchCriteriaId: "7A37987D-22F9-47AC-A07A-380F7E509BFE", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the e_msg variable in the kerb_err_reply function.", }, ], id: "CVE-2000-0548", lastModified: "2024-11-20T23:32:45.283", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2000-06-09T04:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2000-11.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.osvdb.org/4875", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2000-031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2000-11.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.osvdb.org/4875", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2000-031.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html | Broken Link | |
cve@mitre.org | http://ciac.llnl.gov/ciac/bulletins/k-051.shtml | Broken Link | |
cve@mitre.org | http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt | Patch, Vendor Advisory | |
cve@mitre.org | http://www.cert.org/advisories/CA-2000-11.html | Third Party Advisory, US Government Resource | |
cve@mitre.org | http://www.securityfocus.com/bid/1338 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html | Broken Link | |
af854a3a-2127-422b-91ae-364da2661108 | http://ciac.llnl.gov/ciac/bulletins/k-051.shtml | Broken Link | |
af854a3a-2127-422b-91ae-364da2661108 | http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.cert.org/advisories/CA-2000-11.html | Third Party Advisory, US Government Resource | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1338 | Third Party Advisory, VDB Entry |
Vendor | Product | Version | |
---|---|---|---|
cygnus_network_security_project | cygnus_network_security | - | |
kerbnet_project | kerbnet | - | |
mit | kerberos | * | |
mit | kerberos | 4.0 | |
mit | kerberos | 4.0 | |
mit | kerberos_5 | * | |
mit | kerberos_5 | 1.1 | |
mit | kerberos_5 | 1.1.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cygnus_network_security_project:cygnus_network_security:-:*:*:*:*:*:*:*", matchCriteriaId: "F324E654-8799-45DE-8ECA-779D33033CFE", vulnerable: true, }, { criteria: "cpe:2.3:a:kerbnet_project:kerbnet:-:*:*:*:*:*:*:*", matchCriteriaId: "A69B5EEC-B360-4F74-839C-1E4909C71126", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:*:*:*:*:*:*:*:*", matchCriteriaId: "83B5C118-EB9E-4CA1-B27A-5D245E334E27", versionEndExcluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:4.0:-:*:*:*:*:*:*", matchCriteriaId: "14393125-C495-47AF-ACC9-EF739A606DAB", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:4.0:patch10:*:*:*:*:*:*", matchCriteriaId: "C7EDE7F6-5216-40F3-8C31-C3544CDFFBEF", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", matchCriteriaId: "EC79658F-1838-40CA-AFB1-3E2B43E339CB", versionEndIncluding: "1.0.7", versionStartIncluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*", matchCriteriaId: "7A37987D-22F9-47AC-A07A-380F7E509BFE", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the localrealm variable in the process_v4 function.", }, ], id: "CVE-2000-0547", lastModified: "2024-11-20T23:32:45.137", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2000-06-09T04:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2000-11.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/1338", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2000-11.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/1338", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
mit | kerberos | 4 | |
mit | kerberos_5 | 1.5.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:4:*:*:*:*:*:*:*", matchCriteriaId: "45E4C7CB-044F-47C6-AB40-9D3542CB6326", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*", matchCriteriaId: "2B904DCE-D59F-45C7-A814-DE42CF02792D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files.", }, ], id: "CVE-2001-0417", lastModified: "2024-11-20T23:35:19.247", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2001-06-27T04:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/bugtraq/2001-03/0078.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2001-025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/bugtraq/2001-03/0078.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2001-025.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:*:*:*:*:*:*:*:*", matchCriteriaId: "5E2AA956-6CB6-4981-B363-6E051E7A6441", versionEndIncluding: "5-1.16", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable \"dbentry->n_key_data\" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a \"u4\" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", }, { lang: "es", value: "Se ha descubierto un problema en MIT Kerberos 5 (también conocido como krb5) hasta la versión 1.16. Hay una variable \"dbentry->n_key_data\" en kadmin/dbutil/dump.c que puede almacenar datos en 16 bits pero, sin saberlo, el desarrollador le ha asignado una variable \"u4\", que es para datos en 32 bits. Un atacante puede emplear esta vulnerabilidad para afectar a otros artefactos de la base de datos, ya que se sabe que un archivo de volcado de base de datos de Kerberos contiene datos fiables.", }, ], id: "CVE-2018-5709", lastModified: "2024-11-21T04:09:13.037", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-16T09:29:00.500", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:v:*:*:*:*:*:*:*", matchCriteriaId: "0DB38284-7E3B-4D2C-A147-D9B3898E31A0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could allow remote attackers to cause a denial of service or execute arbitrary commands via a long DNS hostname that is not properly handled during TGT ticket passing.", }, ], id: "CVE-1999-1321", lastModified: "2024-11-20T23:30:50.100", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "1998-11-05T05:00:00.000", references: [ { source: "cve@mitre.org", url: "http://lists.netspace.org/cgi-bin/wa?A2=ind9811A&L=bugtraq&P=R4814", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/4883", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.netspace.org/cgi-bin/wa?A2=ind9811A&L=bugtraq&P=R4814", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/4883", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
mit | kerberos | 5-1.6.3 | |
mit | kerberos_5 | 1.5 | |
mit | kerberos_5 | 1.5.1 | |
mit | kerberos_5 | 1.5.2 | |
mit | kerberos_5 | 1.5.3 | |
mit | kerberos_5 | 1.6 | |
mit | kerberos_5 | 1.6.1 | |
mit | kerberos_5 | 1.6.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:5-1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "032730AE-1E53-4CA2-96FD-AD60CD27F3CA", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*", matchCriteriaId: "4DD315AE-868B-4061-BF01-CDBF59B02499", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*", matchCriteriaId: "B639DD5F-71C7-4D9B-BA5C-51CAF64140B6", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*", matchCriteriaId: "2B904DCE-D59F-45C7-A814-DE42CF02792D", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*", matchCriteriaId: "9957FE9E-1E89-4C27-852C-44F866A1834E", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", matchCriteriaId: "2C382DAA-68D2-4DD9-BE29-8EEB0BAF1A7A", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", matchCriteriaId: "73BB258E-51CF-4D12-836B-BCEA587A3F5F", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "F81DE01C-BA3B-40B4-BD85-17692F0AF8A8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via invalid ContextFlags data in the reqFlags field in a negTokenInit token.", }, { lang: "es", value: "La función spnego_gss_accept_sec_context en lib/gssapi/spnego/spnego_mech.c en MIT Kerberos 5 (conocido como krb5) v.1.6.3, cuando se utiliza SPNEGO, permite a atacantes remotos provocar una denegación de servicio (referencia a puntero nulo y caída de la aplicación) mediante datos \"ContextFlags\" inválidos en el campo \"reqFlags\" en el token negTokenInit.", }, ], id: "CVE-2009-0845", lastModified: "2024-11-21T01:01:02.737", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2009-03-27T16:30:02.157", references: [ { source: "cve@mitre.org", url: "http://krbdev.mit.edu/rt/Ticket/Display.html?user=guest&pass=guest&id=6402", }, { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/34347", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34594", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34617", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34622", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34628", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34630", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34637", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34640", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34734", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/35074", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200904-09.xml", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://src.mit.edu/fisheye/browse/krb5/trunk/src/lib/gssapi/spnego/spnego_mech.c?r1=21875&r2=22084", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://src.mit.edu/fisheye/changelog/krb5/?cs=22084", }, { source: "cve@mitre.org", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256728-1", }, { source: "cve@mitre.org", url: "http://support.apple.com/kb/HT3549", }, { source: "cve@mitre.org", url: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", }, { source: "cve@mitre.org", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", }, { source: "cve@mitre.org", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", }, { source: "cve@mitre.org", url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-001.txt", }, { source: "cve@mitre.org", url: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", }, { source: "cve@mitre.org", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", }, { source: "cve@mitre.org", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", }, { source: "cve@mitre.org", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/662091", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:082", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2009-0408.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/502526/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/502546/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/34257", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id?1021867", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/usn-755-1", }, { source: "cve@mitre.org", tags: [ "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2009/0847", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2009/0976", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2009/1057", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2009/1106", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2009/1297", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2009/2248", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/49448", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10044", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6449", }, { source: "cve@mitre.org", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html", }, { source: "cve@mitre.org", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://krbdev.mit.edu/rt/Ticket/Display.html?user=guest&pass=guest&id=6402", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/34347", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34594", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34617", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34622", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34628", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34630", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34637", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34640", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34734", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/35074", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200904-09.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://src.mit.edu/fisheye/browse/krb5/trunk/src/lib/gssapi/spnego/spnego_mech.c?r1=21875&r2=22084", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://src.mit.edu/fisheye/changelog/krb5/?cs=22084", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256728-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.apple.com/kb/HT3549", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-001.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/662091", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:082", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2009-0408.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/502526/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/502546/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/34257", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id?1021867", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/usn-755-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2009/0847", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2009/0976", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2009/1057", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2009/1106", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2009/1297", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2009/2248", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/49448", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10044", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6449", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*", matchCriteriaId: "772E9557-A371-4664-AE2D-4135AAEB89AA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*", matchCriteriaId: "6E4D8269-B407-4C24-AAB0-02F885C7D752", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:5-1.13.7:*:*:*:*:*:*:*", matchCriteriaId: "B58B2F8D-83F5-46E0-B0DE-FEC2B0706CC7", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", matchCriteriaId: "DFB1190E-BE7A-4C6B-862D-D5747C64E980", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "4B09C090-B842-43C7-B8A6-DBF63D80FEC3", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", matchCriteriaId: "36823B2B-5C72-4FF3-9301-FB263EB8CE09", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", matchCriteriaId: "59AFA33E-FEBC-45F5-9EC6-8AA363163FB5", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", matchCriteriaId: "04D83332-B2FD-4E86-A76C-C3F1CD3B3A31", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", matchCriteriaId: "758A0011-20ED-414A-9DF3-50A161DF8BC2", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*", matchCriteriaId: "7768AED0-AE4C-4D4E-8D5D-5B618AB82966", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*", matchCriteriaId: "534104C5-966E-4740-A354-4F6C210FF25B", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*", matchCriteriaId: "78AF5659-C0E3-49C4-9CA7-FC3917C8AC49", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", matchCriteriaId: "86738633-C081-4440-9F75-A775D6DF2228", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*", matchCriteriaId: "C7BCFFEE-EA7A-4F26-97AA-31128A179745", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*", matchCriteriaId: "91A2D7F5-EBDE-4000-AC78-8DD6472E685A", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*", matchCriteriaId: "8E92BFA5-723E-4843-A8D8-BC1D32F34569", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*", matchCriteriaId: "34C27198-9B55-42FB-AA21-D8B4EB60D926", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", matchCriteriaId: "FC504264-A9E9-4433-B7AA-6D5015A93FF3", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", matchCriteriaId: "77FA352F-520C-4C05-AD52-FC8586DB16B1", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", matchCriteriaId: "9FFB18F7-CB08-4AE4-9DEC-55D047819A0A", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", matchCriteriaId: "637E858A-7C16-490C-99A8-F46440E5F504", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", matchCriteriaId: "22840B84-2EA4-4E96-A8D8-154AAEADB806", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", matchCriteriaId: "2D554BDC-CD7D-4572-B1E8-5F627F2C5916", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", matchCriteriaId: "65BCD38A-33AD-4FD7-AF5B-8470B24C4139", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", matchCriteriaId: "E11F9209-799A-428B-9513-DBD0F19C7BF4", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", matchCriteriaId: "1DA40FAA-B858-4282-8438-247E99FBB002", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", matchCriteriaId: "65795542-D886-46C4-8ECB-4630078DF66A", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", matchCriteriaId: "D0A4C436-C3D7-469E-8895-8EEC9569EE86", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", matchCriteriaId: "79A9FAE9-7219-4D6A-9E94-FFE20223537D", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", matchCriteriaId: "EA68BC90-FCFC-4C9B-8574-9029DB2358E9", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*", matchCriteriaId: "9D0A28CB-173D-4676-B083-E3718213B840", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.12.3:*:*:*:*:*:*:*", matchCriteriaId: "AA3D2861-7EB7-4984-AC92-989B427BDB58", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*", matchCriteriaId: "169D00BD-344F-453C-BE7C-9DF0740080BB", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*", matchCriteriaId: "765B3248-A524-4A79-858C-E787C1C1599E", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*", matchCriteriaId: "BF1BB0AB-2C22-49F9-9D2A-074D2F711BA8", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*", matchCriteriaId: "C8EC001E-9507-410D-836F-93002789D574", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.13.5:*:*:*:*:*:*:*", matchCriteriaId: "0037EF80-A599-4938-889F-9276E339A8E0", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.13.6:*:*:*:*:*:*:*", matchCriteriaId: "1CABFE58-4811-49EC-8565-35EB7D5F6F4C", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*", matchCriteriaId: "6E30B176-1FE5-4C53-8B79-2E6D87DF05B3", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*", matchCriteriaId: "EC81822F-DC8C-4889-AD53-33216B66A109", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*", matchCriteriaId: "C1B23EE0-35EB-46FC-8620-AC0059498D9B", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*", matchCriteriaId: "70831CB8-695D-45E8-A829-2E888823E8A5", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*", matchCriteriaId: "E650B5A3-99CA-491B-A1FB-259EF548D92E", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.14.2:*:*:*:*:*:*:*", matchCriteriaId: "091F3C51-980E-482F-9882-0A555A8F74BC", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.14.3:*:*:*:*:*:*:*", matchCriteriaId: "A00BDDDC-3D5D-4D63-A8D8-63BF2F4C7329", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.14.4:*:*:*:*:*:*:*", matchCriteriaId: "42505BC2-12A0-43E9-8561-80270D7CA74D", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.14.5:*:*:*:*:*:*:*", matchCriteriaId: "AF0496EF-F0F9-4A5D-92F4-E50C5F3DCA12", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.15:*:*:*:*:*:*:*", matchCriteriaId: "79EEC80F-9E4F-4A6D-BB8D-6AB7764AD8E3", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.15.1:*:*:*:*:*:*:*", matchCriteriaId: "DB427FE4-CC39-43EE-A27B-69C5B18056FA", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.15.1:beta1:*:*:*:*:*:*", matchCriteriaId: "14A2F0C0-91E0-4DD9-851E-67CE8A5EAE0B", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.15.1:beta2:*:*:*:*:*:*", matchCriteriaId: "C1770120-B3B2-4B5A-9785-162399A47989", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests.", }, { lang: "es", value: "En MIT Kerberos 5 (también llamado krb5) en versiones 1.7 y posteriores, un atacante autenticado puede provocar un error de aserción KDC mediante el envío de peticiones S4U2Self o S4U2Proxy no válidas.", }, ], id: "CVE-2017-11368", lastModified: "2024-11-21T03:07:39.977", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-08-09T18:29:01.450", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/100291", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2018:0666", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4HNWXM6OQU7G23MG7XWIOBRGP43ECLDT/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBUTXMNZWMVJLQ4NDX5OQFPUVCJRLV3W/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/100291", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2018:0666", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4HNWXM6OQU7G23MG7XWIOBRGP43ECLDT/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBUTXMNZWMVJLQ4NDX5OQFPUVCJRLV3W/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-617", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cygnus:cygnus_network_security:4.0:*:*:*:*:*:*:*", matchCriteriaId: "05857121-8827-45FD-886F-4269E0336036", vulnerable: true, }, { criteria: "cpe:2.3:a:cygnus:kerbnet:5.0:*:*:*:*:*:*:*", matchCriteriaId: "EE1B0821-64F1-46E3-8DD3-12FFD1B037F5", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:4.0:*:*:*:*:*:*:*", matchCriteriaId: "AFB8BD89-F049-4C3B-8744-E8D00D752DE0", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*", matchCriteriaId: "08FA60A9-10E1-4ACD-819C-17801FAD7671", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", matchCriteriaId: "344610A8-DB6D-4407-9304-916C419F648C", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", matchCriteriaId: "B7EC2B95-4715-4EC9-A10A-2542501F8A61", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", matchCriteriaId: "64775BEF-2E53-43CA-8639-A7E54F6F4222", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges.", }, ], id: "CVE-2000-0391", lastModified: "2024-11-20T23:32:23.877", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2000-05-16T04:00:00.000", references: [ { source: "cve@mitre.org", url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html", }, { source: "cve@mitre.org", url: "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2000-06.html", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/4876", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2000-025.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/1220", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2000-06.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/4876", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2000-025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/1220", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:5-1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "032730AE-1E53-4CA2-96FD-AD60CD27F3CA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmetic.", }, { lang: "es", value: "La función asnbuf_imbed en el decodificador ASN.1 en MIT Kerberos 5 (también conocido como krb5) v1.6.3 cuando se usa PK-INIT, permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de un valor length modificado que provoca una llamada malloc errónea, relativo a cálculo erróneos con punto aritmético.", }, ], id: "CVE-2009-0847", lastModified: "2024-11-21T01:01:03.157", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2009-04-09T00:30:00.280", references: [ { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=124896429301168&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=124896429301168&w=2", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34594", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34617", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34622", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34628", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34637", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34640", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34734", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/35074", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200904-09.xml", }, { source: "cve@mitre.org", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256728-1", }, { source: "cve@mitre.org", url: "http://support.apple.com/kb/HT3549", }, { source: "cve@mitre.org", url: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", }, { source: "cve@mitre.org", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", }, { source: "cve@mitre.org", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-001.txt", }, { source: "cve@mitre.org", url: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", }, { source: "cve@mitre.org", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", }, { source: "cve@mitre.org", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", }, { source: "cve@mitre.org", url: "http://www.kb.cert.org/vuls/id/662091", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:098", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/502526/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/502546/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/34408", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id?1021993", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/usn-755-1", }, { source: "cve@mitre.org", tags: [ "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2009/0960", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2009/0976", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2009/1057", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2009/1106", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2009/1297", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2009/2084", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2009/2248", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6387", }, { source: "cve@mitre.org", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html", }, { source: "cve@mitre.org", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=124896429301168&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=124896429301168&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34594", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34617", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34622", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34628", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34637", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34640", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34734", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/35074", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200904-09.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256728-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.apple.com/kb/HT3549", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-001.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.kb.cert.org/vuls/id/662091", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:098", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/502526/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/502546/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/34408", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id?1021993", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/usn-755-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2009/0960", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2009/0976", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2009/1057", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2009/1106", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2009/1297", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2009/2084", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2009/2248", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6387", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html", }, ], sourceIdentifier: "cve@mitre.org", vendorComments: [ { comment: "Not vulnerable. This issue did not affect the versions of krb5 as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.", lastModified: "2009-04-09T00:00:00", organization: "Red Hat", }, ], vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-189", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
mit | kerberos | 5_1.13 | |
mit | kerberos_5 | 1.12 | |
mit | kerberos_5 | 1.12.1 | |
mit | kerberos_5 | 1.12.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:5_1.13:*:*:*:*:*:*:*", matchCriteriaId: "867316AC-64F2-437A-9A83-EBA0F92C6786", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", matchCriteriaId: "79A9FAE9-7219-4D6A-9E94-FFE20223537D", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", matchCriteriaId: "EA68BC90-FCFC-4C9B-8574-9029DB2358E9", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*", matchCriteriaId: "9D0A28CB-173D-4676-B083-E3718213B840", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by creating a database entry for a keyless principal, as demonstrated by a kadmin \"add_principal -nokey\" or \"purgekeys -all\" command.", }, { lang: "es", value: "plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c en MIT Kerberos 5 (también conocido como krb5) 1.12.x y 1.13.x anterior a 1.13.1, cuando el KDC utiliza LDAP, permite a usuarios remotos autenticados causar una denegación de servicio (referencia a puntero nulo y caída del demonio) mediante la creación de una entrada de la base de datos para un principal sin clave, tal y como fur demostrado por un comando kadmin 'add_principal -nokey' o 'purgekeys -all'.", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/476.html\">CWE-476: NULL Pointer Dereference</a>", id: "CVE-2014-5354", lastModified: "2024-11-21T02:11:54.500", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-12-16T23:59:01.247", references: [ { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00061.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/71680", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1031376", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-2498-1", }, { source: "cve@mitre.org", url: "https://github.com/krb5/krb5/commit/04038bf3633c4b909b5ded3072dc88c8c419bf16", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00061.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/71680", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1031376", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2498-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/krb5/krb5/commit/04038bf3633c4b909b5ded3072dc88c8c419bf16", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:4:*:*:*:*:*:*:*", matchCriteriaId: "45E4C7CB-044F-47C6-AB40-9D3542CB6326", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack.", }, { lang: "es", value: "La versión 4 del protocolo Kerberos (kbr4) permite a un atacante impersonar a cualquier principal en un dominio (realm) mediante un ataque de texto plano elegido.", }, ], id: "CVE-2003-0138", lastModified: "2024-11-20T23:44:03.857", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2003-03-24T05:00:00.000", references: [ { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=104791775804776&w=2", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2003/dsa-266", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2003/dsa-269", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2003/dsa-273", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/623217", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2003-051.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2003-052.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2003-091.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/7113", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A248", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=104791775804776&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2003/dsa-266", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2003/dsa-269", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2003/dsa-273", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/623217", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2003-051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2003-052.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2003-091.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/7113", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A248", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:1.0:*:*:*:*:*:*:*", matchCriteriaId: "ACC18A69-28AC-4DED-AA9D-B050709A9D43", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*", matchCriteriaId: "7A37987D-22F9-47AC-A07A-380F7E509BFE", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*", matchCriteriaId: "BE8C0C82-749E-4837-88F8-FB56A753B094", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "8AD672FA-918D-48CB-BC03-4E412AF0DCCC", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "D0B363A4-BB7A-48A2-AE6B-BD2DDD46E7CB", vulnerable: true, }, { criteria: "cpe:2.3:a:netkit:linux_netkit:0.10:*:*:*:*:*:*:*", matchCriteriaId: "5B3630EB-0966-49C2-9B59-368E5374A1C2", vulnerable: true, }, { criteria: "cpe:2.3:a:netkit:linux_netkit:0.11:*:*:*:*:*:*:*", matchCriteriaId: "62B7A341-D568-45DD-B4D7-18892DD19819", vulnerable: true, }, { criteria: "cpe:2.3:a:netkit:linux_netkit:0.12:*:*:*:*:*:*:*", matchCriteriaId: "65D5FAF4-4AE0-4657-B71A-3F3870E36192", vulnerable: true, }, { criteria: "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*", matchCriteriaId: "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*", matchCriteriaId: "F1F098C1-D09E-49B4-9B51-E84B6C4EA6CD", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "63236405-1F33-43DD-ACF7-B6D9656E0987", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*", matchCriteriaId: "34797660-41F5-4358-B70F-2A40DE48F182", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.1:stable:*:*:*:*:*:*", matchCriteriaId: "F25E27BA-F884-456B-9600-A4A0B8877A6F", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*", matchCriteriaId: "27C9E23D-AB82-4AE1-873E-C5493BB96AA1", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*", matchCriteriaId: "4054D69F-596F-4EB4-BE9A-E2478343F55A", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*", matchCriteriaId: "CA26ABBE-9973-45FA-9E9B-82170B751219", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.1.6.1:*:*:*:*:*:*:*", matchCriteriaId: "7891202C-62AF-4590-9E5F-3514FDA2B38E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.1.7:*:*:*:*:*:*:*", matchCriteriaId: "CF4F7002-A525-4A66-BE8B-E50ABBF144B2", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "BF8F9B2F-E898-4F87-A245-32A41748587B", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*", matchCriteriaId: "183667CA-6DF1-4BFB-AE32-9ABF55B7283A", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2:current:*:*:*:*:*:*", matchCriteriaId: "FE799983-DF99-428E-B560-321680C85A75", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2.1:*:*:*:*:*:*:*", matchCriteriaId: "F1156954-25AD-45BE-AE49-9705ECD5BDA2", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*", matchCriteriaId: "EBDDEC3F-52EB-4E1E-84C4-B472600059EC", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*", matchCriteriaId: "B58E02AE-38B4-466E-BF73-2F0B80AF7BA5", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*", matchCriteriaId: "3928D5CF-6FC0-434C-8A80-ABDBF346C2C9", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*", matchCriteriaId: "314BA420-4C74-4060-8ACE-D7A7C041CF2B", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*", matchCriteriaId: "2EAD7613-A5B3-4621-B981-290C7C6B8BA0", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2.7:*:*:*:*:*:*:*", matchCriteriaId: "8ED84E66-CFD9-4DF8-9679-13457D340D54", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*", matchCriteriaId: "D1CA3337-9BEE-49C5-9EDE-8CDBE5580537", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*", matchCriteriaId: "EE38C50A-81FE-412E-9717-3672FAE6A6F4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.0:releng:*:*:*:*:*:*", matchCriteriaId: "A0A3F7B6-2878-40C0-B59C-EBA8D171D2F7", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*", matchCriteriaId: "263F3734-7076-4EA8-B4C0-F37CFC4E979E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*", matchCriteriaId: "0419DD66-FF66-48BC-AD3B-F6AFD0551E36", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*", matchCriteriaId: "C3518628-08E5-4AD7-AAF6-A4E38F1CDE2C", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*", matchCriteriaId: "B982342C-1981-4C55-8044-AFE4D87623DF", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*", matchCriteriaId: "47E02BE6-4800-4940-B269-385B66AC5077", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.5:stable:*:*:*:*:*:*", matchCriteriaId: "0EB09993-B837-4352-B09D-3656F62638A8", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*", matchCriteriaId: "7C283AD7-1C58-4CE8-A6CD-502FFE0B18BB", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.5.1:release:*:*:*:*:*:*", matchCriteriaId: "0361EA35-FBD7-4E8F-8625-C8100ED7BB7C", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.5.1:stable:*:*:*:*:*:*", matchCriteriaId: "29EAA113-2404-4ABB-826B-3AA2AA858D02", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*", matchCriteriaId: "D0A585A1-FF82-418F-90F8-072458DB7816", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.0:alpha:*:*:*:*:*:*", matchCriteriaId: "E3F7EB61-55A5-4776-B0E7-3508920A6CEA", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.0:releng:*:*:*:*:*:*", matchCriteriaId: "A442DE97-4485-4D95-B95D-58947585E455", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*", matchCriteriaId: "AE31DFF8-06AB-489D-A0C5-509C090283B5", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*", matchCriteriaId: "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*", matchCriteriaId: "DF49BF03-C25E-4737-84D5-892895C86C58", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*", matchCriteriaId: "D2019E0E-426B-43AF-8904-1B811AE171E8", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*", matchCriteriaId: "11ACD012-F05F-45CD-A170-96CBAA42FFE4", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*", matchCriteriaId: "55919E74-09E7-44BA-9941-D1B69BB1692F", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:aix:4.3.2:*:*:*:*:*:*:*", matchCriteriaId: "45F3C5D8-8BC3-44EB-917A-D0BA051D3D9D", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*", matchCriteriaId: "465B06C4-136D-4CD8-BA38-B6B50511624C", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*", matchCriteriaId: "BCB23261-D5A9-4C49-B08E-97A63ED6F84A", vulnerable: true, }, { criteria: "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*", matchCriteriaId: "9DF613C9-DC4A-45F0-BEE1-8450762B0089", vulnerable: true, }, { criteria: "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*", matchCriteriaId: "441CEF2E-9687-4930-8536-B8B83018BD28", vulnerable: true, }, { criteria: "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*", matchCriteriaId: "55DD3C82-0B7D-4B25-B603-AD6C6D59239A", vulnerable: true, }, { criteria: "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "FC7A39CD-C4B2-4FD9-A450-E5C7A5480174", vulnerable: true, }, { criteria: "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*", matchCriteriaId: "7CBA1B13-B378-4F13-BD13-EC58F15F5C81", vulnerable: true, }, { criteria: "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "B8C8CAB1-2D8C-4875-A795-41178D48410F", vulnerable: true, }, { criteria: "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*", matchCriteriaId: "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0", vulnerable: true, }, { criteria: "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*", matchCriteriaId: "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2", vulnerable: true, }, { criteria: "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*", matchCriteriaId: "C422E343-ADF2-427D-865D-B5C35431EFD1", vulnerable: true, }, { criteria: "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*", matchCriteriaId: "1C288A88-11C6-429E-A109-0395D0989264", vulnerable: true, }, { criteria: "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*", matchCriteriaId: "516C6D9A-7483-4E36-A2E0-42698161AD31", vulnerable: true, }, { criteria: "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*", matchCriteriaId: "B1F89124-E194-4C7A-B06D-8535B4066AA3", vulnerable: true, }, { criteria: "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*", matchCriteriaId: "E10D9BF9-FCC7-4680-AD3A-95757FC005EA", vulnerable: true, }, { criteria: "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*", matchCriteriaId: "78E8C3A4-9FA7-4F2A-8C65-D4404715E674", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*", matchCriteriaId: "36DF0D51-FCFA-46A3-B834-E80DFA91DFDC", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*", matchCriteriaId: "5CB726CF-ADA2-4CDA-9786-1E84AC53740A", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*", matchCriteriaId: "1FC373FC-88AC-4B6D-A289-51881ACD57F7", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*", matchCriteriaId: "1D2DA7F0-E3C0-447A-A2B0-ECC928389D84", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*", matchCriteriaId: "FEBE290B-5EC6-4BBA-B645-294C150E417A", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*", matchCriteriaId: "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*", matchCriteriaId: "0DF053A1-C252-427E-9EEF-27240F422976", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*", matchCriteriaId: "48A9C344-45AA-47B9-B35A-1A62E220D9C6", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*", matchCriteriaId: "80EB24F0-46A7-481B-83ED-8BB012AE0C8E", vulnerable: true, }, { criteria: "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*", matchCriteriaId: "34EBF074-78C8-41AF-88F1-DA6726E56F8B", vulnerable: true, }, { criteria: "cpe:2.3:o:sun:sunos:5.0:*:*:*:*:*:*:*", matchCriteriaId: "C1370216-93EB-400F-9AA6-CB2DC316DAA7", vulnerable: true, }, { criteria: "cpe:2.3:o:sun:sunos:5.1:*:*:*:*:*:*:*", matchCriteriaId: "5FF2C7C4-6F8D-40DB-9FBC-E7E4D76A2B23", vulnerable: true, }, { criteria: "cpe:2.3:o:sun:sunos:5.2:*:*:*:*:*:*:*", matchCriteriaId: "84523B48-218B-45F4-9C04-2C103612DCB2", vulnerable: true, }, { criteria: "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*", matchCriteriaId: "C7A22D21-E0A9-4B56-86C7-805AD1A610D6", vulnerable: true, }, { criteria: "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*", matchCriteriaId: "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F", vulnerable: true, }, { criteria: "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*", matchCriteriaId: "5B72953B-E873-4E44-A3CF-12D770A0D416", vulnerable: true, }, { criteria: "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "39F847DB-65A9-47DA-BCFA-A179E5E2301A", vulnerable: true, }, { criteria: "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*", matchCriteriaId: "08003947-A4F1-44AC-84C6-9F8D097EB759", vulnerable: true, }, { criteria: "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*", matchCriteriaId: "A2475113-CFE4-41C8-A86F-F2DA6548D224", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", matchCriteriaId: "58B90124-0543-4226-BFF4-13CCCBCCB243", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.", }, ], id: "CVE-2001-0554", lastModified: "2024-11-20T23:35:38.230", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2001-08-14T04:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", "Patch", "Vendor Advisory", ], url: "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://archives.neohapsis.com/archives/hp/2001-q4/0014.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://ftp.support.compaq.com/patches/.new/html/SSRT0745U.shtml", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://online.securityfocus.com/advisories/3476", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://online.securityfocus.com/archive/1/199496", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://online.securityfocus.com/archive/1/199541", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://online.securityfocus.com/archive/1/203000", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.calderasystems.com/support/security/advisories/CSSA-2001-030.0.txt", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2001-21.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.ciac.org/ciac/bulletins/l-131.shtml", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2001/dsa-070", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2001/dsa-075", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-068.php3", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.osvdb.org/809", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2001-099.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2001-100.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", "Vendor Advisory", ], url: "http://www.securityfocus.com/archive/1/197804", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/3064", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/6875", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Patch", "Vendor Advisory", ], url: "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://archives.neohapsis.com/archives/hp/2001-q4/0014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://ftp.support.compaq.com/patches/.new/html/SSRT0745U.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://online.securityfocus.com/advisories/3476", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://online.securityfocus.com/archive/1/199496", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://online.securityfocus.com/archive/1/199541", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://online.securityfocus.com/archive/1/203000", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.calderasystems.com/support/security/advisories/CSSA-2001-030.0.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2001-21.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.ciac.org/ciac/bulletins/l-131.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2001/dsa-070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2001/dsa-075", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-068.php3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.osvdb.org/809", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2001-099.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2001-100.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", "Vendor Advisory", ], url: "http://www.securityfocus.com/archive/1/197804", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/3064", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/6875", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
cygnus | cygnus_network_security | 4.0 | |
cygnus | kerbnet | 5.0 | |
mit | kerberos | 4.0 | |
mit | kerberos_5 | 1.0 | |
mit | kerberos_5 | 1.1 | |
mit | kerberos_5 | 1.1.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cygnus:cygnus_network_security:4.0:*:*:*:*:*:*:*", matchCriteriaId: "05857121-8827-45FD-886F-4269E0336036", vulnerable: true, }, { criteria: "cpe:2.3:a:cygnus:kerbnet:5.0:*:*:*:*:*:*:*", matchCriteriaId: "EE1B0821-64F1-46E3-8DD3-12FFD1B037F5", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:4.0:*:*:*:*:*:*:*", matchCriteriaId: "AFB8BD89-F049-4C3B-8744-E8D00D752DE0", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*", matchCriteriaId: "08FA60A9-10E1-4ACD-819C-17801FAD7671", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*", matchCriteriaId: "7A37987D-22F9-47AC-A07A-380F7E509BFE", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request.", }, ], id: "CVE-2000-0549", lastModified: "2024-11-20T23:32:45.423", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2000-06-09T04:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { source: "cve@mitre.org", url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { source: "cve@mitre.org", url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2000-11.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2000-031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2000-11.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2000-031.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
mit | kerberos | * | |
debian | debian_linux | 8.0 | |
debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:*:*:*:*:*:*:*:*", matchCriteriaId: "47D60B1D-E4D9-4FF8-8C98-7ACCF81D3F24", versionEndExcluding: "5-1.17", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.", }, { lang: "es", value: "Se ha descubierto un problema de aserción alcanzable en el KDC en MIT Kerberos 5 (también conocido como krb5), en versiones anteriores a la 1.17. Si un atacante puede obtener un ticket krbtgt mediante un tipo de cifrado más antiguo (DES, Triple DES o RC4), este puede provocar el cierre inesperado de KDC realizando una petición S4U2Self.", }, ], id: "CVE-2018-20217", lastModified: "2024-11-21T04:01:06.130", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-26T21:29:02.543", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190416-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190416-0006/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-617", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
mit | kerberos | 4.0 | |
mit | kerberos_5 | - | |
process_software | multinet | 3.4 | |
process_software | multinet | 3.5 | |
sun | sunos | 5.3 | |
sun | sunos | 5.4 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mit:kerberos:4.0:*:*:*:*:*:*:*", matchCriteriaId: "AFB8BD89-F049-4C3B-8744-E8D00D752DE0", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:-:*:*:*:*:*:*:*", matchCriteriaId: "589D7E39-A243-49F9-8F67-4B9E92AE87DF", vulnerable: true, }, { criteria: "cpe:2.3:a:process_software:multinet:3.4:*:*:*:*:*:*:*", matchCriteriaId: "6DBE0C33-2F14-474B-B6E9-4415BDFDE179", vulnerable: true, }, { criteria: "cpe:2.3:a:process_software:multinet:3.5:*:*:*:*:*:*:*", matchCriteriaId: "9F83D69E-4B23-4049-A521-BBDD27DB39EC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*", matchCriteriaId: "C7A22D21-E0A9-4B56-86C7-805AD1A610D6", vulnerable: true, }, { criteria: "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*", matchCriteriaId: "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys.", }, ], id: "CVE-1999-0143", lastModified: "2024-11-20T23:27:57.937", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: true, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "1996-02-21T05:00:00.000", references: [ { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0143", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0143", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
cygnus | cygnus_network_security | 4.0 | |
cygnus | kerbnet | 5.0 | |
mit | kerberos | 4.0 | |
mit | kerberos_5 | 1.0 | |
mit | kerberos_5 | 1.1 | |
mit | kerberos_5 | 1.1.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cygnus:cygnus_network_security:4.0:*:*:*:*:*:*:*", matchCriteriaId: "05857121-8827-45FD-886F-4269E0336036", vulnerable: true, }, { criteria: "cpe:2.3:a:cygnus:kerbnet:5.0:*:*:*:*:*:*:*", matchCriteriaId: "EE1B0821-64F1-46E3-8DD3-12FFD1B037F5", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:4.0:*:*:*:*:*:*:*", matchCriteriaId: "AFB8BD89-F049-4C3B-8744-E8D00D752DE0", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*", matchCriteriaId: "08FA60A9-10E1-4ACD-819C-17801FAD7671", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*", matchCriteriaId: "7A37987D-22F9-47AC-A07A-380F7E509BFE", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Kerberos 4 KDC program improperly frees memory twice (aka \"double-free\"), which allows remote attackers to cause a denial of service.", }, ], id: "CVE-2000-0550", lastModified: "2024-11-20T23:32:45.573", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2000-06-09T04:00:00.000", references: [ { source: "cve@mitre.org", url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { source: "cve@mitre.org", url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { source: "cve@mitre.org", url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2000-11.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2000-031.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/1465", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2000-11.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2000-031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/1465", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cygnus:cygnus_network_security:4.0:*:*:*:*:*:*:*", matchCriteriaId: "05857121-8827-45FD-886F-4269E0336036", vulnerable: true, }, { criteria: "cpe:2.3:a:cygnus:kerbnet:5.0:*:*:*:*:*:*:*", matchCriteriaId: "EE1B0821-64F1-46E3-8DD3-12FFD1B037F5", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos:4.0:*:*:*:*:*:*:*", matchCriteriaId: "AFB8BD89-F049-4C3B-8744-E8D00D752DE0", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*", matchCriteriaId: "08FA60A9-10E1-4ACD-819C-17801FAD7671", vulnerable: true, }, { criteria: "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", matchCriteriaId: "344610A8-DB6D-4407-9304-916C419F648C", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", matchCriteriaId: "B7EC2B95-4715-4EC9-A10A-2542501F8A61", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", matchCriteriaId: "64775BEF-2E53-43CA-8639-A7E54F6F4222", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges.", }, ], id: "CVE-2000-0392", lastModified: "2024-11-20T23:32:24.007", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2000-05-16T04:00:00.000", references: [ { source: "cve@mitre.org", url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html", }, { source: "cve@mitre.org", url: "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2000-06.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2000-025.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/1220", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.cert.org/advisories/CA-2000-06.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2000-025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/1220", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
var-201407-0461
Vulnerability from variot
MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session. MIT Kerberos 5 is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause a program to crash, resulting in denial-of-service conditions. Versions prior to Kerberos 1.12.2 are vulnerable.
CVE-2014-4343
An unauthenticated remote attacker with the ability to spoof packets
appearing to be from a GSSAPI acceptor can cause a double-free
condition in GSSAPI initiators (clients) which are using the SPNEGO
mechanism, by returning a different underlying mechanism than was
proposed by the initiator.
CVE-2014-4344
An unauthenticated or partially authenticated remote attacker can
cause a NULL dereference and application crash during a SPNEGO
negotiation by sending an empty token as the second or later context
token from initiator to acceptor.
For the stable distribution (wheezy), these problems have been fixed in version 1.10.1+dfsg-5+deb7u2.
For the unstable distribution (sid), these problems have been fixed in version 1.12.1+dfsg-7. ========================================================================== Ubuntu Security Notice USN-2310-1 August 11, 2014
krb5 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in Kerberos. This issue only affected Ubuntu 12.04 LTS. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2014-4344)
Tomas Kuthan and Greg Hudson discovered that the Kerberos kadmind daemon incorrectly handled buffers when used with the LDAP backend. (CVE-2014-4345)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: krb5-admin-server 1.12+dfsg-2ubuntu4.2 krb5-kdc 1.12+dfsg-2ubuntu4.2 krb5-kdc-ldap 1.12+dfsg-2ubuntu4.2 krb5-otp 1.12+dfsg-2ubuntu4.2 krb5-pkinit 1.12+dfsg-2ubuntu4.2 krb5-user 1.12+dfsg-2ubuntu4.2 libgssapi-krb5-2 1.12+dfsg-2ubuntu4.2 libgssrpc4 1.12+dfsg-2ubuntu4.2 libk5crypto3 1.12+dfsg-2ubuntu4.2 libkadm5clnt-mit9 1.12+dfsg-2ubuntu4.2 libkadm5srv-mit9 1.12+dfsg-2ubuntu4.2 libkdb5-7 1.12+dfsg-2ubuntu4.2 libkrad0 1.12+dfsg-2ubuntu4.2 libkrb5-3 1.12+dfsg-2ubuntu4.2 libkrb5support0 1.12+dfsg-2ubuntu4.2
Ubuntu 12.04 LTS: krb5-admin-server 1.10+dfsg~beta1-2ubuntu0.5 krb5-kdc 1.10+dfsg~beta1-2ubuntu0.5 krb5-kdc-ldap 1.10+dfsg~beta1-2ubuntu0.5 krb5-pkinit 1.10+dfsg~beta1-2ubuntu0.5 krb5-user 1.10+dfsg~beta1-2ubuntu0.5 libgssapi-krb5-2 1.10+dfsg~beta1-2ubuntu0.5 libgssrpc4 1.10+dfsg~beta1-2ubuntu0.5 libk5crypto3 1.10+dfsg~beta1-2ubuntu0.5 libkadm5clnt-mit8 1.10+dfsg~beta1-2ubuntu0.5 libkadm5srv-mit8 1.10+dfsg~beta1-2ubuntu0.5 libkdb5-6 1.10+dfsg~beta1-2ubuntu0.5 libkrb5-3 1.10+dfsg~beta1-2ubuntu0.5 libkrb5support0 1.10+dfsg~beta1-2ubuntu0.5
Ubuntu 10.04 LTS: krb5-admin-server 1.8.1+dfsg-2ubuntu0.13 krb5-kdc 1.8.1+dfsg-2ubuntu0.13 krb5-kdc-ldap 1.8.1+dfsg-2ubuntu0.13 krb5-pkinit 1.8.1+dfsg-2ubuntu0.13 krb5-user 1.8.1+dfsg-2ubuntu0.13 libgssapi-krb5-2 1.8.1+dfsg-2ubuntu0.13 libgssrpc4 1.8.1+dfsg-2ubuntu0.13 libk5crypto3 1.8.1+dfsg-2ubuntu0.13 libkadm5clnt-mit7 1.8.1+dfsg-2ubuntu0.13 libkadm5srv-mit7 1.8.1+dfsg-2ubuntu0.13 libkdb5-4 1.8.1+dfsg-2ubuntu0.13 libkrb5-3 1.8.1+dfsg-2ubuntu0.13 libkrb5support0 1.8.1+dfsg-2ubuntu0.13
In general, a standard system update will make all the necessary changes. The verification of md5 checksums and GPG signatures is performed automatically for you.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-crypt/mit-krb5 < 1.13 >= 1.13
Description
Multiple vulnerabilities have been discovered in MIT Kerberos 5. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All MIT Kerberos 5 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-crypt/mit-krb5-1.13"
References
[ 1 ] CVE-2014-4341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4341 [ 2 ] CVE-2014-4343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4343 [ 3 ] CVE-2014-4345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4345 [ 4 ] CVE-2014-5351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5351
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201412-53.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. (CVE-2014-4341)
This update also fixes the following bugs:
-
Prior to this update, the libkrb5 library occasionally attempted to free already freed memory when encrypting credentials. As a consequence, the calling process terminated unexpectedly with a segmentation fault. With this update, libkrb5 frees memory correctly, which allows the credentials to be encrypted appropriately and thus prevents the mentioned crash. (BZ#1004632)
-
Previously, when the krb5 client library was waiting for a response from a server, the timeout variable in certain cases became a negative number. Consequently, the client could enter a loop while checking for responses. With this update, the client logic has been modified and the described error no longer occurs. After installing the updated packages, the krb5kdc daemon will be restarted automatically. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: krb5 security, bug fix and enhancement update Advisory ID: RHSA-2015:0439-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0439.html Issue date: 2015-03-05 CVE Names: CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345 CVE-2014-5352 CVE-2014-5353 CVE-2014-9421 CVE-2014-9422 CVE-2014-9423 =====================================================================
- Summary:
Updated krb5 packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
Kerberos is a networked authentication system which allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos KDC.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO acceptor for continuation tokens. A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application. (CVE-2014-4344)
A buffer overflow was found in the KADM5 administration server (kadmind) when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind. (CVE-2014-4345)
A use-after-free flaw was found in the way the MIT Kerberos libgssapi_krb5 library processed valid context deletion tokens. An attacker able to make an application using the GSS-API library (libgssapi) call the gss_process_context_token() function could use this flaw to crash that application. (CVE-2014-5352)
If kadmind were used with an LDAP back end for the KDC database, a remote, authenticated attacker with the permissions to set the password policy could crash kadmind by attempting to use a named ticket policy object as a password policy for a principal. (CVE-2014-5353)
A double-free flaw was found in the way MIT Kerberos handled invalid External Data Representation (XDR) data. An authenticated user could use this flaw to crash the MIT Kerberos administration server (kadmind), or other applications using Kerberos libraries, using specially crafted XDR packets. (CVE-2014-9421)
It was found that the MIT Kerberos administration server (kadmind) incorrectly accepted certain authentication requests for two-component server principal names. A remote attacker able to acquire a key with a particularly named principal (such as "kad/x") could use this flaw to impersonate any user to kadmind, and perform administrative actions as that user. (CVE-2014-9422)
An information disclosure flaw was found in the way MIT Kerberos RPCSEC_GSS implementation (libgssrpc) handled certain requests. An attacker could send a specially crafted request to an application using libgssrpc to disclose a limited portion of uninitialized memory used by that application. (CVE-2014-9423)
Two buffer over-read flaws were found in the way MIT Kerberos handled certain requests. A remote, unauthenticated attacker able to inject packets into a client or server application's GSSAPI session could use either of these flaws to crash the application. An attacker able to spoof packets to appear as though they are from an GSSAPI acceptor could use this flaw to crash a client application that uses MIT Kerberos. (CVE-2014-4343)
Red Hat would like to thank the MIT Kerberos project for reporting the CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, and CVE-2014-9423 issues. MIT Kerberos project acknowledges Nico Williams for helping with the analysis of CVE-2014-5352.
The krb5 packages have been upgraded to upstream version 1.12, which provides a number of bug fixes and enhancements, including:
-
Added plug-in interfaces for principal-to-username mapping and verifying authorization to user accounts.
-
When communicating with a KDC over a connected TCP or HTTPS socket, the client gives the KDC more time to reply before it transmits the request to another server. (BZ#1049709, BZ#1127995)
This update also fixes multiple bugs, for example:
- The Kerberos client library did not recognize certain exit statuses that the resolver libraries could return when looking up the addresses of servers configured in the /etc/krb5.conf file or locating Kerberos servers using DNS service location. The library could treat non-fatal return codes as fatal errors. Now, the library interprets the specific return codes correctly. (BZ#1084068, BZ#1109102)
In addition, this update adds various enhancements. Among others:
-
Added support for contacting KDCs and kpasswd servers through HTTPS proxies implementing the Kerberos KDC Proxy (KKDCP) protocol. (BZ#1109919)
-
Solution:
All krb5 users are advised to upgrade to these updated packages, which correct these issues and add these enhancements.
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1084068 - ipv6 address handling in krb5.conf 1102837 - Please backport improved GSSAPI mech configuration 1109102 - Kerberos does not handle incorrect Active Directory DNS SRV entries correctly 1109919 - Backport https support into libkrb5 1116180 - CVE-2014-4341 krb5: denial of service flaws when handling padding length longer than the plaintext 1118347 - ksu non-functional, gets invalid argument copying cred cache 1120581 - CVE-2014-4342 krb5: denial of service flaws when handling RFC 1964 tokens 1121789 - CVE-2014-4343: use-after-free crash in SPNEGO 1121876 - CVE-2014-4343 krb5: double-free flaw in SPNEGO initiators 1121877 - CVE-2014-4344 krb5: NULL pointer dereference flaw in SPNEGO acceptor for continuation tokens 1127995 - aggressive kinit timeout causes AS_REQ resent and subsequent OTP auth failure 1128157 - CVE-2014-4345 krb5: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001) 1166012 - libkadmclnt SONAME change (8 to 9) in krb5 1.12 update 1174543 - CVE-2014-5353 krb5: NULL pointer dereference when using a ticket policy name as a password policy name 1179856 - CVE-2014-5352 krb5: gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001) 1179857 - CVE-2014-9421 krb5: kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001) 1179861 - CVE-2014-9422 krb5: kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001) 1179863 - CVE-2014-9423 krb5: libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001) 1184629 - kinit loops on principals on unknown error
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: krb5-1.12.2-14.el7.src.rpm
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: krb5-1.12.2-14.el7.src.rpm
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: krb5-1.12.2-14.el7.src.rpm
ppc64: krb5-debuginfo-1.12.2-14.el7.ppc.rpm krb5-debuginfo-1.12.2-14.el7.ppc64.rpm krb5-devel-1.12.2-14.el7.ppc.rpm krb5-devel-1.12.2-14.el7.ppc64.rpm krb5-libs-1.12.2-14.el7.ppc.rpm krb5-libs-1.12.2-14.el7.ppc64.rpm krb5-pkinit-1.12.2-14.el7.ppc64.rpm krb5-server-1.12.2-14.el7.ppc64.rpm krb5-server-ldap-1.12.2-14.el7.ppc64.rpm krb5-workstation-1.12.2-14.el7.ppc64.rpm
s390x: krb5-debuginfo-1.12.2-14.el7.s390.rpm krb5-debuginfo-1.12.2-14.el7.s390x.rpm krb5-devel-1.12.2-14.el7.s390.rpm krb5-devel-1.12.2-14.el7.s390x.rpm krb5-libs-1.12.2-14.el7.s390.rpm krb5-libs-1.12.2-14.el7.s390x.rpm krb5-pkinit-1.12.2-14.el7.s390x.rpm krb5-server-1.12.2-14.el7.s390x.rpm krb5-server-ldap-1.12.2-14.el7.s390x.rpm krb5-workstation-1.12.2-14.el7.s390x.rpm
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: krb5-1.12.2-14.el7.src.rpm
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-4341 https://access.redhat.com/security/cve/CVE-2014-4342 https://access.redhat.com/security/cve/CVE-2014-4343 https://access.redhat.com/security/cve/CVE-2014-4344 https://access.redhat.com/security/cve/CVE-2014-4345 https://access.redhat.com/security/cve/CVE-2014-5352 https://access.redhat.com/security/cve/CVE-2014-5353 https://access.redhat.com/security/cve/CVE-2014-9421 https://access.redhat.com/security/cve/CVE-2014-9422 https://access.redhat.com/security/cve/CVE-2014-9423 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFU+GoxXlSAg2UNWIIRAtkZAJ9PYyHLsR1t+YWgqw4jb4XTtX8iuACgkxfi gZD8EL2lSaLXnIQxca8zLTg= =aK0y -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 6) - i386, x86_64
It was found that if a KDC served multiple realms, certain requests could cause the setup_server_realm() function to dereference a NULL pointer. (CVE-2014-4343)
These updated krb5 packages also include several bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.6 Technical Notes, linked to in the References section, for information on the most significant of these changes
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201407-0461", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "enterprise linux workstation", scope: "eq", trust: 1.6, vendor: "redhat", version: "7.0", }, { model: "enterprise linux eus", scope: "eq", trust: 1, vendor: "redhat", version: "7.6", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "7.0", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "20", }, { model: "enterprise linux server eus", scope: "eq", trust: 1, vendor: "redhat", version: "7.4", }, { model: "enterprise linux eus", scope: "eq", trust: 1, vendor: "redhat", version: "7.4", }, { model: "enterprise linux server aus", scope: "eq", trust: 1, vendor: "redhat", version: "7.6", }, { model: "enterprise linux server eus", scope: "eq", trust: 1, vendor: "redhat", version: "7.7", }, { model: "enterprise linux eus", scope: "eq", trust: 1, vendor: "redhat", version: "7.7", }, { model: "enterprise linux tus", scope: "eq", trust: 1, vendor: "redhat", version: "7.6", }, { model: "enterprise linux server aus", scope: "eq", trust: 1, vendor: "redhat", version: "7.4", }, { model: "enterprise linux server", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "enterprise linux eus", scope: "eq", trust: 1, vendor: "redhat", version: "7.3", }, { model: "enterprise linux server eus", scope: "eq", trust: 1, vendor: "redhat", version: "7.3", }, { model: "enterprise linux server aus", scope: "eq", trust: 1, vendor: "redhat", version: "7.7", }, { model: "enterprise linux server aus", scope: "eq", trust: 1, vendor: "redhat", version: "7.3", }, { model: "enterprise linux tus", scope: "eq", trust: 1, vendor: "redhat", version: "7.7", }, { model: "enterprise linux eus", scope: "eq", trust: 1, vendor: "redhat", version: "7.5", }, { model: "kerberos 5", scope: "lt", trust: 1, vendor: "mit", version: "1.12.2", }, { model: "enterprise linux tus", scope: "eq", trust: 1, vendor: "redhat", version: "7.3", }, { model: "enterprise linux desktop", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "enterprise linux server eus", scope: "eq", trust: 1, vendor: "redhat", version: "7.6", }, { model: "kerberos", scope: "lt", trust: 0.8, vendor: "mit kerberos", version: "5 1.12", }, { model: "enterprise linux hpc node", scope: "eq", trust: 0.6, vendor: "redhat", version: "7.0", }, { model: "aura collaboration environment", scope: "eq", trust: 0.3, vendor: "avaya", version: "3.0", }, { model: "big-ip wom hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2.1", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "big-ip aam", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "enterprise linux server", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "big-ip afm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "big-ip gtm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0", }, { model: "big-ip apm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "big-ip webaccelerator hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.6.0", }, { model: "big-ip gtm hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.1", }, { model: "big-ip link controller hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "one-x client enablement services sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip afm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.6.0", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "big-iq device", scope: "eq", trust: 0.3, vendor: "f5", version: "4.2", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.0", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "big-ip asm hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "aura communication manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "one-x client enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.3", }, { model: "big-ip edge gateway hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "big-ip apm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.3", }, { model: "big-ip afm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "aura system platform sp2", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "big-ip ltm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip psm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "aura session manager sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.2", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3.1", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "business server", scope: "eq", trust: 0.3, vendor: "mandriva", version: "1", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.0", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.2.4", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip apm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "aura application server sip core", scope: "eq", trust: 0.3, vendor: "avaya", version: "53002.0", }, { model: "big-ip ltm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip webaccelerator hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.2.0", }, { model: "meeting exchange", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "aura communication manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.3.0.3", }, { model: "ip office application server", scope: "eq", trust: 0.3, vendor: "avaya", version: "8.0", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.12.1", }, { model: "enterprise manager", scope: "eq", trust: 0.3, vendor: "f5", version: "2.1", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2.4", }, { model: "aura messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.1", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.2", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.40", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.4", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip ltm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip analytics hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip link controller hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.14", }, { model: "big-ip link controller hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.3", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.1", }, { model: "aura application server sip core pb23", scope: "eq", trust: 0.3, vendor: "avaya", version: "53002.0", }, { model: "aura messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3", }, { model: "big-ip asm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "meeting exchange", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.0.11", }, { model: "big-ip ltm hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "message networking", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.0", }, { model: "enterprise linux desktop", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.2", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.3.4", }, { model: "aura messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "big-ip afm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "enterprise manager", scope: "eq", trust: 0.3, vendor: "f5", version: "3.0", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip aam", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "big-ip gtm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.0.13", }, { model: "linux ia-64", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "6.2", }, { model: "big-ip pem", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "big-ip ltm hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.6.0", }, { model: "big-ip analytics hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.3.2", }, { model: "big-ip gtm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3.3", }, { model: "enterprise linux workstation", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.2", }, { model: "big-ip link controller hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "enterprise linux desktop client", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "aura messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.1", }, { model: "big-iq device", scope: "eq", trust: 0.3, vendor: "f5", version: "4.3", }, { model: "big-ip edge gateway hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "aura session manager sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "aura communication manager utility services sp", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.16.1.0.9.8", }, { model: "big-ip aam", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.0", }, { model: "iq", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.1", }, { model: "aura presence services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3.6", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "big-ip ltm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.5", }, { model: "ip office server edition", scope: "eq", trust: 0.3, vendor: "avaya", version: "9.0", }, { model: "big-ip aam", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.00", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.0", }, { model: "big-ip asm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0.0", }, { model: "aura communication manager utility services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.4.0.15", }, { model: "big-ip psm hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip gtm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip apm hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip psm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip wom hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.12", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.2", }, { model: "big-ip asm hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "cms r17", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "power hmc", scope: "eq", trust: 0.3, vendor: "ibm", version: "8.8.2.0", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "7", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.4", }, { model: "aura application server sip core pb28", scope: "eq", trust: 0.3, vendor: "avaya", version: "53002.0", }, { model: "big-ip link controller hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.00", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "big-ip edge gateway hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "10.1", }, { model: "big-ip webaccelerator hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3", }, { model: "big-ip afm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "big-ip wom hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "linux mips", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux lts", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "12.04", }, { model: "big-ip link controller hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip edge gateway hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "aura conferencing", scope: "eq", trust: 0.3, vendor: "avaya", version: "8.0", }, { model: "big-iq security", scope: "eq", trust: 0.3, vendor: "f5", version: "4.3", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "aura communication manager utility services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.5.0.15", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "big-ip psm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "communication server 1000e signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.6", }, { model: "big-ip webaccelerator hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "aix", scope: "eq", trust: 0.3, vendor: "ibm", version: "6.1", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.1.0", }, { model: "aura system manager sp2", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "big-ip wom hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip analytics 11.0.0-hf2", scope: null, trust: 0.3, vendor: "f5", version: null, }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip afm hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.3", }, { model: "aura session manager sp2", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2", }, { model: "one-x client enablement services sp2", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "ip office server edition", scope: "eq", trust: 0.3, vendor: "avaya", version: "8.1", }, { model: "big-ip asm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.3", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3.2", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "one-x client enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "communication server 1000m", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.6", }, { model: "big-ip analytics hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip analytics hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "1.0", }, { model: "enterprise linux hpc node optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "big-ip pem", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "big-ip edge gateway hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip apm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "communication server 1000m signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.6", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.3.8.3", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3.1", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "5", }, { model: "iq", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.1.1", }, { model: "communication server 1000e", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.6", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2.3", }, { model: "big-ip psm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip ltm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.3.9.3", }, { model: "aura application server sip core pb19", scope: "eq", trust: 0.3, vendor: "avaya", version: "53002.0", }, { model: "aura communication manager utility services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "business server", scope: "eq", trust: 0.3, vendor: "mandriva", version: "1x8664", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "aix", scope: "eq", trust: 0.3, vendor: "ibm", version: "5.3", }, { model: "big-ip apm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.0.10", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "aura collaboration environment", scope: "eq", trust: 0.3, vendor: "avaya", version: "2.0", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "communication server 1000m", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.7", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.3.3", }, { model: "big-ip asm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "aura conferencing", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.2", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "communication server 1000m signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.1.1", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.6.0", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.00", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip link controller hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip ltm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-iq cloud", scope: "eq", trust: 0.3, vendor: "f5", version: "4.0", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "aura messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.1", }, { model: "communication server 1000e", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip apm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.1", }, { model: "big-ip gtm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.0", }, { model: "big-ip link controller hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.1", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.6.0", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.2", }, { model: "power hmc", scope: "eq", trust: 0.3, vendor: "ibm", version: "8.8.1.0", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "6", }, { model: "aura application server sip core pb3", scope: "eq", trust: 0.3, vendor: "avaya", version: "53003.0", }, { model: "big-ip wom hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-iq cloud", scope: "eq", trust: 0.3, vendor: "f5", version: "4.2", }, { model: "aura application server sip core pb26", scope: "eq", trust: 0.3, vendor: "avaya", version: "53002.0", }, { model: "linux lts", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "14.04", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "1.1", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.0.12", }, { model: "big-ip asm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.00", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.1.1", }, { model: "big-ip analytics hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "big-ip gtm hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-iq cloud", scope: "eq", trust: 0.3, vendor: "f5", version: "4.1", }, { model: "big-ip webaccelerator hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "big-ip gtm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "aura system manager sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3.3", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip link controller hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "aura system manager sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.2", }, { model: "linux s/390", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "big-ip asm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "communication server 1000m signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.0", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "communication server 1000e", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.0", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.2", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2", }, { model: "big-ip psm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "aura session manager sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.5", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.1.9", }, { model: "big-ip pem", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.0", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "aura application server sip core pb5", scope: "eq", trust: 0.3, vendor: "avaya", version: "53003.0", }, { model: "big-ip apm hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "aura session manager sp2", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "big-ip analytics hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "linux arm", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "big-ip psm hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "aura presence services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.1", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "proactive contact", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.0", }, { model: "ip office application server", scope: "eq", trust: 0.3, vendor: "avaya", version: "8.1", }, { model: "centos", scope: "eq", trust: 0.3, vendor: "centos", version: "5", }, { model: "big-ip asm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.1.8", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.4", }, { model: "linux lts", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "10.04", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.2", }, { model: "big-ip webaccelerator hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.1", }, { model: "aura session manager sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "aura conferencing standard edition", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1", }, { model: "aura communication manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.1.0.9", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "big-ip apm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "aura application server sip core", scope: "eq", trust: 0.3, vendor: "avaya", version: "53003.0", }, { model: "aura application server sip core pb25", scope: "eq", trust: 0.3, vendor: "avaya", version: "53002.0", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.1", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.6", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.1", }, { model: "big-ip analytics hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "communication server 1000e signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0.00", }, { model: "aura messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "big-ip asm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.3", }, { model: "aura system manager sp3", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "big-ip ltm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-iq security", scope: "eq", trust: 0.3, vendor: "f5", version: "4.0", }, { model: "aura system platform sp3", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "big-ip analytics hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2.2", }, { model: "enterprise manager", scope: "eq", trust: 0.3, vendor: "f5", version: "2.3", }, { model: "aura conferencing", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.0", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "big-ip psm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.6.0", }, { model: "aura system platform sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "big-ip gtm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-iq cloud", scope: "eq", trust: 0.3, vendor: "f5", version: "4.3", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "big-ip ltm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip apm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip wom hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2.1", }, { model: "enterprise linux desktop optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "aura communication manager utility services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "proactive contact", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.1", }, { model: "big-iq security", scope: "eq", trust: 0.3, vendor: "f5", version: "4.2", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0", }, { model: "linux", scope: null, trust: 0.3, vendor: "gentoo", version: null, }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "big-ip analytics hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "enterprise linux hpc node", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "aura communication manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.1", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.1", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.2.5", }, { model: "big-ip pem", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "communication server 1000e signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.5", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "aura communication manager utility services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.0.9.8", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "enterprise linux server", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "aix", scope: "eq", trust: 0.3, vendor: "ibm", version: "7.1", }, { model: "aura application server sip core pb16", scope: "eq", trust: 0.3, vendor: "avaya", version: "53002.0", }, { model: "big-iq security", scope: "eq", trust: 0.3, vendor: "f5", version: "4.1", }, { model: "aura communication manager utility services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.0", }, { model: "linux ia-32", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "kerberos", scope: "ne", trust: 0.3, vendor: "mit", version: "51.12.2", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0.00", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "big-ip link controller hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip gtm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "ip office application server", scope: "eq", trust: 0.3, vendor: "avaya", version: "9.0", }, { model: "iq", scope: "eq", trust: 0.3, vendor: "avaya", version: "5", }, { model: "big-ip psm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "communication server 1000m", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.5", }, { model: "enterprise manager", scope: "eq", trust: 0.3, vendor: "f5", version: "3.1.1", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "communication server 1000e signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.0", }, { model: "aura communication manager utility services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "enterprise linux desktop workstation client", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "enterprise manager", scope: "eq", trust: 0.3, vendor: "f5", version: "3.1", }, { model: "aura messaging sp4", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.3.0", }, { model: "big-ip pem hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "big-ip edge gateway hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "iq", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.1", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.1.3", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.7", }, { model: "communication server 1000m signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.5", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "big-ip edge gateway hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip aam", scope: "eq", trust: 0.3, vendor: "f5", version: "11.6.0", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3.4", }, { model: "aura application server sip core", scope: "eq", trust: 0.3, vendor: "avaya", version: "53002.1", }, { model: "communication server 1000e", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.5", }, { model: "big-ip psm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "communication server 1000m", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.0", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2.4", }, ], sources: [ { db: "BID", id: "68909", }, { db: "JVNDB", id: "JVNDB-2014-003508", }, { db: "NVD", id: "CVE-2014-4341", }, { db: "CNNVD", id: "CNNVD-201407-512", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.12.2", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_tus:7.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_tus:7.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_tus:7.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2014-4341", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Greg Hudson", sources: [ { db: "BID", id: "68909", }, ], trust: 0.3, }, cve: "CVE-2014-4341", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 5, confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2014-4341", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2014-4341", trust: 1.8, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201407-512", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2014-003508", }, { db: "NVD", id: "CVE-2014-4341", }, { db: "CNNVD", id: "CNNVD-201407-512", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session. MIT Kerberos 5 is prone to a remote denial-of-service vulnerability. \nAttackers can exploit this issue to cause a program to crash, resulting in denial-of-service conditions. \nVersions prior to Kerberos 1.12.2 are vulnerable. \n\nCVE-2014-4343\n\n An unauthenticated remote attacker with the ability to spoof packets\n appearing to be from a GSSAPI acceptor can cause a double-free\n condition in GSSAPI initiators (clients) which are using the SPNEGO\n mechanism, by returning a different underlying mechanism than was\n proposed by the initiator. \n\nCVE-2014-4344\n\n An unauthenticated or partially authenticated remote attacker can\n cause a NULL dereference and application crash during a SPNEGO\n negotiation by sending an empty token as the second or later context\n token from initiator to acceptor. \n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 1.10.1+dfsg-5+deb7u2. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.12.1+dfsg-7. ==========================================================================\nUbuntu Security Notice USN-2310-1\nAugust 11, 2014\n\nkrb5 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Kerberos. This issue only affected Ubuntu\n12.04 LTS. This\nissue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. This issue only affected\nUbuntu 10.04 LTS and Ubuntu 12.04 LTS. \nThis issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. \n(CVE-2014-4344)\n\nTomas Kuthan and Greg Hudson discovered that the Kerberos kadmind daemon\nincorrectly handled buffers when used with the LDAP backend. (CVE-2014-4345)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n krb5-admin-server 1.12+dfsg-2ubuntu4.2\n krb5-kdc 1.12+dfsg-2ubuntu4.2\n krb5-kdc-ldap 1.12+dfsg-2ubuntu4.2\n krb5-otp 1.12+dfsg-2ubuntu4.2\n krb5-pkinit 1.12+dfsg-2ubuntu4.2\n krb5-user 1.12+dfsg-2ubuntu4.2\n libgssapi-krb5-2 1.12+dfsg-2ubuntu4.2\n libgssrpc4 1.12+dfsg-2ubuntu4.2\n libk5crypto3 1.12+dfsg-2ubuntu4.2\n libkadm5clnt-mit9 1.12+dfsg-2ubuntu4.2\n libkadm5srv-mit9 1.12+dfsg-2ubuntu4.2\n libkdb5-7 1.12+dfsg-2ubuntu4.2\n libkrad0 1.12+dfsg-2ubuntu4.2\n libkrb5-3 1.12+dfsg-2ubuntu4.2\n libkrb5support0 1.12+dfsg-2ubuntu4.2\n\nUbuntu 12.04 LTS:\n krb5-admin-server 1.10+dfsg~beta1-2ubuntu0.5\n krb5-kdc 1.10+dfsg~beta1-2ubuntu0.5\n krb5-kdc-ldap 1.10+dfsg~beta1-2ubuntu0.5\n krb5-pkinit 1.10+dfsg~beta1-2ubuntu0.5\n krb5-user 1.10+dfsg~beta1-2ubuntu0.5\n libgssapi-krb5-2 1.10+dfsg~beta1-2ubuntu0.5\n libgssrpc4 1.10+dfsg~beta1-2ubuntu0.5\n libk5crypto3 1.10+dfsg~beta1-2ubuntu0.5\n libkadm5clnt-mit8 1.10+dfsg~beta1-2ubuntu0.5\n libkadm5srv-mit8 1.10+dfsg~beta1-2ubuntu0.5\n libkdb5-6 1.10+dfsg~beta1-2ubuntu0.5\n libkrb5-3 1.10+dfsg~beta1-2ubuntu0.5\n libkrb5support0 1.10+dfsg~beta1-2ubuntu0.5\n\nUbuntu 10.04 LTS:\n krb5-admin-server 1.8.1+dfsg-2ubuntu0.13\n krb5-kdc 1.8.1+dfsg-2ubuntu0.13\n krb5-kdc-ldap 1.8.1+dfsg-2ubuntu0.13\n krb5-pkinit 1.8.1+dfsg-2ubuntu0.13\n krb5-user 1.8.1+dfsg-2ubuntu0.13\n libgssapi-krb5-2 1.8.1+dfsg-2ubuntu0.13\n libgssrpc4 1.8.1+dfsg-2ubuntu0.13\n libk5crypto3 1.8.1+dfsg-2ubuntu0.13\n libkadm5clnt-mit7 1.8.1+dfsg-2ubuntu0.13\n libkadm5srv-mit7 1.8.1+dfsg-2ubuntu0.13\n libkdb5-4 1.8.1+dfsg-2ubuntu0.13\n libkrb5-3 1.8.1+dfsg-2ubuntu0.13\n libkrb5support0 1.8.1+dfsg-2ubuntu0.13\n\nIn general, a standard system update will make all the necessary changes. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-crypt/mit-krb5 < 1.13 >= 1.13 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in MIT Kerberos 5. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll MIT Kerberos 5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-crypt/mit-krb5-1.13\"\n\nReferences\n==========\n\n[ 1 ] CVE-2014-4341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4341\n[ 2 ] CVE-2014-4343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4343\n[ 3 ] CVE-2014-4345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4345\n[ 4 ] CVE-2014-5351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5351\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201412-53.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users' machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. (CVE-2014-4341)\n\nThis update also fixes the following bugs:\n\n* Prior to this update, the libkrb5 library occasionally attempted to free\nalready freed memory when encrypting credentials. As a consequence, the\ncalling process terminated unexpectedly with a segmentation fault. \nWith this update, libkrb5 frees memory correctly, which allows the\ncredentials to be encrypted appropriately and thus prevents the mentioned\ncrash. (BZ#1004632)\n\n* Previously, when the krb5 client library was waiting for a response from\na server, the timeout variable in certain cases became a negative number. \nConsequently, the client could enter a loop while checking for responses. \nWith this update, the client logic has been modified and the described\nerror no longer occurs. After installing the\nupdated packages, the krb5kdc daemon will be restarted automatically. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: krb5 security, bug fix and enhancement update\nAdvisory ID: RHSA-2015:0439-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-0439.html\nIssue date: 2015-03-05\nCVE Names: CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 \n CVE-2014-4344 CVE-2014-4345 CVE-2014-5352 \n CVE-2014-5353 CVE-2014-9421 CVE-2014-9422 \n CVE-2014-9423 \n=====================================================================\n\n1. Summary:\n\nUpdated krb5 packages that fix multiple security issues, several bugs, and\nadd various enhancements are now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\nKerberos is a networked authentication system which allows clients and\nservers to authenticate to each other with the help of a trusted third\nparty, the Kerberos KDC. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nA NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO\nacceptor for continuation tokens. A remote, unauthenticated attacker could\nuse this flaw to crash a GSSAPI-enabled server application. (CVE-2014-4344)\n\nA buffer overflow was found in the KADM5 administration server (kadmind)\nwhen it was used with an LDAP back end for the KDC database. A remote,\nauthenticated attacker could potentially use this flaw to execute arbitrary\ncode on the system running kadmind. (CVE-2014-4345)\n\nA use-after-free flaw was found in the way the MIT Kerberos libgssapi_krb5\nlibrary processed valid context deletion tokens. An attacker able to make\nan application using the GSS-API library (libgssapi) call the\ngss_process_context_token() function could use this flaw to crash that\napplication. (CVE-2014-5352)\n\nIf kadmind were used with an LDAP back end for the KDC database, a remote,\nauthenticated attacker with the permissions to set the password policy\ncould crash kadmind by attempting to use a named ticket policy object as a\npassword policy for a principal. (CVE-2014-5353)\n\nA double-free flaw was found in the way MIT Kerberos handled invalid\nExternal Data Representation (XDR) data. An authenticated user could use\nthis flaw to crash the MIT Kerberos administration server (kadmind), or\nother applications using Kerberos libraries, using specially crafted XDR\npackets. (CVE-2014-9421)\n\nIt was found that the MIT Kerberos administration server (kadmind)\nincorrectly accepted certain authentication requests for two-component\nserver principal names. A remote attacker able to acquire a key with a\nparticularly named principal (such as \"kad/x\") could use this flaw to\nimpersonate any user to kadmind, and perform administrative actions as that\nuser. (CVE-2014-9422)\n\nAn information disclosure flaw was found in the way MIT Kerberos RPCSEC_GSS\nimplementation (libgssrpc) handled certain requests. An attacker could send\na specially crafted request to an application using libgssrpc to disclose a\nlimited portion of uninitialized memory used by that application. \n(CVE-2014-9423)\n\nTwo buffer over-read flaws were found in the way MIT Kerberos handled\ncertain requests. A remote, unauthenticated attacker able to inject packets\ninto a client or server application's GSSAPI session could use either of\nthese flaws to crash the application. An\nattacker able to spoof packets to appear as though they are from an GSSAPI\nacceptor could use this flaw to crash a client application that uses MIT\nKerberos. (CVE-2014-4343)\n\nRed Hat would like to thank the MIT Kerberos project for reporting the\nCVE-2014-5352, CVE-2014-9421, CVE-2014-9422, and CVE-2014-9423 issues. MIT\nKerberos project acknowledges Nico Williams for helping with the analysis\nof CVE-2014-5352. \n\nThe krb5 packages have been upgraded to upstream version 1.12, which\nprovides a number of bug fixes and enhancements, including:\n\n* Added plug-in interfaces for principal-to-username mapping and verifying\nauthorization to user accounts. \n\n* When communicating with a KDC over a connected TCP or HTTPS socket, the\nclient gives the KDC more time to reply before it transmits the request to\nanother server. (BZ#1049709, BZ#1127995)\n\nThis update also fixes multiple bugs, for example:\n\n* The Kerberos client library did not recognize certain exit statuses that\nthe resolver libraries could return when looking up the addresses of\nservers configured in the /etc/krb5.conf file or locating Kerberos servers\nusing DNS service location. The library could treat non-fatal return codes\nas fatal errors. Now, the library interprets the specific return codes\ncorrectly. (BZ#1084068, BZ#1109102)\n\nIn addition, this update adds various enhancements. Among others:\n\n* Added support for contacting KDCs and kpasswd servers through HTTPS\nproxies implementing the Kerberos KDC Proxy (KKDCP) protocol. (BZ#1109919)\n\n4. Solution:\n\nAll krb5 users are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements. \n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1084068 - ipv6 address handling in krb5.conf\n1102837 - Please backport improved GSSAPI mech configuration\n1109102 - Kerberos does not handle incorrect Active Directory DNS SRV entries correctly\n1109919 - Backport https support into libkrb5\n1116180 - CVE-2014-4341 krb5: denial of service flaws when handling padding length longer than the plaintext\n1118347 - ksu non-functional, gets invalid argument copying cred cache\n1120581 - CVE-2014-4342 krb5: denial of service flaws when handling RFC 1964 tokens\n1121789 - CVE-2014-4343: use-after-free crash in SPNEGO\n1121876 - CVE-2014-4343 krb5: double-free flaw in SPNEGO initiators\n1121877 - CVE-2014-4344 krb5: NULL pointer dereference flaw in SPNEGO acceptor for continuation tokens\n1127995 - aggressive kinit timeout causes AS_REQ resent and subsequent OTP auth failure\n1128157 - CVE-2014-4345 krb5: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001)\n1166012 - libkadmclnt SONAME change (8 to 9) in krb5 1.12 update\n1174543 - CVE-2014-5353 krb5: NULL pointer dereference when using a ticket policy name as a password policy name\n1179856 - CVE-2014-5352 krb5: gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)\n1179857 - CVE-2014-9421 krb5: kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)\n1179861 - CVE-2014-9422 krb5: kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)\n1179863 - CVE-2014-9423 krb5: libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)\n1184629 - kinit loops on principals on unknown error\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nkrb5-1.12.2-14.el7.src.rpm\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-libs-1.12.2-14.el7.i686.rpm\nkrb5-libs-1.12.2-14.el7.x86_64.rpm\nkrb5-pkinit-1.12.2-14.el7.x86_64.rpm\nkrb5-workstation-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-devel-1.12.2-14.el7.i686.rpm\nkrb5-devel-1.12.2-14.el7.x86_64.rpm\nkrb5-server-1.12.2-14.el7.x86_64.rpm\nkrb5-server-ldap-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nkrb5-1.12.2-14.el7.src.rpm\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-libs-1.12.2-14.el7.i686.rpm\nkrb5-libs-1.12.2-14.el7.x86_64.rpm\nkrb5-pkinit-1.12.2-14.el7.x86_64.rpm\nkrb5-workstation-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-devel-1.12.2-14.el7.i686.rpm\nkrb5-devel-1.12.2-14.el7.x86_64.rpm\nkrb5-server-1.12.2-14.el7.x86_64.rpm\nkrb5-server-ldap-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nkrb5-1.12.2-14.el7.src.rpm\n\nppc64:\nkrb5-debuginfo-1.12.2-14.el7.ppc.rpm\nkrb5-debuginfo-1.12.2-14.el7.ppc64.rpm\nkrb5-devel-1.12.2-14.el7.ppc.rpm\nkrb5-devel-1.12.2-14.el7.ppc64.rpm\nkrb5-libs-1.12.2-14.el7.ppc.rpm\nkrb5-libs-1.12.2-14.el7.ppc64.rpm\nkrb5-pkinit-1.12.2-14.el7.ppc64.rpm\nkrb5-server-1.12.2-14.el7.ppc64.rpm\nkrb5-server-ldap-1.12.2-14.el7.ppc64.rpm\nkrb5-workstation-1.12.2-14.el7.ppc64.rpm\n\ns390x:\nkrb5-debuginfo-1.12.2-14.el7.s390.rpm\nkrb5-debuginfo-1.12.2-14.el7.s390x.rpm\nkrb5-devel-1.12.2-14.el7.s390.rpm\nkrb5-devel-1.12.2-14.el7.s390x.rpm\nkrb5-libs-1.12.2-14.el7.s390.rpm\nkrb5-libs-1.12.2-14.el7.s390x.rpm\nkrb5-pkinit-1.12.2-14.el7.s390x.rpm\nkrb5-server-1.12.2-14.el7.s390x.rpm\nkrb5-server-ldap-1.12.2-14.el7.s390x.rpm\nkrb5-workstation-1.12.2-14.el7.s390x.rpm\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-devel-1.12.2-14.el7.i686.rpm\nkrb5-devel-1.12.2-14.el7.x86_64.rpm\nkrb5-libs-1.12.2-14.el7.i686.rpm\nkrb5-libs-1.12.2-14.el7.x86_64.rpm\nkrb5-pkinit-1.12.2-14.el7.x86_64.rpm\nkrb5-server-1.12.2-14.el7.x86_64.rpm\nkrb5-server-ldap-1.12.2-14.el7.x86_64.rpm\nkrb5-workstation-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nkrb5-1.12.2-14.el7.src.rpm\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-devel-1.12.2-14.el7.i686.rpm\nkrb5-devel-1.12.2-14.el7.x86_64.rpm\nkrb5-libs-1.12.2-14.el7.i686.rpm\nkrb5-libs-1.12.2-14.el7.x86_64.rpm\nkrb5-pkinit-1.12.2-14.el7.x86_64.rpm\nkrb5-server-1.12.2-14.el7.x86_64.rpm\nkrb5-server-ldap-1.12.2-14.el7.x86_64.rpm\nkrb5-workstation-1.12.2-14.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-4341\nhttps://access.redhat.com/security/cve/CVE-2014-4342\nhttps://access.redhat.com/security/cve/CVE-2014-4343\nhttps://access.redhat.com/security/cve/CVE-2014-4344\nhttps://access.redhat.com/security/cve/CVE-2014-4345\nhttps://access.redhat.com/security/cve/CVE-2014-5352\nhttps://access.redhat.com/security/cve/CVE-2014-5353\nhttps://access.redhat.com/security/cve/CVE-2014-9421\nhttps://access.redhat.com/security/cve/CVE-2014-9422\nhttps://access.redhat.com/security/cve/CVE-2014-9423\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFU+GoxXlSAg2UNWIIRAtkZAJ9PYyHLsR1t+YWgqw4jb4XTtX8iuACgkxfi\ngZD8EL2lSaLXnIQxca8zLTg=\n=aK0y\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 6) - i386, x86_64\n\n3. \n\nIt was found that if a KDC served multiple realms, certain requests could\ncause the setup_server_realm() function to dereference a NULL pointer. (CVE-2014-4343)\n\nThese updated krb5 packages also include several bug fixes. Space precludes\ndocumenting all of these changes in this advisory. Users are directed to\nthe Red Hat Enterprise Linux 6.6 Technical Notes, linked to in the\nReferences section, for information on the most significant of these\nchanges", sources: [ { db: "NVD", id: "CVE-2014-4341", }, { db: "JVNDB", id: "JVNDB-2014-003508", }, { db: "BID", id: "68909", }, { db: "PACKETSTORM", id: "127813", }, { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "128077", }, { db: "PACKETSTORM", id: "129774", }, { db: "PACKETSTORM", id: "128267", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, ], trust: 2.52, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2014-4341", trust: 3.4, }, { db: "BID", id: "68909", trust: 1.9, }, { db: "SECUNIA", id: "59102", trust: 1.6, }, { db: "SECUNIA", id: "60448", trust: 1.6, }, { db: "SECUNIA", id: "60082", trust: 1.6, }, { db: "SECTRACK", id: "1030706", trust: 1.6, }, { db: "JVNDB", id: "JVNDB-2014-003508", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201407-512", trust: 0.6, }, { db: "PACKETSTORM", id: "127813", trust: 0.1, }, { db: "PACKETSTORM", id: "127825", trust: 0.1, }, { db: "PACKETSTORM", id: "128077", trust: 0.1, }, { db: "PACKETSTORM", id: "129774", trust: 0.1, }, { db: "PACKETSTORM", id: "128267", trust: 0.1, }, { db: "PACKETSTORM", id: "130669", trust: 0.1, }, { db: "PACKETSTORM", id: "128660", trust: 0.1, }, ], sources: [ { db: "BID", id: "68909", }, { db: "JVNDB", id: "JVNDB-2014-003508", }, { db: "PACKETSTORM", id: "127813", }, { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "128077", }, { db: "PACKETSTORM", id: "129774", }, { db: "PACKETSTORM", id: "128267", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, { db: "NVD", id: "CVE-2014-4341", }, { db: "CNNVD", id: "CNNVD-201407-512", }, ], }, id: "VAR-201407-0461", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.44401007833333334, }, last_update_date: "2023-12-18T11:35:24.421000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "krb5/krb5", trust: 0.8, url: "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73", }, { title: "RHSA-2015:0439", trust: 0.8, url: "https://rhn.redhat.com/errata/rhsa-2015-0439.html", }, { title: "Ticket #7949 Handle invalid RFC 1964 tokens [CVE-2014-4341 CVE-2014-4342]", trust: 0.8, url: "http://krbdev.mit.edu/rt/ticket/display.html?id=7949", }, { title: "Multiple Buffer Errors vulnerabilities in Kerberos", trust: 0.8, url: "https://blogs.oracle.com/sunsecurity/entry/multiple_buffer_errors_vulnerabilities_in4", }, { title: "src-lib-gssapi-krb5-k5unseal.c", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=50896", }, { title: "src-lib-gssapi-krb5-k5unsealiov.c", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=50897", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2014-003508", }, { db: "CNNVD", id: "CNNVD-201407-512", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-125", trust: 1, }, { problemtype: "CWE-119", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2014-003508", }, { db: "NVD", id: "CVE-2014-4341", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.9, url: "http://krbdev.mit.edu/rt/ticket/display.html?id=7949", }, { trust: 1.9, url: "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", }, { trust: 1.9, url: "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73", }, { trust: 1.7, url: "http://advisories.mageia.org/mgasa-2014-0345.html", }, { trust: 1.7, url: "http://security.gentoo.org/glsa/glsa-201412-53.xml", }, { trust: 1.7, url: "http://rhn.redhat.com/errata/rhsa-2015-0439.html", }, { trust: 1.6, url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136360.html", }, { trust: 1.6, url: "http://secunia.com/advisories/59102", }, { trust: 1.6, url: "http://secunia.com/advisories/60082", }, { trust: 1.6, url: "http://secunia.com/advisories/60448", }, { trust: 1.6, url: "http://www.debian.org/security/2014/dsa-3000", }, { trust: 1.6, url: "http://www.mandriva.com/security/advisories?name=mdvsa-2014:165", }, { trust: 1.6, url: "http://www.securityfocus.com/bid/68909", }, { trust: 1.6, url: "http://www.securitytracker.com/id/1030706", }, { trust: 1.6, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/94904", }, { trust: 0.9, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4341", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4341", }, { trust: 0.7, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4341", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4345", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4344", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4343", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4342", }, { trust: 0.3, url: "http://web.mit.edu/kerberos/", }, { trust: 0.3, url: "https://downloads.avaya.com/css/p8/documents/101001206", }, { trust: 0.3, url: "https://downloads.avaya.com/css/p8/documents/101004185", }, { trust: 0.3, url: "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020664", }, { trust: 0.3, url: "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15552.html?ref=rss", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2013-1418", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2013-6800", }, { trust: 0.3, url: "https://www.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.3, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.3, url: "https://bugzilla.redhat.com/):", }, { trust: 0.3, url: "https://access.redhat.com/articles/11258", }, { trust: 0.3, url: "https://access.redhat.com/security/updates/classification/#moderate", }, { trust: 0.2, url: "http://www.debian.org/security/", }, { trust: 0.2, url: "https://www.redhat.com/security/data/cve/cve-2013-6800.html", }, { trust: 0.2, url: "https://www.redhat.com/security/data/cve/cve-2013-1418.html", }, { trust: 0.2, url: "https://access.redhat.com/security/team/key/#package", }, { trust: 0.2, url: "https://www.redhat.com/security/data/cve/cve-2014-4341.html", }, { trust: 0.2, url: "https://www.redhat.com/security/data/cve/cve-2014-4344.html", }, { trust: 0.1, url: "http://www.debian.org/security/faq", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/krb5/1.8.1+dfsg-2ubuntu0.13", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/krb5/1.12+dfsg-2ubuntu4.2", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-1416", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/krb5/1.10+dfsg~beta1-2ubuntu0.5", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2012-1016", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-1415", }, { trust: 0.1, url: "http://www.ubuntu.com/usn/usn-2310-1", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4344", }, { trust: 0.1, url: "http://www.mandriva.com/en/support/security/", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4345", }, { trust: 0.1, url: "http://www.mandriva.com/en/support/security/advisories/", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4342", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-4343", }, { trust: 0.1, url: "http://creativecommons.org/licenses/by-sa/2.5", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-5351", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-4345", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-4341", }, { trust: 0.1, url: "http://security.gentoo.org/", }, { trust: 0.1, url: "https://bugs.gentoo.org.", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-5351", }, { trust: 0.1, url: "https://rhn.redhat.com/errata/rhsa-2014-1245.html", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4342", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4343", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-9421", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-5353", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-9423", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4341", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-5353", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-9422", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-9421", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4345", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-9423", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-5352", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-5352", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-9422", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4344", }, { trust: 0.1, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4345.html", }, { trust: 0.1, url: "https://rhn.redhat.com/errata/rhsa-2014-1389.html", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4343.html", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/6.6_technical_notes/krb5.html#rhsa-2014-1389", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4342.html", }, ], sources: [ { db: "BID", id: "68909", }, { db: "JVNDB", id: "JVNDB-2014-003508", }, { db: "PACKETSTORM", id: "127813", }, { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "128077", }, { db: "PACKETSTORM", id: "129774", }, { db: "PACKETSTORM", id: "128267", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, { db: "NVD", id: "CVE-2014-4341", }, { db: "CNNVD", id: "CNNVD-201407-512", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "BID", id: "68909", }, { db: "JVNDB", id: "JVNDB-2014-003508", }, { db: "PACKETSTORM", id: "127813", }, { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "128077", }, { db: "PACKETSTORM", id: "129774", }, { db: "PACKETSTORM", id: "128267", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, { db: "NVD", id: "CVE-2014-4341", }, { db: "CNNVD", id: "CNNVD-201407-512", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2014-06-26T00:00:00", db: "BID", id: "68909", }, { date: "2014-07-23T00:00:00", db: "JVNDB", id: "JVNDB-2014-003508", }, { date: "2014-08-11T13:33:00", db: "PACKETSTORM", id: "127813", }, { date: "2014-08-11T18:24:00", db: "PACKETSTORM", id: "127825", }, { date: "2014-09-02T20:17:38", db: "PACKETSTORM", id: "128077", }, { date: "2014-12-31T12:12:00", db: "PACKETSTORM", id: "129774", }, { date: "2014-09-16T14:08:26", db: "PACKETSTORM", id: "128267", }, { date: "2015-03-05T21:51:51", db: "PACKETSTORM", id: "130669", }, { date: "2014-10-14T23:04:48", db: "PACKETSTORM", id: "128660", }, { date: "2014-07-20T11:12:50.823000", db: "NVD", id: "CVE-2014-4341", }, { date: "2014-07-23T00:00:00", db: "CNNVD", id: "CNNVD-201407-512", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2015-05-07T17:32:00", db: "BID", id: "68909", }, { date: "2015-06-08T00:00:00", db: "JVNDB", id: "JVNDB-2014-003508", }, { date: "2021-02-02T19:00:48.647000", db: "NVD", id: "CVE-2014-4341", }, { date: "2021-02-03T00:00:00", db: "CNNVD", id: "CNNVD-201407-512", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "128077", }, { db: "PACKETSTORM", id: "128267", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, { db: "CNNVD", id: "CNNVD-201407-512", }, ], trust: 1.1, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "MIT Kerberos 5 Service disruption in (DoS) Vulnerabilities", sources: [ { db: "JVNDB", id: "JVNDB-2014-003508", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-201407-512", }, ], trust: 0.6, }, }
var-200505-0162
Vulnerability from variot
Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. The gzip program contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary code or create a denial-of-service condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Included with many products telnet Clients env_opt_add() There is a vulnerability that causes a buffer overflow when certain input data including escape characters is processed due to improper bounds checking in the function.Configured by a third party telnet Guided or crafted the target user to log in to the server Web By displaying the page, arbitrary code may be executed with the user's authority. Multiple vendors' Telnet client applications are reported prone to a remote buffer-overflow vulnerability. This vulnerability reportedly occurs in the 'env_opt_add()' function in the 'telnet.c' source file, which is apparently common source for all the affected vendors.
Want to work within IT-Security?
Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit.
Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/
TITLE: gzip Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA21996
VERIFY ADVISORY: http://secunia.com/advisories/21996/
CRITICAL: Moderately critical
IMPACT: DoS, System access
WHERE:
From remote
SOFTWARE: gzip 1.x http://secunia.com/product/4220/
DESCRIPTION: Tavis Ormandy has reported some vulnerabilities in gzip, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
1) A boundary error within the "make_table()" function in unlzh.c can be used to modify certain stack data. tricking a user or automated system into unpacking a specially crafted archive file. tricking a user or automated system into unpacking a specially crafted "pack" archive file.
3) A buffer overflow within the "make_table()" function of gzip's LZH support can be exploited to cause a DoS and potentially to compromise a vulnerable system by e.g. tricking a user or automated system into unpacking an archive containing a specially crafted decoding table.
4) A NULL pointer dereference within the "huft_build()" function and an infinite loop within the LZH handling can be exploited to cause a DoS by e.g. tricking a user or automated system into unpacking a specially crafted archive file.
The vulnerabilities have been reported in version 1.3.5. Other versions may also be affected.
SOLUTION: Do not unpack untrusted archive files.
PROVIDED AND/OR DISCOVERED BY: Tavis Ormandy, Google Security Team
ORIGINAL ADVISORY: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676
OTHER REFERENCES: US-CERT VU#554780: http://www.kb.cert.org/vuls/id/554780
US-CERT VU#381508: http://www.kb.cert.org/vuls/id/381508
US-CERT VU#773548: http://www.kb.cert.org/vuls/id/773548
US-CERT VU#933712: http://www.kb.cert.org/vuls/id/933712
US-CERT VU#596848 http://www.kb.cert.org/vuls/id/596848
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. BACKGROUND
The TELNET protocol allows virtual network terminals to be connected to over the internet. The initial description of the telnet protocol was given in RFC854 in May 1983. Since then there have been many extra features added including encryption.
II.
The vulnerability specifically exists in the env_opt_add() function of telnet.c. A buffer of a fixed size (256 bytes) is allocated to store the result of the processing this function performs on network input. If this buffer is not large enough to contain the string, the buffer is expanded by a further 256 bytes. This size is sufficient for most well formed input, as the buffer passed as input to the affected function is limited to the same size. However, due to the way the telnet protocol escapes certain characters, it is possible to increase the length of the output by including a large run of characters which need escaping. This can allow the 256 byte input buffer to expand to a maximum of 512 bytes in the allocated storage buffer. If, after expanding the buffer by 256 bytes, the buffer is still not large enough to contain the input, a heap based buffer overflow occurs, which is exploitable on at least some affected platforms.
III. It may be possible to automatically launch the telnet command from a webpage, for example:
On opening this page the telnet client may be launched and attempt to connect to the host 'malicious.server'. IV. DETECTION iDEFENSE has confirmed the existance of the vulnerability in the telnet client included in the Kerberos V5 Release 1.3.6 package and the client included in the SUNWtnetc package of Solaris 5.9. It is suspected that most BSD based telnet clients are affected by this vulnerability. V. WORKAROUND iDEFENSE is currently unaware of any effective workarounds for this vulnerability. VI. VENDOR RESPONSE The following vendors have provided official responses related to this vulnerability. Other vendors may be affected but have not provided an official response. Vulnerable: - ALT Linux All supported ALT Linux distributions include telnet client derived from OpenBSD 3.0. The env_opt_add() buffer overflow vulnerability is present in all our telnet clients. Updated packages with fixes for these issues will be released on March 28, 2005. http://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html - Apple Computer, Inc. Component: Telnet Available for: Mac OS X 10.3.8, Mac OS X Server 10.3.8 This is fixed in Security Update 2005-003, which is available at http://docs.info.apple.com/article.html?artnum=61798 - FreeBSD FreeBSD-SA-05:01.telnet security advisory: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc - MIT (Kerberos) This vulnerability is covered in the following upcoming advisory: MITKRB5-SA-2005-001: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-001-telnet.txt patch against krb5-1.4: http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt - Openwall Project The bugs are fixed starting with telnet package version 3.0-owl2. http://www.openwall.com/Owl/CHANGES-current.shtml - Red Hat, Inc. Red Hat Enterprise Linux ship with telnet and krb5 packages vulnerable to this issue. New telnet and krb5 packages are now available along with our advisory at the URLs below and by using the Red Hat Network 'up2date' tool. Red Hat Enterprise Linux - telnet http://rhn.redhat.com/errata/RHSA-2005-330.html Red Hat Enterprise Linux - krb5 http://rhn.redhat.com/errata/RHSA-2005-327.html - Sun Microsystems Inc. Sun confirms that the telnet(1) vulnerabilities do affect all currently supported versions of Solaris: Solaris 7, 8, 9 and 10 Sun has released a Sun Alert which describes a workaround until patches are available at: http://sunsolve.sun.com Sun Alert #57755 The Sun Alert will be updated with the patch information once it becomes available. Sun patches are available from: http://sunsolve.sun.com/securitypatch Not Vulnerable: - CyberSafe Limited The CyberSafe TrustBroker products, version 3.0 or later, are not vulnerable. - Hewlett-Packard Development Company, L.P. HP-UX and HP Tru64 UNIX are not vulnerable. - InterSoft International, Inc. InterSoft International, Inc. products NetTerm, SecureNetTerm and SNetTerm are not affected by the env_opt_add() buffer overflow conditions. VII. CVE INFORMATION The Common Vulnerabilities and Exposures (CVE) project has assigned the name CAN-2005-0468 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems. VIII. DISCLOSURE TIMELINE 02/18/2005 Initial vendor notifications 03/28/2005 Coordinated public disclosure IX. CREDIT Ga\xebl Delalleau credited with this discovery. Get paid for vulnerability research http://www.idefense.com/poi/teams/vcp.jsp Free tools, research and upcoming events http://labs.idefense.com X. LEGAL NOTICES Copyright \xa9 2005 iDEFENSE, Inc. Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDEFENSE. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please email customerservice@idefense.com for permission. Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. Workaround ========== There is no known workaround at this time. Resolution ========== All telnet-bsd users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/telnet-bsd-1.0-r1" References ========== [ 1 ] CAN-2005-0468 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468 [ 2 ] IDEF0867 http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities [ 3 ] CAN-2005-0469 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469 [ 4 ] IDEF0866 http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200504-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.0 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SCO Security Advisory Subject: UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : telnet client multiple issues Advisory number: SCOSA-2005.21 Issue date: 2005 April 08 Cross reference: sr893210 fz531446 erg712801 CAN-2005-0469 CAN-2005-0468 ______________________________________________________________________________ 1. UnixWare 7.1.4 4.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.21 4.2 Verification MD5 (erg712801.714.pkg.Z) = bf53673ea12a1c25e3606a5b879adbc4 md5 is available for download from ftp://ftp.sco.com/pub/security/tools 4.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: Download erg712801.714.pkg.Z to the /var/spool/pkg directory # uncompress /var/spool/pkg/erg712801.714.pkg.Z # pkgadd -d /var/spool/pkg/erg712801.714.pkg 5. UnixWare 7.1.3 5.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.21 5.2 Verification MD5 (erg712801.713.pkg.Z) = e876b261afbecb41c18c26d6ec11e71d md5 is available for download from ftp://ftp.sco.com/pub/security/tools 5.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: Download erg712801.713.pkg.Z to the /var/spool/pkg directory # uncompress /var/spool/pkg/erg712801.713.pkg.Z # pkgadd -d /var/spool/pkg/erg712801.713.pkg 6. UnixWare 7.1.1 6.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.21 6.2 Verification MD5 (erg712801.711.pkg.Z) = f3099416a793c1f731bc7e377fe0e4a2 md5 is available for download from ftp://ftp.sco.com/pub/security/tools 6.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: Download erg712801.711.pkg.Z to the /var/spool/pkg directory # uncompress /var/spool/pkg/erg712801.711.pkg.Z # pkgadd -d /var/spool/pkg/erg712801.711.pkg 7. References Specific references for this advisory: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469 http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities SCO security resources: http://www.sco.com/support/security/index.html SCO security advisories via email http://www.sco.com/support/forums/security.html This security fix closes SCO incidents sr893210 fz531446 erg712801. Disclaimer SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. Additional user interaction may not be required if the attacker can get the user to view HTML containing an IFRAME tag containing a "telnet:" URL pointing to a malicious server. FIXES ===== * WORKAROUND: Disable handling of "telnet:" URLs in web browsers, email readers, etc., or remove execute permissions from the telnet client program. * The upcoming krb5-1.4.1 patch release will contain fixes for this problem. * Apply the patch found at: http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt The associated detached PGP signature is at: http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt.asc The patch was generated against the krb5-1.4 release. It may apply against earlier releases with some offset. DETAILS ======= The slc_add_reply() function in telnet.c performs inadequate length checking. The env_opt_add() function in telnet.c performs inadequate length checking. For the stable distribution (woody) these problems have been fixed in version 1.2.4-5woody8. For the unstable distribution (sid) these problems have been fixed in version 1.3.6-1. We recommend that you upgrade your krb5 package. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody8.dsc Size/MD5 checksum: 750 51c3ea6dcf74a9d82bef016509870c3d http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody8.diff.gz Size/MD5 checksum: 83173 97d5ce1eeec763cc67d56b0758891a0f http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4.orig.tar.gz Size/MD5 checksum: 5443051 663add9b5942be74a86fa860a3fa4167 Architecture independent components: http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.2.4-5woody8_all.deb Size/MD5 checksum: 512968 88dea0dcf727a6fe03457485e6c98ea4 Alpha architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_alpha.deb Size/MD5 checksum: 253798 4124ad89c3d6698ae5ce09cc0a810e77 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_alpha.deb Size/MD5 checksum: 217536 02bdd8e928ce65cfc415de890106cde7 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_alpha.deb Size/MD5 checksum: 63072 9aa2b092cc3d4729f6d309160b27117c http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_alpha.deb Size/MD5 checksum: 252162 0f2b0638347b34b07ab919c05b7a404a http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_alpha.deb Size/MD5 checksum: 76452 4eab68ade26bdd00dc733183f673cf7e http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_alpha.deb Size/MD5 checksum: 59106 4c00e1ad73ba0be9631ed3b20846cf31 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_alpha.deb Size/MD5 checksum: 207478 f94b1e493f4a35a9244ab0a71f714f61 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_alpha.deb Size/MD5 checksum: 83948 b4870cfb49811f9e9bfc182004d6e72a http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_alpha.deb Size/MD5 checksum: 633440 f794455df495082bd8c40b2f0a6e0f22 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_alpha.deb Size/MD5 checksum: 367446 248fced4d354d47649deaa0c5d349354 ARM architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_arm.deb Size/MD5 checksum: 197342 11591d7d943ee2d38f0117b53ec59026 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_arm.deb Size/MD5 checksum: 160678 f4118cf6266830f7db9553329dcc1532 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_arm.deb Size/MD5 checksum: 48830 dc4986db69fc9fa3aacd9487a1a57004 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_arm.deb Size/MD5 checksum: 198672 6e11c792134a4d9bd602a7461895c42c http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_arm.deb Size/MD5 checksum: 63738 01cee2e685f3bc973f7cce7e5ec08f56 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_arm.deb Size/MD5 checksum: 49406 03755be7fa950f05c099aff6dc847e7d http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_arm.deb Size/MD5 checksum: 166018 b8000d9c82076d7134aacf28a3ae7a98 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_arm.deb Size/MD5 checksum: 73626 3070b54d29b8174b78886e37bc25c112 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_arm.deb Size/MD5 checksum: 493632 b74a2e03c250019f25ff58387792d666 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_arm.deb Size/MD5 checksum: 295230 bd4ccc64814aeebd0071b68dc964080d Intel IA-32 architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_i386.deb Size/MD5 checksum: 179362 e38dffa6b1e44da9c05ab5569283141b http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_i386.deb Size/MD5 checksum: 152348 eb2d37aca6f5aeb2ecd3dc7a66b351fc http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_i386.deb Size/MD5 checksum: 46370 dda52cc0f381955716025f4f3f210630 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_i386.deb Size/MD5 checksum: 178578 3d9e28bc8bbd83161cd8c9781db99e76 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_i386.deb Size/MD5 checksum: 61358 846936ed49d43dddf11c8239e7ecb74f http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_i386.deb Size/MD5 checksum: 46652 4b12ff1ef17b81aadec2cf27c249b263 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_i386.deb Size/MD5 checksum: 156624 2a626d8694742a825242085d83efb40f http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_i386.deb Size/MD5 checksum: 72022 678e924f12886c54cb3ca9bdee6a8da4 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_i386.deb Size/MD5 checksum: 433960 9a90e0a4c79b81f2d00945fb7bdf84da http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_i386.deb Size/MD5 checksum: 293706 be17bc6de25438a34466e7a47c5e4a0f Intel IA-64 architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_ia64.deb Size/MD5 checksum: 322390 bd8deae9fe5e2fd0d0e304d93c676c95 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_ia64.deb Size/MD5 checksum: 266614 fa5fedbcc5ce19cf0fd6e0f019988aaa http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_ia64.deb Size/MD5 checksum: 73742 3b21c0fd054d80e979808c47bef49b15 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_ia64.deb Size/MD5 checksum: 322348 b893958f43de292d927b49cd9dda434b http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_ia64.deb Size/MD5 checksum: 92050 2c1a3cf4ae7311dc95a696bf919148e9 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_ia64.deb Size/MD5 checksum: 70700 38b66040685eb5421abcb92cdcb682df http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_ia64.deb Size/MD5 checksum: 256278 5440c691dcc69e168105b60a4433332d http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_ia64.deb Size/MD5 checksum: 107650 0b12f0212a2e8ee31654a605e7b74219 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_ia64.deb Size/MD5 checksum: 705942 9dc21d18876a435f5ecbae3c1fa90fac http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_ia64.deb Size/MD5 checksum: 475034 072e1682115dd9c556d2eca5c65780af HP Precision architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_hppa.deb Size/MD5 checksum: 214666 50a69b51ec610a919c00e13dad97c237 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_hppa.deb Size/MD5 checksum: 189950 ed974a7360091fe4ea8a5dee5f310a93 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_hppa.deb Size/MD5 checksum: 54064 87d03aa246e3a8bed874ea20aab5c90c http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_hppa.deb Size/MD5 checksum: 214092 fdb3544036609131e218f1293d59ab62 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_hppa.deb Size/MD5 checksum: 68802 6476e62e8872de28da85a6d7ff6a91a8 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_hppa.deb Size/MD5 checksum: 55892 ae903fa8671838a64061748b150503ae http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_hppa.deb Size/MD5 checksum: 183066 bde3354927006d85aed74b4ce67f379b http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_hppa.deb Size/MD5 checksum: 85122 160ea9c72f59ee814853092ba414f37e http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_hppa.deb Size/MD5 checksum: 558094 4b5f91e312a31a075cf0ee5f5abb28f4 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_hppa.deb Size/MD5 checksum: 362152 bf33b679c8e3023f1baa81dedc1c9e32 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_m68k.deb Size/MD5 checksum: 164376 695f5090f6f02ef5ffcdb94994923d1d http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_m68k.deb Size/MD5 checksum: 144904 f03b67ac31422c20cd2024a7f530f077 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_m68k.deb Size/MD5 checksum: 44522 7bb04f7623ecb06934e615790364744e http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_m68k.deb Size/MD5 checksum: 164106 460978cf8ba185277681491f91269bd3 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_m68k.deb Size/MD5 checksum: 57054 8bcee8e9061c204cc1d53f310603f647 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_m68k.deb Size/MD5 checksum: 44838 c57524e8c13e8f007451617b6c99374f http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_m68k.deb Size/MD5 checksum: 146184 ef14d19fd5d0d4bb4a4ee88287e556cd http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_m68k.deb Size/MD5 checksum: 70032 1bccace886d6c662ab3b10b0cfaa29d9 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_m68k.deb Size/MD5 checksum: 409054 be8e8f2a4573bb15ec6024f00a1c4087 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_m68k.deb Size/MD5 checksum: 277330 c78d56b08e2e4c37bc7d9d1aae9272f6 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_mips.deb Size/MD5 checksum: 206742 9881404c18f586f88b60322f6ac46e11 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_mips.deb Size/MD5 checksum: 191334 637743e42bdcbd990a8a8eaec03f04e6 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_mips.deb Size/MD5 checksum: 53510 c194be0f6dedfbaa82f3f7f51bbafe48 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_mips.deb Size/MD5 checksum: 209794 7ad1a3ae1a623910446a89d44f4d7c0a http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_mips.deb Size/MD5 checksum: 66606 0921f3d4930ad9501eba05cb48c86093 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_mips.deb Size/MD5 checksum: 55072 22603859834a0c66169b9c6b3438296b http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_mips.deb Size/MD5 checksum: 175416 edcbd96200fec2b725a64df310856287 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_mips.deb Size/MD5 checksum: 72292 afa180a53f462b42ada57f4183e481b2 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_mips.deb Size/MD5 checksum: 541350 be00fa435c03a2474310c03b3aadb3d0 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_mips.deb Size/MD5 checksum: 308518 db69345f0ad3df1e0b3b70310ffa6ed6 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_mipsel.deb Size/MD5 checksum: 210850 d7831efe581155af02fbf4cd4b298577 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_mipsel.deb Size/MD5 checksum: 190990 facf8459bd0684335304e2a9af7b8ec1 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_mipsel.deb Size/MD5 checksum: 53694 cbae172d0491dd9f259b31f502d3f0ef http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_mipsel.deb Size/MD5 checksum: 213350 9b2e3742c660d42556e790503cfa73c2 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_mipsel.deb Size/MD5 checksum: 66918 cf9b408405283ea6cda2dc7d79dc5187 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_mipsel.deb Size/MD5 checksum: 54936 13d0e562fea89e39cecffe02caa5184f http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_mipsel.deb Size/MD5 checksum: 177270 6e92b594956acc65452e8c351222fb53 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_mipsel.deb Size/MD5 checksum: 72106 54a3fbae7e86134d48ee49befcb00c99 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_mipsel.deb Size/MD5 checksum: 540884 a93fd74e3cfce1d61e81dc15adeede7d http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_mipsel.deb Size/MD5 checksum: 307184 e725f0ab101cf33b1eb127eb3d18df81 PowerPC architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_powerpc.deb Size/MD5 checksum: 188456 1605cd80b08025be71477d33bae41d53 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_powerpc.deb Size/MD5 checksum: 164152 0e3d09352a72b78dce03519b297a87c3 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_powerpc.deb Size/MD5 checksum: 49372 9289fc6a3d9a4a1e35e55a8f536b2762 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_powerpc.deb Size/MD5 checksum: 189546 cee053d38c1f38de08966f6957ed914a http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_powerpc.deb Size/MD5 checksum: 62728 e6f98290ed591d955d5c80eb58d9f6dd http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_powerpc.deb Size/MD5 checksum: 49338 bf451f9b226dd16dac16ee9c59d97783 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_powerpc.deb Size/MD5 checksum: 162762 2edc9dee6e7672c838626cd391820de9 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_powerpc.deb Size/MD5 checksum: 74060 5c6ce5c10f005fa31786354fd60c4616 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_powerpc.deb Size/MD5 checksum: 490920 1a5ee5de494c46f5c00598b2ef5dff3d http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_powerpc.deb Size/MD5 checksum: 303574 0972361a36370e77050b37e46aeaed66 IBM S/390 architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_s390.deb Size/MD5 checksum: 189308 1b5d39163a97cb6ea829810afb1a648c http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_s390.deb Size/MD5 checksum: 166440 0709eaf98f958d5190afbe956a277995 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_s390.deb Size/MD5 checksum: 50302 f8721e09d7b159a5e16b293a8999d43c http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_s390.deb Size/MD5 checksum: 190628 cd1c66f7eaa63239aee8fbb4a26bed76 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_s390.deb Size/MD5 checksum: 67096 a191f8826271cfe94a8aef0d8e6aece1 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_s390.deb Size/MD5 checksum: 50278 b0fccd0d25256f8357e8f32e815bf6f6 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_s390.deb Size/MD5 checksum: 164334 ce022c07d1815b0df8b5f9a46e8c2ed8 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_s390.deb Size/MD5 checksum: 76638 4aa46656e9c0293fb5e28e56391e77bc http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_s390.deb Size/MD5 checksum: 453482 b52bf2d4a664c52c350f80c1593ea5c2 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_s390.deb Size/MD5 checksum: 319656 7b7d0c4b136d99b9dfaf798d4f94d0c9 Sun Sparc architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_sparc.deb Size/MD5 checksum: 183454 aa907094cbdaac57da2f0eca9b8eb5bd http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_sparc.deb Size/MD5 checksum: 173036 7f173f3267bcab3e66922ea6d40b9108 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_sparc.deb Size/MD5 checksum: 49792 ce46cc950c54a24025647cec765c6e6b http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_sparc.deb Size/MD5 checksum: 184358 1ae257a74f7e385a2e4e186a26e86da6 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_sparc.deb Size/MD5 checksum: 64400 6429cb02f6d8c3948ef94176ee077c9e http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_sparc.deb Size/MD5 checksum: 49780 dc7690038fd1b4125179157411f96396 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_sparc.deb Size/MD5 checksum: 159528 4c9938799737182f5fd4455f7ba08508 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_sparc.deb Size/MD5 checksum: 73406 83f33192e1d069af16c155136117b331 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_sparc.deb Size/MD5 checksum: 463024 94916989bafb9975e1d973cc0210b1d0 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_sparc.deb Size/MD5 checksum: 301464 ebf61bee3343e02ea2d64066a6713424 These files will probably be moved into the stable distribution on its next update. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-333A Apple Releases Security Update to Address Multiple Vulnerabilities Original release date: November 29, 2006 Last revised: -- Source: US-CERT Systems Affected * Apple Mac OS X version 10.3.x and 10.4.x * Apple Mac OS X Server version 10.3.x and 10.4.x * Apple Safari web browser These vulnerabilities affect both Intel-based and PowerPC-based Apple systems. Vulnerabilities in OpenSSL, gzip, and other products are also addressed. I. Further details are available in the related vulnerability notes. This security update also addresses previously known vulnerabilities in PHP, Perl, OpenSSL, and gzip, which are shipped with Mac OS X. The OpenSSL vulnerabilities are documented in multiple vulnerability notes. Information is also available through the OpenSSL vulnerabilities page. Information about the vulnerabilities in gzip is available in a series of vulnerability notes. Impact The impacts of these vulnerabilities vary. For specific details, see the appropriate vulnerability notes. Solution Install updates Install Apple Security Update 2006-007. References * Vulnerability Notes for Apple Security Update 2006-007 - * Vulnerability Notes for OpenSSL Security Advisory [28th September 2006] - * Vulnerability Note VU#845620 - * Vulnerability Note VU#933712 - * Vulnerability Note VU#381508 - * Vulnerability Note VU#554780 - * Vulnerability Note VU#596848 - * Vulnerability Note VU#773548 - * About the security content of Security Update 2006-007 - * Mac OS X: Updating your software - * Apple Downloads - * OpenSSL: OpenSSL vulnerabilities - * Securing Your Web Browser - _________________________________________________________________ The most recent version of this document can be found at: _________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA06-333A Feedback VU#191336" in the subject. _________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: _________________________________________________________________ Revision History November 29, 2006: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRW33NuxOF3G+ig+rAQJtiggApJKRh7x+z8vp0xb26sE16RUOD3epcrk6 lJZ4rXnqVqoFacAt0Ucb8T43/Uc4N85UMa695YbFspYZum3hcGZo+WnNPolGUeRz iN/4bfKgzekfpbHxf6T3YvQYp+PVMRfHPUcxfaZDYXhu2813N4SSQpM59KRL5BD7 xr+5VvB09biVKlzpEdgtk2EHcqc+sMF5+o3cCgDJCnJNL+NG4J6d/hsyNP15ekTf 8m0W4rJonUe2gR2Bp7F1Y47KgRr3BT1aH2gxUSim9qEJpPdP/CkmGoFp+BfrFP9q A580LOrqFK8HIly1fbPKb26p2theUUESnQqM9Ob8xolkCDLy6h7ssg== =f7N+ -----END PGP SIGNATURE----- Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200505-0162", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: null, scope: null, trust: 3.2, vendor: "freebsd", version: null, }, { model: null, scope: null, trust: 3.2, vendor: "red hat", version: null, }, { model: null, scope: null, trust: 2.4, vendor: "debian gnu linux", version: null, }, { model: null, scope: null, trust: 2.4, vendor: "f5", version: null, }, { model: null, scope: null, trust: 2.4, vendor: "slackware linux", version: null, }, { model: null, scope: null, trust: 2.4, vendor: "ubuntu", version: null, }, { model: null, scope: null, trust: 2.4, vendor: "apple computer", version: null, }, { model: null, scope: null, trust: 2.4, vendor: "openwall gnu linux", version: null, }, { model: null, scope: null, trust: 1.6, vendor: "openpkg", version: null, }, { model: null, scope: null, trust: 1.6, vendor: "openssl", version: null, }, { model: null, scope: null, trust: 1.6, vendor: "oracle", version: null, }, { model: null, scope: null, trust: 1.6, vendor: "suse linux", version: null, }, { model: null, scope: null, trust: 1.6, vendor: "rpath", version: null, }, { model: null, scope: null, trust: 1.6, vendor: "gentoo linux", version: null, }, { model: null, scope: null, trust: 1.6, vendor: "sun microsystems", version: null, }, { model: "telnet", scope: "eq", trust: 1.6, vendor: "ncsa", version: "c", }, { model: null, scope: null, trust: 0.8, vendor: "trustix secure linux", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "appgate network security", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "attachmatewrq", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "avaya", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "blue coat", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "gnutls", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "hewlett packard", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "iaik java group", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "ibm", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "internet consortium", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "intoto", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "juniper", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "mandriva", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "mozilla", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "opera", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "rsa security", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "ssh security corp", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "sybase", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "vmware", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "vandyke", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "conectiva", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "debian", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "fedora", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "heimdal", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "mit kerberos team", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "mandrakesoft", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "openbsd", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "sco unix", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "sgi", version: null, }, { model: "kerberos", scope: "lt", trust: 0.8, vendor: "mit kerberos", version: "5 (krb5-1.4.1 )", }, { model: "seil/neu", scope: "eq", trust: 0.8, vendor: "internet initiative", version: "ver. 2.x firmware version 2.10(jamming) ~ 2.27(ridge)", }, { model: "seil/plus", scope: "eq", trust: 0.8, vendor: "internet initiative", version: "firmware version 1.00(snappy) ~ 1.51(swisssingle)", }, { model: "seil/turbo", scope: "eq", trust: 0.8, vendor: "internet initiative", version: "firmware version 1.10(aberdeen) ~ 1.51(riodell)", }, { model: "asianux server", scope: "eq", trust: 0.8, vendor: "cybertrust", version: "2.0", }, { model: "asianux server", scope: "eq", trust: 0.8, vendor: "cybertrust", version: "2.1", }, { model: "asianux server", scope: "eq", trust: 0.8, vendor: "cybertrust", version: "3.0", }, { model: "seam", scope: "lte", trust: 0.8, vendor: "sun microsystems", version: "1.0.2", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "10 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "10 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "7.0 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "7.0 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "8 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "8 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "9 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "9 (x86)", }, { model: "turbolinux", scope: "eq", trust: 0.8, vendor: "turbo linux", version: "10_f", }, { model: "turbolinux appliance server", scope: "eq", trust: 0.8, vendor: "turbo linux", version: "1.0 (hosting)", }, { model: "turbolinux appliance server", scope: "eq", trust: 0.8, vendor: "turbo linux", version: "1.0 (workgroup)", }, { model: "turbolinux server", scope: "eq", trust: 0.8, vendor: "turbo linux", version: "10", }, { model: "turbolinux server", scope: "eq", trust: 0.8, vendor: "turbo linux", version: "8", }, { model: "home", scope: null, trust: 0.8, vendor: "turbo linux", version: null, }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "2.1 (as)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "2.1 (es)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "2.1 (ws)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "3 (as)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "3 (es)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "3 (ws)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "4 (as)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "4 (es)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "4 (ws)", }, { model: "irix", scope: "eq", trust: 0.6, vendor: "sgi", version: "4.0.5", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.1.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.8", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.2", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.20", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.14", }, { model: "alpha", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.0", }, { model: "openbsd", scope: "eq", trust: 0.3, vendor: "openbsd", version: "3.5", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.3", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.16", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.6", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.1", }, { model: "mn100", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.1", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3", }, { model: "s8500 r2.0.1", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.4", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "suse", version: "7.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1", }, { model: "big-ip", scope: "ne", trust: 0.3, vendor: "f5", version: "4.6.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.8", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.4", }, { model: "irix .19m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.3", }, { model: "linux personal", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.4", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.6.2", }, { model: "irix e", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.5", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.18", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.11", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.8", }, { model: "openbsd", scope: "eq", trust: 0.3, vendor: "openbsd", version: "3.6", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.13", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.9", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.0", }, { model: "linux enterprise server", scope: "eq", trust: 0.3, vendor: "suse", version: "8", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "5.1", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "7.1x86", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.3", }, { model: "linux enterprise server for s/390", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.8", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.1", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "slackware", version: "9.1", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.7", }, { model: "linux i686", scope: "eq", trust: 0.3, vendor: "redhat", version: "7.3", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.1", }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.0", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.9", }, { model: "linux", scope: "ne", trust: 0.3, vendor: "slackware", version: "10.1", }, { model: "heimdal", scope: "eq", trust: 0.3, vendor: "heimdal", version: "0.6.3", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.7", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "7.3", }, { model: "unixware", scope: "eq", trust: 0.3, vendor: "sco", version: "7.1.4", }, { model: "-release/alpha", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.1", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "5.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.6", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.14", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.2", }, { model: "linux personal", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.0", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.11", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.2", }, { model: "-release-p20", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.6", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.13", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.17", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.27", }, { model: "-release-p14", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.0", }, { model: "modular messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "2.0", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.3", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.6", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.7", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.10", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.5", }, { model: "linux mipsel", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "irix t", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.1", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "5.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.5", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.2", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.16", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.6", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.3", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "suse", version: "7.3", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.20", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.4", }, { model: "linux -current", scope: "ne", trust: 0.3, vendor: "slackware", version: null, }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.5", }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.19", }, { model: "linux enterprise server", scope: "eq", trust: 0.3, vendor: "suse", version: "9", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "8.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.1", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.17", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.5", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.3", }, { model: "-stablepre122300", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.2", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.23", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.1", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "5.04", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.2.1", }, { model: "linux", scope: "ne", trust: 0.3, vendor: "slackware", version: "10.0", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.4", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.12", }, { model: "linux ia-64", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.20", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.0.x", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0.8", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "3.3.2", }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.3", }, { model: "advanced workstation for the itanium processor", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.1", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.18", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.03", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "5.0", }, { model: "seam", scope: "eq", trust: 0.3, vendor: "sun", version: "1.0", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "suse", version: "8.0", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.9", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0.6", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.11", }, { model: "kerberos -alpha1", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.5", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "7.1", }, { model: "secure linux", scope: "eq", trust: 0.3, vendor: "trustix", version: "2.1", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "slackware", version: "8.1", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.25", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.8", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.3", }, { model: "-stablepre2002-03-07", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.5", }, { model: "linux enterprise server", scope: "eq", trust: 0.3, vendor: "suse", version: "7", }, { model: "intuity lx", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.14", }, { model: "netbsd", scope: "eq", trust: 0.3, vendor: "netbsd", version: "2.0", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.17.17", }, { model: "linux personal x86 64", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.5", }, { model: "netbsd", scope: "eq", trust: 0.3, vendor: "netbsd", version: "2.0.2", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.18", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.1", }, { model: "heimdal", scope: "eq", trust: 0.3, vendor: "heimdal", version: "0.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.2", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "7.2", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.9", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.7", }, { model: "alpha", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.0", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.10", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.2", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.7", }, { model: "linux personal", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.2", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.1.1", }, { model: "cvlan", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "heimdal", scope: "eq", trust: 0.3, vendor: "heimdal", version: "0.6.1", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.1", }, { model: "unixware", scope: "eq", trust: 0.3, vendor: "sco", version: "7.1.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.1", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.19", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.14", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "5.04", }, { model: "fedora core1", scope: null, trust: 0.3, vendor: "redhat", version: null, }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.3", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.6.2", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.15", }, { model: "linux mips", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "irix g", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.5", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.4", }, { model: "-release-p5", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.1", }, { model: "linux personal x86 64", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.0", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "5.04", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.1", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.5", }, { model: "linux arm", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "-stablepre050201", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.2", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.12", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.0", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.3", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.10", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.21", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.3", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.1", }, { model: "linux alt linux compact", scope: "eq", trust: 0.3, vendor: "alt", version: "2.3", }, { model: "converged communications server", scope: "eq", trust: 0.3, vendor: "avaya", version: "2.0", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.2", }, { model: "modular messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "1.1", }, { model: "heimdal", scope: "eq", trust: 0.3, vendor: "heimdal", version: "0.5.1", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.4", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.10", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.1", }, { model: "s8500 r2.0.0", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.2", }, { model: "s8700 r2.0.0", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.19", }, { model: "irix xfs", scope: "eq", trust: 0.3, vendor: "sgi", version: "5.3", }, { model: "seam", scope: "eq", trust: 0.3, vendor: "sun", version: "1.0.1", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.10", }, { model: "linux alt linux junior", scope: "eq", trust: 0.3, vendor: "alt", version: "2.3", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "slackware", version: "9.0", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.17", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.1", }, { model: "irix a", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.5", }, { model: "gnu/*/linux", scope: "eq", trust: 0.3, vendor: "openwall", version: "1.0", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.21", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2", }, { model: "seam", scope: "eq", trust: 0.3, vendor: "sun", version: "1.0.2", }, { model: "open server", scope: "eq", trust: 0.3, vendor: "sco", version: "5.0.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.1", }, { model: "irix d", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.5", }, { model: "-release-p7", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.8", }, { model: "-release-p32", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.5", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.12", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.2", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "redhat", version: "7.3", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.8", }, { model: "linux alpha", scope: "eq", trust: 0.3, vendor: "suse", version: "7.1", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.22", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.4", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.11", }, { model: "3-dns", scope: "ne", trust: 0.3, vendor: "f5", version: "4.5.13", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.7", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.3", }, { model: "heimdal", scope: "eq", trust: 0.3, vendor: "heimdal", version: "0.5.3", }, { model: "kerberos -beta1", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.5", }, { model: "secure linux", scope: "eq", trust: 0.3, vendor: "trustix", version: "2.2", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.6.2", }, { model: "gnu/*/linux -current", scope: null, trust: 0.3, vendor: "openwall", version: null, }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.6", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.2", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "slackware", version: "10.1", }, { model: "linux", scope: "ne", trust: 0.3, vendor: "slackware", version: "9.1", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.8", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.24", }, { model: "s8300 r2.0.0", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "heimdal", scope: "eq", trust: 0.3, vendor: "heimdal", version: "0.6.2", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "3.3.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.1.1", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.15", }, { model: "netbsd", scope: "eq", trust: 0.3, vendor: "netbsd", version: "2.0.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.6", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.6", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.10", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "7.0", }, { model: "-prerelease", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.4", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.12", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "5.1.1", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.6", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.3", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.5", }, { model: "-release-p38", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.3", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.0", }, { model: "gnu/*/linux", scope: "eq", trust: 0.3, vendor: "openwall", version: "1.1", }, { model: "s8710 r2.0.0", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.2", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.11", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "3.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.7", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.8", }, { model: "linux personal x86 64", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.2", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.3", }, { model: "heimdal", scope: "ne", trust: 0.3, vendor: "heimdal", version: "0.6.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.2", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.10", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.12", }, { model: "linux s/390", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux", scope: "ne", trust: 0.3, vendor: "slackware", version: "9.0", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.15", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.2", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.2", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.0", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.6", }, { model: "unixware", scope: "eq", trust: 0.3, vendor: "sco", version: "7.1.3", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.2", }, { model: "irix .19f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.12", }, { model: "linux personal", scope: "eq", trust: 0.3, vendor: "s u s e", version: "8.2", }, { model: "irix t", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.4", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.16", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.4", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.0", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "suse", version: "7.2", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "slackware", version: "10.0", }, { model: "open server", scope: "eq", trust: 0.3, vendor: "sco", version: "5.0.6", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "redhat", version: "9.0", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.22", }, { model: "linux m68k", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.4", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.4", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.23", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "big-ip", scope: "ne", trust: 0.3, vendor: "f5", version: "4.5.13", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.0", }, { model: "linux hppa", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.7", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.3", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.3", }, { model: "irix h", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.5", }, { model: "irix b", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.4", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.4", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.9", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.8", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.26", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.7", }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.1", }, { model: "s8710 r2.0.1", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "3.3.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.2", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.2", }, { model: "modular messaging s3400", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.24", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.8", }, { model: "3-dns", scope: "ne", trust: 0.3, vendor: "f5", version: "4.6.3", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.0", }, { model: "linux -current", scope: null, trust: 0.3, vendor: "slackware", version: null, }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.11", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.4", }, { model: "propack", scope: "eq", trust: 0.3, vendor: "sgi", version: "3.0", }, { model: "irix ipr", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.5", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "8.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.2", }, { model: "linux", scope: "ne", trust: 0.3, vendor: "slackware", version: "8.1", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.7", }, { model: "linux desktop", scope: "eq", trust: 0.3, vendor: "suse", version: "1.0", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.9", }, { model: "linux alpha", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4", }, { model: "linux alpha", scope: "eq", trust: 0.3, vendor: "suse", version: "7.0", }, { model: "advanced workstation for the itanium processor ia64", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.1", }, { model: "irix xfs", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.0.1", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.5", }, { model: "heimdal", scope: "eq", trust: 0.3, vendor: "heimdal", version: "0.5.2", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.2", }, { model: "linux", scope: null, trust: 0.3, vendor: "gentoo", version: null, }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.0.1", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "redhat", version: "7.3", }, { model: "-release-p17", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.7", }, { model: "secure enterprise linux", scope: "eq", trust: 0.3, vendor: "trustix", version: "2.0", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.13", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "3.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.6", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.3", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.7", }, { model: "s8300 r2.0.1", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.7", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.1", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "5.0.1", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.10", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.1", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.520", }, { model: "-prerelease", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.8", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.6", }, { model: "linux ia-32", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "heimdal", scope: "eq", trust: 0.3, vendor: "heimdal", version: "0.5.0", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.1.1", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.15", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.1", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.21", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.3", }, { model: "s8700 r2.0.1", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.9", }, { model: "netbsd", scope: "ne", trust: 0.3, vendor: "netbsd", version: "2.0.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.3", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.16", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.5", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.11", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.4", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.3", }, { model: "-prerelease", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.9", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.17", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.3", }, { model: "-release-p42", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.4", }, ], sources: [ { db: "CERT/CC", id: "VU#386964", }, { db: "CERT/CC", id: "VU#773548", }, { db: "CERT/CC", id: "VU#845620", }, { db: "CERT/CC", id: "VU#341908", }, { db: "BID", id: "12919", }, { db: "JVNDB", id: "JVNDB-2005-000202", }, { db: "CNNVD", id: "CNNVD-200505-503", }, { db: "NVD", id: "CVE-2005-0468", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:ncsa:telnet:c:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2005-0468", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Gael DelalleauiDEFENSE Labs labs@idefense.com", sources: [ { db: "CNNVD", id: "CNNVD-200505-503", }, ], trust: 0.6, }, cve: "CVE-2005-0468", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: true, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2005-0468", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2005-0468", trust: 1.8, value: "HIGH", }, { author: "CARNEGIE MELLON", id: "VU#386964", trust: 0.8, value: "0.32", }, { author: "CARNEGIE MELLON", id: "VU#773548", trust: 0.8, value: "1.57", }, { author: "CARNEGIE MELLON", id: "VU#845620", trust: 0.8, value: "7.56", }, { author: "CARNEGIE MELLON", id: "VU#341908", trust: 0.8, value: "29.95", }, { author: "CNNVD", id: "CNNVD-200505-503", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CERT/CC", id: "VU#386964", }, { db: "CERT/CC", id: "VU#773548", }, { db: "CERT/CC", id: "VU#845620", }, { db: "CERT/CC", id: "VU#341908", }, { db: "JVNDB", id: "JVNDB-2005-000202", }, { db: "CNNVD", id: "CNNVD-200505-503", }, { db: "NVD", id: "CVE-2005-0468", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. The gzip program contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary code or create a denial-of-service condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Included with many products telnet Clients env_opt_add() There is a vulnerability that causes a buffer overflow when certain input data including escape characters is processed due to improper bounds checking in the function.Configured by a third party telnet Guided or crafted the target user to log in to the server Web By displaying the page, arbitrary code may be executed with the user's authority. Multiple vendors' Telnet client applications are reported prone to a remote buffer-overflow vulnerability. This vulnerability reportedly occurs in the 'env_opt_add()' function in the 'telnet.c' source file, which is apparently common source for all the affected vendors. \n\n----------------------------------------------------------------------\n\nWant to work within IT-Security?\n\nSecunia is expanding its team of highly skilled security experts. \nWe will help with relocation and obtaining a work permit. \n\nCurrently the following type of positions are available:\nhttp://secunia.com/quality_assurance_analyst/\nhttp://secunia.com/web_application_security_specialist/ \nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\n\n----------------------------------------------------------------------\n\nTITLE:\ngzip Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA21996\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/21996/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n>From remote\n\nSOFTWARE:\ngzip 1.x\nhttp://secunia.com/product/4220/\n\nDESCRIPTION:\nTavis Ormandy has reported some vulnerabilities in gzip, which can be\nexploited by malicious people to cause a DoS (Denial of Service) and\npotentially compromise a vulnerable system. \n\n1) A boundary error within the \"make_table()\" function in unlzh.c can\nbe used to modify certain stack data. tricking\na user or automated system into unpacking a specially crafted archive\nfile. tricking a user or\nautomated system into unpacking a specially crafted \"pack\" archive\nfile. \n\n3) A buffer overflow within the \"make_table()\" function of gzip's LZH\nsupport can be exploited to cause a DoS and potentially to compromise\na vulnerable system by e.g. tricking a user or automated system into\nunpacking an archive containing a specially crafted decoding table. \n\n4) A NULL pointer dereference within the \"huft_build()\" function and\nan infinite loop within the LZH handling can be exploited to cause a\nDoS by e.g. tricking a user or automated system into unpacking a\nspecially crafted archive file. \n\nThe vulnerabilities have been reported in version 1.3.5. Other\nversions may also be affected. \n\nSOLUTION:\nDo not unpack untrusted archive files. \n\nPROVIDED AND/OR DISCOVERED BY:\nTavis Ormandy, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676\n\nOTHER REFERENCES:\nUS-CERT VU#554780:\nhttp://www.kb.cert.org/vuls/id/554780\n\nUS-CERT VU#381508:\nhttp://www.kb.cert.org/vuls/id/381508\n\nUS-CERT VU#773548:\nhttp://www.kb.cert.org/vuls/id/773548\n\nUS-CERT VU#933712:\nhttp://www.kb.cert.org/vuls/id/933712\n\nUS-CERT VU#596848\nhttp://www.kb.cert.org/vuls/id/596848\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. BACKGROUND\n\nThe TELNET protocol allows virtual network terminals to be connected to \nover the internet. The initial description of the telnet protocol was \ngiven in RFC854 in May 1983. Since then there have been many extra \nfeatures added including encryption. \n\nII. \n\nThe vulnerability specifically exists in the env_opt_add() function of\ntelnet.c. A buffer of a fixed size (256 bytes) is allocated to store the\nresult of the processing this function performs on network input. If\nthis buffer is not large enough to contain the string, the buffer is \nexpanded by a further 256 bytes. This size is sufficient for most well \nformed input, as the buffer passed as input to the affected function is \nlimited to the same size. However, due to the way the telnet protocol \nescapes certain characters, it is possible to increase the length of the\noutput by including a large run of characters which need escaping. This \ncan allow the 256 byte input buffer to expand to a maximum of 512 bytes \nin the allocated storage buffer. If, after expanding the buffer by 256 \nbytes, the buffer is still not large enough to contain the input, a heap\nbased buffer overflow occurs, which is exploitable on at least some \naffected platforms. \n\nIII. It may be \npossible to automatically launch the telnet command from a webpage, for \nexample:\n\n<html><body>\n<iframe src='telnet://malicious.server/'>\n</body>\n\nOn opening this page the telnet client may be launched and attempt to \nconnect to the host 'malicious.server'. \n\nIV. DETECTION\n\niDEFENSE has confirmed the existance of the vulnerability in the telnet \nclient included in the Kerberos V5 Release 1.3.6 package and the client \nincluded in the SUNWtnetc package of Solaris 5.9. It is suspected that \nmost BSD based telnet clients are affected by this vulnerability. \n\nV. WORKAROUND\n\niDEFENSE is currently unaware of any effective workarounds for this \nvulnerability. \n\nVI. VENDOR RESPONSE\n\nThe following vendors have provided official responses related to this\nvulnerability. Other vendors may be affected but have not provided an\nofficial response. \n\nVulnerable:\n\n- ALT Linux\nAll supported ALT Linux distributions include telnet client derived from\nOpenBSD 3.0. The env_opt_add() buffer overflow vulnerability is present\nin all our telnet clients. Updated packages with fixes for these issues\nwill be released on March 28, 2005. \nhttp://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html\n\n- Apple Computer, Inc. \nComponent: Telnet\nAvailable for: Mac OS X 10.3.8, Mac OS X Server 10.3.8\nThis is fixed in Security Update 2005-003, which is available at\nhttp://docs.info.apple.com/article.html?artnum=61798\n\n- FreeBSD\nFreeBSD-SA-05:01.telnet security advisory:\nftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc\n\n- MIT (Kerberos)\nThis vulnerability is covered in the following upcoming advisory:\nMITKRB5-SA-2005-001:\n http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-001-telnet.txt\npatch against krb5-1.4:\n http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt\n\n- Openwall Project\nThe bugs are fixed starting with telnet package version 3.0-owl2. \n http://www.openwall.com/Owl/CHANGES-current.shtml\n\n- Red Hat, Inc. \nRed Hat Enterprise Linux ship with telnet and krb5 packages vulnerable\nto this issue. New telnet and krb5 packages are now available along\nwith our advisory at the URLs below and by using the Red Hat Network\n'up2date' tool. \n Red Hat Enterprise Linux - telnet\n http://rhn.redhat.com/errata/RHSA-2005-330.html\n Red Hat Enterprise Linux - krb5\n http://rhn.redhat.com/errata/RHSA-2005-327.html\n\n- Sun Microsystems Inc. \nSun confirms that the telnet(1) vulnerabilities do affect all\ncurrently supported versions of Solaris:\n Solaris 7, 8, 9 and 10\nSun has released a Sun Alert which describes a workaround until patches\nare available at:\n http://sunsolve.sun.com\n Sun Alert #57755 \nThe Sun Alert will be updated with the patch information once it becomes\navailable. Sun patches are available from:\n http://sunsolve.sun.com/securitypatch\n\nNot Vulnerable:\n\n- CyberSafe Limited\nThe CyberSafe TrustBroker products, version 3.0 or later, are not\nvulnerable. \n\n- Hewlett-Packard Development Company, L.P. \nHP-UX and HP Tru64 UNIX are not vulnerable. \n\n- InterSoft International, Inc. \nInterSoft International, Inc. products NetTerm, SecureNetTerm and\nSNetTerm are not affected by the env_opt_add() buffer overflow\nconditions. \n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CAN-2005-0468 to this issue. This is a candidate for inclusion\nin the CVE list (http://cve.mitre.org), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n02/18/2005 Initial vendor notifications\n03/28/2005 Coordinated public disclosure\n\nIX. CREDIT\n\nGa\\xebl Delalleau credited with this discovery. \n\nGet paid for vulnerability research\nhttp://www.idefense.com/poi/teams/vcp.jsp\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com\n\nX. LEGAL NOTICES\n\nCopyright \\xa9 2005 iDEFENSE, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDEFENSE. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically, please\nemail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \nThere are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct, indirect,\nor consequential loss or damage arising from use of, or reliance on,\nthis information. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll telnet-bsd users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/telnet-bsd-1.0-r1\"\n\nReferences\n==========\n\n [ 1 ] CAN-2005-0468\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468\n [ 2 ] IDEF0867\n\nhttp://www.idefense.com/application/poi/display?id=221&type=vulnerabilities\n [ 3 ] CAN-2005-0469\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469\n [ 4 ] IDEF0866\n\nhttp://www.idefense.com/application/poi/display?id=220&type=vulnerabilities\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200504-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2005 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.0\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n______________________________________________________________________________\n\n\t\t\tSCO Security Advisory\n\nSubject:\t\tUnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : telnet client multiple issues\nAdvisory number: \tSCOSA-2005.21\nIssue date: \t\t2005 April 08\nCross reference:\tsr893210 fz531446 erg712801 CAN-2005-0469 CAN-2005-0468\n______________________________________________________________________________\n\n\n1. UnixWare 7.1.4\n\n\t4.1 Location of Fixed Binaries\n\n\tftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.21\n\n\t4.2 Verification\n\n\tMD5 (erg712801.714.pkg.Z) = bf53673ea12a1c25e3606a5b879adbc4\n\n\tmd5 is available for download from\n\t\tftp://ftp.sco.com/pub/security/tools\n\n\t4.3 Installing Fixed Binaries\n\n\tUpgrade the affected binaries with the following sequence:\n\n\tDownload erg712801.714.pkg.Z to the /var/spool/pkg directory\n\n\t# uncompress /var/spool/pkg/erg712801.714.pkg.Z\n\t# pkgadd -d /var/spool/pkg/erg712801.714.pkg\n\n\n5. UnixWare 7.1.3\n\n\t5.1 Location of Fixed Binaries\n\n\tftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.21\n\n\t5.2 Verification\n\n\tMD5 (erg712801.713.pkg.Z) = e876b261afbecb41c18c26d6ec11e71d\n\n\tmd5 is available for download from\n\t\tftp://ftp.sco.com/pub/security/tools\n\n\t5.3 Installing Fixed Binaries\n\n\tUpgrade the affected binaries with the following sequence:\n\n\tDownload erg712801.713.pkg.Z to the /var/spool/pkg directory\n\n\t# uncompress /var/spool/pkg/erg712801.713.pkg.Z\n\t# pkgadd -d /var/spool/pkg/erg712801.713.pkg\n\n\n6. UnixWare 7.1.1\n\n\t6.1 Location of Fixed Binaries\n\n\tftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.21\n\n\t6.2 Verification\n\n\tMD5 (erg712801.711.pkg.Z) = f3099416a793c1f731bc7e377fe0e4a2\n\n\tmd5 is available for download from\n\t\tftp://ftp.sco.com/pub/security/tools\n\n\t6.3 Installing Fixed Binaries\n\n\tUpgrade the affected binaries with the following sequence:\n\n\tDownload erg712801.711.pkg.Z to the /var/spool/pkg directory\n\n\t# uncompress /var/spool/pkg/erg712801.711.pkg.Z\n\t# pkgadd -d /var/spool/pkg/erg712801.711.pkg\n\n\n7. References\n\n\tSpecific references for this advisory:\n\t\thttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468 \n\t\thttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469 \n\t\thttp://www.idefense.com/application/poi/display?id=221&type=vulnerabilities \n\t\thttp://www.idefense.com/application/poi/display?id=220&type=vulnerabilities\n\n\tSCO security resources:\n\t\thttp://www.sco.com/support/security/index.html\n\n\tSCO security advisories via email\n\t\thttp://www.sco.com/support/forums/security.html\n\n\tThis security fix closes SCO incidents sr893210 fz531446\n\terg712801. Disclaimer\n\n\tSCO is not responsible for the misuse of any of the information\n\twe provide on this website and/or through our security\n\tadvisories. Our advisories are a service to our customers\n\tintended to promote secure installation and use of SCO\n\tproducts. Additional user interaction may not be required if the\nattacker can get the user to view HTML containing an IFRAME tag\ncontaining a \"telnet:\" URL pointing to a malicious server. \n\nFIXES\n=====\n\n* WORKAROUND: Disable handling of \"telnet:\" URLs in web browsers,\n email readers, etc., or remove execute permissions from the telnet\n client program. \n\n* The upcoming krb5-1.4.1 patch release will contain fixes for this\n problem. \n\n* Apply the patch found at:\n\n http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt\n\n The associated detached PGP signature is at:\n\n http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt.asc\n\n The patch was generated against the krb5-1.4 release. It may apply\n against earlier releases with some offset. \n\nDETAILS\n=======\n\nThe slc_add_reply() function in telnet.c performs inadequate length\nchecking. \n\nThe env_opt_add() function in telnet.c performs inadequate length\nchecking. \n\nFor the stable distribution (woody) these problems have been fixed in\nversion 1.2.4-5woody8. \n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1.3.6-1. \n\nWe recommend that you upgrade your krb5 package. \n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody8.dsc\n Size/MD5 checksum: 750 51c3ea6dcf74a9d82bef016509870c3d\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody8.diff.gz\n Size/MD5 checksum: 83173 97d5ce1eeec763cc67d56b0758891a0f\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4.orig.tar.gz\n Size/MD5 checksum: 5443051 663add9b5942be74a86fa860a3fa4167\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.2.4-5woody8_all.deb\n Size/MD5 checksum: 512968 88dea0dcf727a6fe03457485e6c98ea4\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 253798 4124ad89c3d6698ae5ce09cc0a810e77\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 217536 02bdd8e928ce65cfc415de890106cde7\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 63072 9aa2b092cc3d4729f6d309160b27117c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 252162 0f2b0638347b34b07ab919c05b7a404a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 76452 4eab68ade26bdd00dc733183f673cf7e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 59106 4c00e1ad73ba0be9631ed3b20846cf31\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 207478 f94b1e493f4a35a9244ab0a71f714f61\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 83948 b4870cfb49811f9e9bfc182004d6e72a\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 633440 f794455df495082bd8c40b2f0a6e0f22\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 367446 248fced4d354d47649deaa0c5d349354\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 197342 11591d7d943ee2d38f0117b53ec59026\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 160678 f4118cf6266830f7db9553329dcc1532\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 48830 dc4986db69fc9fa3aacd9487a1a57004\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 198672 6e11c792134a4d9bd602a7461895c42c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 63738 01cee2e685f3bc973f7cce7e5ec08f56\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 49406 03755be7fa950f05c099aff6dc847e7d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 166018 b8000d9c82076d7134aacf28a3ae7a98\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 73626 3070b54d29b8174b78886e37bc25c112\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 493632 b74a2e03c250019f25ff58387792d666\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 295230 bd4ccc64814aeebd0071b68dc964080d\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 179362 e38dffa6b1e44da9c05ab5569283141b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 152348 eb2d37aca6f5aeb2ecd3dc7a66b351fc\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 46370 dda52cc0f381955716025f4f3f210630\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 178578 3d9e28bc8bbd83161cd8c9781db99e76\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 61358 846936ed49d43dddf11c8239e7ecb74f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 46652 4b12ff1ef17b81aadec2cf27c249b263\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 156624 2a626d8694742a825242085d83efb40f\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 72022 678e924f12886c54cb3ca9bdee6a8da4\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 433960 9a90e0a4c79b81f2d00945fb7bdf84da\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 293706 be17bc6de25438a34466e7a47c5e4a0f\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 322390 bd8deae9fe5e2fd0d0e304d93c676c95\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 266614 fa5fedbcc5ce19cf0fd6e0f019988aaa\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 73742 3b21c0fd054d80e979808c47bef49b15\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 322348 b893958f43de292d927b49cd9dda434b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 92050 2c1a3cf4ae7311dc95a696bf919148e9\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 70700 38b66040685eb5421abcb92cdcb682df\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 256278 5440c691dcc69e168105b60a4433332d\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 107650 0b12f0212a2e8ee31654a605e7b74219\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 705942 9dc21d18876a435f5ecbae3c1fa90fac\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 475034 072e1682115dd9c556d2eca5c65780af\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 214666 50a69b51ec610a919c00e13dad97c237\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 189950 ed974a7360091fe4ea8a5dee5f310a93\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 54064 87d03aa246e3a8bed874ea20aab5c90c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 214092 fdb3544036609131e218f1293d59ab62\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 68802 6476e62e8872de28da85a6d7ff6a91a8\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 55892 ae903fa8671838a64061748b150503ae\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 183066 bde3354927006d85aed74b4ce67f379b\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 85122 160ea9c72f59ee814853092ba414f37e\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 558094 4b5f91e312a31a075cf0ee5f5abb28f4\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 362152 bf33b679c8e3023f1baa81dedc1c9e32\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 164376 695f5090f6f02ef5ffcdb94994923d1d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 144904 f03b67ac31422c20cd2024a7f530f077\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 44522 7bb04f7623ecb06934e615790364744e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 164106 460978cf8ba185277681491f91269bd3\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 57054 8bcee8e9061c204cc1d53f310603f647\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 44838 c57524e8c13e8f007451617b6c99374f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 146184 ef14d19fd5d0d4bb4a4ee88287e556cd\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 70032 1bccace886d6c662ab3b10b0cfaa29d9\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 409054 be8e8f2a4573bb15ec6024f00a1c4087\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 277330 c78d56b08e2e4c37bc7d9d1aae9272f6\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 206742 9881404c18f586f88b60322f6ac46e11\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 191334 637743e42bdcbd990a8a8eaec03f04e6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 53510 c194be0f6dedfbaa82f3f7f51bbafe48\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 209794 7ad1a3ae1a623910446a89d44f4d7c0a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 66606 0921f3d4930ad9501eba05cb48c86093\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 55072 22603859834a0c66169b9c6b3438296b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 175416 edcbd96200fec2b725a64df310856287\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 72292 afa180a53f462b42ada57f4183e481b2\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 541350 be00fa435c03a2474310c03b3aadb3d0\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 308518 db69345f0ad3df1e0b3b70310ffa6ed6\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 210850 d7831efe581155af02fbf4cd4b298577\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 190990 facf8459bd0684335304e2a9af7b8ec1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 53694 cbae172d0491dd9f259b31f502d3f0ef\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 213350 9b2e3742c660d42556e790503cfa73c2\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 66918 cf9b408405283ea6cda2dc7d79dc5187\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 54936 13d0e562fea89e39cecffe02caa5184f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 177270 6e92b594956acc65452e8c351222fb53\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 72106 54a3fbae7e86134d48ee49befcb00c99\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 540884 a93fd74e3cfce1d61e81dc15adeede7d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 307184 e725f0ab101cf33b1eb127eb3d18df81\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 188456 1605cd80b08025be71477d33bae41d53\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 164152 0e3d09352a72b78dce03519b297a87c3\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 49372 9289fc6a3d9a4a1e35e55a8f536b2762\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 189546 cee053d38c1f38de08966f6957ed914a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 62728 e6f98290ed591d955d5c80eb58d9f6dd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 49338 bf451f9b226dd16dac16ee9c59d97783\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 162762 2edc9dee6e7672c838626cd391820de9\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 74060 5c6ce5c10f005fa31786354fd60c4616\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 490920 1a5ee5de494c46f5c00598b2ef5dff3d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 303574 0972361a36370e77050b37e46aeaed66\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 189308 1b5d39163a97cb6ea829810afb1a648c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 166440 0709eaf98f958d5190afbe956a277995\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 50302 f8721e09d7b159a5e16b293a8999d43c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 190628 cd1c66f7eaa63239aee8fbb4a26bed76\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 67096 a191f8826271cfe94a8aef0d8e6aece1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 50278 b0fccd0d25256f8357e8f32e815bf6f6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 164334 ce022c07d1815b0df8b5f9a46e8c2ed8\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 76638 4aa46656e9c0293fb5e28e56391e77bc\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 453482 b52bf2d4a664c52c350f80c1593ea5c2\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 319656 7b7d0c4b136d99b9dfaf798d4f94d0c9\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 183454 aa907094cbdaac57da2f0eca9b8eb5bd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 173036 7f173f3267bcab3e66922ea6d40b9108\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 49792 ce46cc950c54a24025647cec765c6e6b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 184358 1ae257a74f7e385a2e4e186a26e86da6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 64400 6429cb02f6d8c3948ef94176ee077c9e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 49780 dc7690038fd1b4125179157411f96396\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 159528 4c9938799737182f5fd4455f7ba08508\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 73406 83f33192e1d069af16c155136117b331\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 463024 94916989bafb9975e1d973cc0210b1d0\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 301464 ebf61bee3343e02ea2d64066a6713424\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA06-333A\n\n\nApple Releases Security Update to Address Multiple Vulnerabilities\n\n Original release date: November 29, 2006\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Apple Mac OS X version 10.3.x and 10.4.x\n * Apple Mac OS X Server version 10.3.x and 10.4.x\n * Apple Safari web browser\n\n These vulnerabilities affect both Intel-based and PowerPC-based Apple\n systems. Vulnerabilities in OpenSSL, gzip, and other products are also\n addressed. \n\n\nI. Further details are available in the related vulnerability\n notes. \n\n This security update also addresses previously known vulnerabilities\n in PHP, Perl, OpenSSL, and gzip, which are shipped with Mac OS X. The\n OpenSSL vulnerabilities are documented in multiple vulnerability\n notes. Information is also available through the OpenSSL\n vulnerabilities page. Information about the vulnerabilities in gzip is\n available in a series of vulnerability notes. Impact\n\n The impacts of these vulnerabilities vary. For specific details, see\n the appropriate vulnerability notes. Solution\n\nInstall updates\n\n Install Apple Security Update 2006-007. References\n\n * Vulnerability Notes for Apple Security Update 2006-007 -\n <http://www.kb.cert.org/vuls/byid?searchview&query=apple-2006-007>\n\n * Vulnerability Notes for OpenSSL Security Advisory [28th September\n 2006] -\n<http://www.kb.cert.org/vuls/byid?searchview&query=openssl_secadv_20060928>\n\n * Vulnerability Note VU#845620 -\n <http://www.kb.cert.org/vuls/id/845620>\n\n * Vulnerability Note VU#933712 -\n <http://www.kb.cert.org/vuls/id/933712>\n\n * Vulnerability Note VU#381508 -\n <http://www.kb.cert.org/vuls/id/381508>\n\n * Vulnerability Note VU#554780 -\n <http://www.kb.cert.org/vuls/id/554780>\n\n * Vulnerability Note VU#596848 -\n <http://www.kb.cert.org/vuls/id/596848>\n\n * Vulnerability Note VU#773548 -\n <http://www.kb.cert.org/vuls/id/773548>\n\n * About the security content of Security Update 2006-007 -\n <http://docs.info.apple.com/article.html?artnum=304829>\n\n * Mac OS X: Updating your software -\n <http://docs.info.apple.com/article.html?artnum=106704>\n\n * Apple Downloads - <http://www.apple.com/support/downloads/>\n\n * OpenSSL: OpenSSL vulnerabilities -\n <http://www.openssl.org/news/vulnerabilities.html>\n\n * Securing Your Web Browser -\n <http://www.us-cert.gov/reading_room/securing_browser/#Safari>\n\n _________________________________________________________________\n\n The most recent version of this document can be found at:\n\n <http://www.us-cert.gov/cas/techalerts/TA06-333A.html>\n _________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to <cert@cert.org> with \"TA06-333A Feedback VU#191336\" in the\n subject. \n _________________________________________________________________\n\n Produced 2006 by US-CERT, a government organization. \n\n Terms of use:\n\n <http://www.us-cert.gov/legal.html>\n\n _________________________________________________________________\n\n Revision History\n\n November 29, 2006: Initial release\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBRW33NuxOF3G+ig+rAQJtiggApJKRh7x+z8vp0xb26sE16RUOD3epcrk6\nlJZ4rXnqVqoFacAt0Ucb8T43/Uc4N85UMa695YbFspYZum3hcGZo+WnNPolGUeRz\niN/4bfKgzekfpbHxf6T3YvQYp+PVMRfHPUcxfaZDYXhu2813N4SSQpM59KRL5BD7\nxr+5VvB09biVKlzpEdgtk2EHcqc+sMF5+o3cCgDJCnJNL+NG4J6d/hsyNP15ekTf\n8m0W4rJonUe2gR2Bp7F1Y47KgRr3BT1aH2gxUSim9qEJpPdP/CkmGoFp+BfrFP9q\nA580LOrqFK8HIly1fbPKb26p2theUUESnQqM9Ob8xolkCDLy6h7ssg==\n=f7N+\n-----END PGP SIGNATURE-----\n", sources: [ { db: "NVD", id: "CVE-2005-0468", }, { db: "CERT/CC", id: "VU#386964", }, { db: "CERT/CC", id: "VU#773548", }, { db: "CERT/CC", id: "VU#845620", }, { db: "CERT/CC", id: "VU#341908", }, { db: "JVNDB", id: "JVNDB-2005-000202", }, { db: "BID", id: "12919", }, { db: "PACKETSTORM", id: "50178", }, { db: "PACKETSTORM", id: "38276", }, { db: "PACKETSTORM", id: "36841", }, { db: "PACKETSTORM", id: "36938", }, { db: "PACKETSTORM", id: "37029", }, { db: "PACKETSTORM", id: "37094", }, { db: "PACKETSTORM", id: "36854", }, { db: "PACKETSTORM", id: "36947", }, { db: "PACKETSTORM", id: "52708", }, ], trust: 5.58, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2005-0468", trust: 3.4, }, { db: "SECUNIA", id: "14745", trust: 3.2, }, { db: "CERT/CC", id: "VU#341908", trust: 3.2, }, { db: "BID", id: "12919", trust: 2.7, }, { db: "BID", id: "22083", trust: 1.6, }, { db: "SECUNIA", id: "17899", trust: 1.6, }, { db: "CERT/CC", id: "VU#773548", trust: 1, }, { db: "CERT/CC", id: "VU#845620", trust: 0.9, }, { db: "SECUNIA", id: "23280", trust: 0.8, }, { db: "SECUNIA", id: "23309", trust: 0.8, }, { db: "BID", id: "20246", trust: 0.8, }, { db: "CERT/CC", id: "VU#386964", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2007.0014", trust: 0.8, }, { db: "SECUNIA", id: "21709", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2005.0419", trust: 0.8, }, { db: "SECUNIA", id: "15030", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2005-000202", trust: 0.8, }, { db: "FREEBSD", id: "FREEBSD-SA-05:01.TELNET", trust: 0.6, }, { db: "DEBIAN", id: "DSA-703", trust: 0.6, }, { db: "DEBIAN", id: "DSA-731", trust: 0.6, }, { db: "SUNALERT", id: "101665", trust: 0.6, }, { db: "SUNALERT", id: "57761", trust: 0.6, }, { db: "SUNALERT", id: "101671", trust: 0.6, }, { db: "SUNALERT", id: "57755", trust: 0.6, }, { db: "REDHAT", id: "RHSA-2005:330", trust: 0.6, }, { db: "REDHAT", id: "RHSA-2005:327", trust: 0.6, }, { db: "UBUNTU", id: "USN-224-1", trust: 0.6, }, { db: "IDEFENSE", id: "20050328 MULTIPLE TELNET CLIENT ENV_OPT_ADD() BUFFER OVERFLOW VULNERABILITY", trust: 0.6, }, { db: "MANDRAKE", id: "MDKSA-2005:061", trust: 0.6, }, { db: "CONECTIVA", id: "CLA-2005:962", trust: 0.6, }, { db: "SGI", id: "20050405-01-P", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-200505-503", trust: 0.6, }, { db: "CERT/CC", id: "VU#554780", trust: 0.2, }, { db: "CERT/CC", id: "VU#933712", trust: 0.2, }, { db: "CERT/CC", id: "VU#596848", trust: 0.2, }, { db: "CERT/CC", id: "VU#381508", trust: 0.2, }, { db: "SECUNIA", id: "21996", trust: 0.2, }, { db: "PACKETSTORM", id: "50178", trust: 0.1, }, { db: "PACKETSTORM", id: "38276", trust: 0.1, }, { db: "PACKETSTORM", id: "36841", trust: 0.1, }, { db: "PACKETSTORM", id: "36938", trust: 0.1, }, { db: "PACKETSTORM", id: "37029", trust: 0.1, }, { db: "PACKETSTORM", id: "37094", trust: 0.1, }, { db: "PACKETSTORM", id: "36854", trust: 0.1, }, { db: "PACKETSTORM", id: "36947", trust: 0.1, }, { db: "USCERT", id: "TA06-333A", trust: 0.1, }, { db: "PACKETSTORM", id: "52708", trust: 0.1, }, ], sources: [ { db: "CERT/CC", id: "VU#386964", }, { db: "CERT/CC", id: "VU#773548", }, { db: "CERT/CC", id: "VU#845620", }, { db: "CERT/CC", id: "VU#341908", }, { db: "BID", id: "12919", }, { db: "JVNDB", id: "JVNDB-2005-000202", }, { db: "PACKETSTORM", id: "50178", }, { db: "PACKETSTORM", id: "38276", }, { db: "PACKETSTORM", id: "36841", }, { db: "PACKETSTORM", id: "36938", }, { db: "PACKETSTORM", id: "37029", }, { db: "PACKETSTORM", id: "37094", }, { db: "PACKETSTORM", id: "36854", }, { db: "PACKETSTORM", id: "36947", }, { db: "PACKETSTORM", id: "52708", }, { db: "CNNVD", id: "CNNVD-200505-503", }, { db: "NVD", id: "CVE-2005-0468", }, ], }, id: "VAR-200505-0162", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.4615448, }, last_update_date: "2024-07-23T22:09:05.800000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "telnet", trust: 0.8, url: "http://www.miraclelinux.com/support/update/data/telnet.html", }, { title: "MITKRB5-SA-2005-001", trust: 0.8, url: "http://web.mit.edu/kerberos/www/advisories/mitkrb5-sa-2005-001-telnet.txt", }, { title: "RHSA-2005:327", trust: 0.8, url: "http://rhn.redhat.com/errata/rhsa-2005-327.html", }, { title: "RHSA-2005:330", trust: 0.8, url: "https://rhn.redhat.com/errata/rhsa-2005-330.html", }, { title: "Telnet ソフトウェアの脆弱性による SEIL シリーズへの影響について", trust: 0.8, url: "http://www.seil.jp/seilseries/news/snote/_snote_20050810_01.html", }, { title: "57761", trust: 0.8, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1", }, { title: "57755", trust: 0.8, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1", }, { title: "57761", trust: 0.8, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-3", }, { title: "57755", trust: 0.8, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-3", }, { title: "TLSA-2005-52", trust: 0.8, url: "http://www.turbolinux.com/security/2005/tlsa-2005-52.txt", }, { title: "RHSA-2005:327", trust: 0.8, url: "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-327j.html", }, { title: "RHSA-2005:330", trust: 0.8, url: "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-330j.html", }, { title: "TLSA-2005-52", trust: 0.8, url: "http://www.turbolinux.co.jp/security/2005/tlsa-2005-52j.txt", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2005-000202", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-Other", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2005-0468", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.8, url: "http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities", }, { trust: 2.4, url: "http://www.securityfocus.com/bid/12919", }, { trust: 2.4, url: "http://www.kb.cert.org/vuls/id/341908", }, { trust: 2, url: "http://web.mit.edu/kerberos/advisories/mitkrb5-sa-2005-001-telnet.txt", }, { trust: 1.9, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1", }, { trust: 1.9, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1", }, { trust: 1.6, url: "http://www.securityfocus.com/bid/22083", }, { trust: 1.6, url: "http://secunia.com/advisories/14745/", }, { trust: 1.6, url: "http://www.redhat.com/support/errata/rhsa-2005-330.html", }, { trust: 1.6, url: "http://www.redhat.com/support/errata/rhsa-2005-327.html", }, { trust: 1.6, url: "http://www.debian.org/security/2005/dsa-703", }, { trust: 1.6, url: "ftp://patches.sgi.com/support/free/security/advisories/20050405-01-p", }, { trust: 1.6, url: "http://www.ubuntulinux.org/usn/usn-224-1", }, { trust: 1.6, url: "http://www.debian.de/security/2005/dsa-731", }, { trust: 1.6, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1", }, { trust: 1.6, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1", }, { trust: 1.6, url: "http://secunia.com/advisories/17899", }, { trust: 1.6, url: "http://secunia.com/advisories/14745", }, { trust: 1.6, url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000962", }, { trust: 1.6, url: "ftp://ftp.freebsd.org/pub/freebsd/cert/advisories/freebsd-sa-05:01.telnet.asc", }, { trust: 1.6, url: "http://www.mandriva.com/security/advisories?name=mdksa-2005:061", }, { trust: 1, url: "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9640", }, { trust: 0.8, url: "http://www.openssl.org/news/secadv_20060928.txt", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnvu%23386964/index.html", }, { trust: 0.8, url: "http://secunia.com/advisories/23280/", }, { trust: 0.8, url: "http://secunia.com/advisories/23309/", }, { trust: 0.8, url: "http://www.securityfocus.com/bid/20246", }, { trust: 0.8, url: "http://www.gzip.org/", }, { trust: 0.8, url: "http://www.auscert.org.au/7179", }, { trust: 0.8, url: "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html", }, { trust: 0.8, url: "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/", }, { trust: 0.8, url: "http://www.openssl.org/news/secadv_20060905.txt ", }, { trust: 0.8, url: "http://secunia.com/advisories/21709/", }, { trust: 0.8, url: "http://www.rsasecurity.com/rsalabs/node.asp?id=2125", }, { trust: 0.8, url: "http://www.ietf.org/rfc/rfc3447.txt", }, { trust: 0.8, url: "http://web.mit.edu/kerberos/www/...s/mitkrb5-sa-2005-001-telnet.txt ", }, { trust: 0.8, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1 ", }, { trust: 0.8, url: "http://www.auscert.org.au/5134", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-0468", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnvu%23341908", }, { trust: 0.8, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-0468", }, { trust: 0.8, url: "http://secunia.com/advisories/15030/", }, { trust: 0.7, url: "https://nvd.nist.gov/vuln/detail/cve-2005-0468", }, { trust: 0.5, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-0468", }, { trust: 0.5, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-0469", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2005-0469", }, { trust: 0.4, url: "http://lists.altlinux.ru/pipermail/security-announce/2005-march/000287.html", }, { trust: 0.4, url: "http://www.openwall.com/owl/changes-current.shtml", }, { trust: 0.4, url: "http://rhn.redhat.com/errata/rhsa-2005-327.html", }, { trust: 0.4, url: "http://rhn.redhat.com/errata/rhsa-2005-330.html", }, { trust: 0.3, url: "http://www.openbsd.org/errata.html#telnet", }, { trust: 0.3, url: "http://www.openbsd.org/errata35.html#telnet", }, { trust: 0.3, url: "http://www.pdc.kth.se/heimdal/advisory/2005-04-20/", }, { trust: 0.3, url: "http://www.uniras.gov.uk/niscc/docs/br-20051101-00969.html?lang=en", }, { trust: 0.3, url: "http://support.avaya.com/elmodocs2/security/asa-2005-088_rhsa-2005-330.pdf", }, { trust: 0.3, url: "http://support.avaya.com/elmodocs2/security/asa-2005-132_rhsa-2005-327.pdf", }, { trust: 0.3, url: "http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000962", }, { trust: 0.3, url: "http://www.f5.com/", }, { trust: 0.3, url: "http://www.netbsd.org/", }, { trust: 0.3, url: "http://docs.info.apple.com/article.html?artnum=301061", }, { trust: 0.3, url: "/archive/1/394396", }, { trust: 0.3, url: "/archive/1/394490", }, { trust: 0.3, url: "/archive/1/394524", }, { trust: 0.3, url: "http://bugs.gentoo.org.", }, { trust: 0.3, url: "http://creativecommons.org/licenses/by-sa/2.0", }, { trust: 0.3, url: "http://security.gentoo.org/", }, { trust: 0.3, url: "http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities", }, { trust: 0.2, url: "http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/id/554780", }, { trust: 0.1, url: "http://secunia.com/secunia_security_advisories/", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/id/381508", }, { trust: 0.1, url: "http://secunia.com/quality_assurance_analyst/", }, { trust: 0.1, url: "http://secunia.com/product/4220/", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/id/773548", }, { trust: 0.1, url: "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676", }, { trust: 0.1, url: "http://secunia.com/hardcore_disassembler_and_reverse_engineer/", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/id/933712", }, { trust: 0.1, url: "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/id/596848", }, { trust: 0.1, url: "http://secunia.com/advisories/21996/", }, { trust: 0.1, url: "http://secunia.com/web_application_security_specialist/", }, { trust: 0.1, url: "http://secunia.com/about_secunia_advisories/", }, { trust: 0.1, url: "http://security.gentoo.org/glsa/glsa-200504-28.xml", }, { trust: 0.1, url: "http://www.idefense.com/poi/teams/vcp.jsp", }, { trust: 0.1, url: "http://sunsolve.sun.com/securitypatch", }, { trust: 0.1, url: "http://sunsolve.sun.com", }, { trust: 0.1, url: "http://docs.info.apple.com/article.html?artnum=61798", }, { trust: 0.1, url: "http://cve.mitre.org),", }, { trust: 0.1, url: "http://labs.idefense.com", }, { trust: 0.1, url: "http://security.gentoo.org/glsa/glsa-200504-01.xml", }, { trust: 0.1, url: "http://security.gentoo.org/glsa/glsa-200504-04.xml", }, { trust: 0.1, url: "http://web.mit.edu/kerberos/www/advisories/mitkrb5-sa-2005-001-telnet.txt", }, { trust: 0.1, url: "http://www.sco.com/support/security/index.html", }, { trust: 0.1, url: "http://www.sco.com/support/forums/security.html", }, { trust: 0.1, url: "http://web.mit.edu/kerberos/advisories/index.html", }, { trust: 0.1, url: "http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt.asc", }, { trust: 0.1, url: "http://web.mit.edu/kerberos/index.html", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody8.dsc", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_mipsel.deb", }, { trust: 0.1, url: "http://www.debian.org/security/faq", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_s390.deb", }, { trust: 0.1, url: "http://www.debian.org/security/", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody8.diff.gz", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4.orig.tar.gz", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.2.4-5woody8_all.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_hppa.deb", }, { trust: 0.1, url: "http://packages.debian.org/<pkg>", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_s390.deb", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/id/845620>", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/id/773548>", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/id/933712>", }, { trust: 0.1, url: "http://www.us-cert.gov/cas/techalerts/ta06-333a.html>", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/id/596848>", }, { trust: 0.1, url: "http://www.openssl.org/news/vulnerabilities.html>", }, { trust: 0.1, url: "http://docs.info.apple.com/article.html?artnum=304829>", }, { trust: 0.1, url: "http://www.us-cert.gov/reading_room/securing_browser/#safari>", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/byid?searchview&query=apple-2006-007>", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/id/381508>", }, { trust: 0.1, url: "http://www.apple.com/support/downloads/>", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/byid?searchview&query=openssl_secadv_20060928>", }, { trust: 0.1, url: "http://docs.info.apple.com/article.html?artnum=106704>", }, { trust: 0.1, url: "http://www.us-cert.gov/legal.html>", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/id/554780>", }, ], sources: [ { db: "CERT/CC", id: "VU#386964", }, { db: "CERT/CC", id: "VU#773548", }, { db: "CERT/CC", id: "VU#845620", }, { db: "CERT/CC", id: "VU#341908", }, { db: "BID", id: "12919", }, { db: "JVNDB", id: "JVNDB-2005-000202", }, { db: "PACKETSTORM", id: "50178", }, { db: "PACKETSTORM", id: "38276", }, { db: "PACKETSTORM", id: "36841", }, { db: "PACKETSTORM", id: "36938", }, { db: "PACKETSTORM", id: "37029", }, { db: "PACKETSTORM", id: "37094", }, { db: "PACKETSTORM", id: "36854", }, { db: "PACKETSTORM", id: "36947", }, { db: "PACKETSTORM", id: "52708", }, { db: "CNNVD", id: "CNNVD-200505-503", }, { db: "NVD", id: "CVE-2005-0468", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CERT/CC", id: "VU#386964", }, { db: "CERT/CC", id: "VU#773548", }, { db: "CERT/CC", id: "VU#845620", }, { db: "CERT/CC", id: "VU#341908", }, { db: "BID", id: "12919", }, { db: "JVNDB", id: "JVNDB-2005-000202", }, { db: "PACKETSTORM", id: "50178", }, { db: "PACKETSTORM", id: "38276", }, { db: "PACKETSTORM", id: "36841", }, { db: "PACKETSTORM", id: "36938", }, { db: "PACKETSTORM", id: "37029", }, { db: "PACKETSTORM", id: "37094", }, { db: "PACKETSTORM", id: "36854", }, { db: "PACKETSTORM", id: "36947", }, { db: "PACKETSTORM", id: "52708", }, { db: "CNNVD", id: "CNNVD-200505-503", }, { db: "NVD", id: "CVE-2005-0468", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2006-09-28T00:00:00", db: "CERT/CC", id: "VU#386964", }, { date: "2006-09-19T00:00:00", db: "CERT/CC", id: "VU#773548", }, { date: "2006-09-11T00:00:00", db: "CERT/CC", id: "VU#845620", }, { date: "2005-04-01T00:00:00", db: "CERT/CC", id: "VU#341908", }, { date: "2005-03-28T00:00:00", db: "BID", id: "12919", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2005-000202", }, { date: "2006-09-21T23:56:25", db: "PACKETSTORM", id: "50178", }, { date: "2005-06-24T07:12:08", db: "PACKETSTORM", id: "38276", }, { date: "2005-03-29T05:19:36", db: "PACKETSTORM", id: "36841", }, { date: "2005-04-14T07:02:43", db: "PACKETSTORM", id: "36938", }, { date: "2005-04-17T18:36:49", db: "PACKETSTORM", id: "37029", }, { date: "2005-04-18T05:54:33", db: "PACKETSTORM", id: "37094", }, { date: "2005-03-29T19:42:54", db: "PACKETSTORM", id: "36854", }, { date: "2005-04-14T07:43:25", db: "PACKETSTORM", id: "36947", }, { date: "2006-12-06T02:47:36", db: "PACKETSTORM", id: "52708", }, { date: "2005-03-29T00:00:00", db: "CNNVD", id: "CNNVD-200505-503", }, { date: "2005-05-02T04:00:00", db: "NVD", id: "CVE-2005-0468", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2011-07-22T00:00:00", db: "CERT/CC", id: "VU#386964", }, { date: "2011-07-22T00:00:00", db: "CERT/CC", id: "VU#773548", }, { date: "2007-02-08T00:00:00", db: "CERT/CC", id: "VU#845620", }, { date: "2005-07-28T00:00:00", db: "CERT/CC", id: "VU#341908", }, { date: "2007-02-22T18:56:00", db: "BID", id: "12919", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2005-000202", }, { date: "2006-09-22T00:00:00", db: "CNNVD", id: "CNNVD-200505-503", }, { date: "2017-10-11T01:29:56.217000", db: "NVD", id: "CVE-2005-0468", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "36841", }, { db: "PACKETSTORM", id: "52708", }, { db: "CNNVD", id: "CNNVD-200505-503", }, ], trust: 0.8, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "OpenSSL SSLv2 client code fails to properly check for NULL", sources: [ { db: "CERT/CC", id: "VU#386964", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer overflow", sources: [ { db: "CNNVD", id: "CNNVD-200505-503", }, ], trust: 0.6, }, }
var-200505-0163
Vulnerability from variot
Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands. Multiple Telnet clients contain a data length validation flaw which may allow a server to induce arbitrary code execution on the client host. A remote buffer-overflow vulnerability affects multiple vendors' Telnet client. This issue is due to the application's failure to properly validate the length of user-supplied strings before copying them into static process buffers. An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.
Want a new IT Security job?
Vacant positions at Secunia: http://secunia.com/secunia_vacancies/
TITLE: Sun SEAM Telnet Client Buffer Overflow Vulnerabilities
SECUNIA ADVISORY ID: SA15030
VERIFY ADVISORY: http://secunia.com/advisories/15030/
CRITICAL: Moderately critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: Sun SEAM 1.x http://secunia.com/product/1006/
DESCRIPTION: Sun has acknowledged some vulnerabilities in SEAM, which can be exploited by malicious people to compromise a vulnerable system.
For more information: SA14745
SOLUTION: The vendor suggests removing the execute permissions from "/usr/krb5/bin/telnet".
ORIGINAL ADVISORY: Sun Microsystems: http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1
OTHER REFERENCES: SA14745: http://secunia.com/advisories/14745/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Heimdal, a free implementation of Kerberos 5, also contains such a client. This can lead to the execution of arbitrary code when connected to a malicious server.
For the old stable distribution (woody) this problem has been fixed in version 0.4e-7.woody.11.
For the stable distribution (sarge) this problem has been fixed in version 0.6.3-10.
For the unstable distribution (sid) this problem has been fixed in version 0.6.3-10.
We recommend that you upgrade your heimdal package.
Upgrade Instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.11.dsc
Size/MD5 checksum: 1065 8fc37ea432a8120da0f370b0b2c9125b
http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.11.diff.gz
Size/MD5 checksum: 1295043 b27c9a952ed6a53698d654b2dbca9b52
http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e.orig.tar.gz
Size/MD5 checksum: 2885718 1d27b06ec2f818f5b4ae2b90ca0e9cb8
Architecture independent components:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-docs_0.4e-7.woody.11_all.deb
Size/MD5 checksum: 1056336 e6f819c78b38e6c9b854104879a82a76
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-lib_0.4e-7.woody.11_all.deb
Size/MD5 checksum: 20298 630b472eea6aef8b53ed678ebd6d9676
Alpha architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 275276 12437fc71585df2debc30260d44881ae
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 61016 e28f3db25cf9fced15d07c9843d0bb7f
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 573726 fcd82b8d22e86f0f67b188e5a182aad9
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 135164 67d1f00e15b893fbd7f1a0009eb9047c
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 181834 7860ca01ee394b8200487356546fe94e
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 39864 f631f57c94a0554e3daa62b6f3029999
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 65534 6b3fa215d70b35e71ec21545d3db48db
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 23892 fc3c8e707764634638083acb5b4b6312
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 43368 269a6e04b6e7db823a237b7af6812eb3
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 41880 0e9ca330caa8ae710f8594d156065e0c
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 33922 2d774846eed21710c9c9cf19e9af2cf8
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 44744 d154ba1ed49d1458ee2707d021d1e8b8
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 31484 d22c13f1da35553ba942274dec958959
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 134054 3261ce8e03209f64748d4e05fcf47bc3
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 65944 5a5aeea7b73b37b3604d9d3d43991881
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 59356 80c67e5e8bba2ffeaad753a6dd5173be
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 28538 700352c1de8dd30a37f95da03d5ad9ce
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 29424 91458eb256f4d7b446f8d3899f751193
ARM architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 227174 8ab44db32ee205256ca597197eff9427
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 53968 ca664151450031013a9bfb0dd5fb32af
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 441598 25127b23b893ba6515cbb9be7dee0ebd
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 110266 ec3cde13087c74757744ca9bfebe00d5
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 148006 ee02412bfd96d484a147e5e8c06f40ee
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 35538 aa3e74b814fcdb1abb401f11eb8842e1
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 57216 4081aad0b651d131f3424980879bc861
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 23412 03b68670c37f4a4cc8fee59f4023e903
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 38594 7a3315d21fdf7c3854bba5e17bca1e11
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 38298 0f16402f3694c2bb1d4cc4450df540e4
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 31850 3e1bd368481f666f6d7b2ec2dc4ed912
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 40000 024228d74f0a589c73e31688cbb9f3e1
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 29842 9e7ef427e9d3fd277ca8448d3078a2b6
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 112472 3fc814c80adaaace125166bd8cd013d3
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 51960 b48f25ea15d3e65d6444ce5960213d32
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 53414 fdd7b63f63ffea2ef5e4574528419baf
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 28918 a15c818745634dee06c40610b66a92f6
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 29636 e97a487116f2367299decb51cccc098f
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 219936 7cd4a7ae4c56f3a1a4700fea756b62c3
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 52704 a64eea9e99a5dffeb211167f2edfac7b
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 405344 d5d263dba7f36d95ac5344d750abd1f0
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 109934 37fab8f1c45a897a7a063641133789d5
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 144312 21570cc9e367ab0ccb89a011a56b2177
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 35670 039764b15c3a1e18703cc1fa2773c97e
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 59842 4a1a98a52cbc2d86d4c5adf088bec1e3
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 23304 ad9ed998a1ae50e6dd5368c07ed5db7d
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 38682 5170e1500eba0b17baedc95e6e763063
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 38612 425b8857ddb2105a6d2ec9399eeeef4e
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 32068 6cb760663c089906b9c8cc89c1395f34
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 40062 9f9d04c843ae164bbdf28b7d1a4ede7f
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 29712 a375688e6029d5fae6ae4e3662ed88b1
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 111312 1ea1a0a7b36935fa1d3fbaf508530a94
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 51816 935711339e95322f578622bf3271c4fd
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 51696 223796e010ca4be9e927c438ffa921ac
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 27500 4b5382836ff3c4f1bdcff2a30e7a97ba
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 28222 d4ea500c49786252fbb522d32fb78ee3
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 335082 762bb44529ac965fafe57a153375f8cf
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 69096 cf9fd237439d89479af7e813447c7ad5
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 613424 efacfc44d5d6bac9227bc6709e52182c
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 154164 ec762443001df7fe29a3a497ad9c14df
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 210540 d4e2c1c65f0a4f1bc1d20ca1348d3972
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 44222 87a27ba41ffc9ad9d5296ba1133ec8cc
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 82102 a1cabba1e3ab285acc9d0ec414ea5d5c
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 24782 996c48ba78eabc7a24c92eea9abf70bc
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 50174 21abd59f30af1574012e6c75d7f7d7e5
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 48600 b12ccb241bbe65a5acc1009cb41508d8
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 37744 d881400db00426478c525913366d5dcb
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 52210 81a0014eee08020f7f333f2835d089b8
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 35256 49820e0275c2f170d50531d0cf4be224
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 169750 ae2c7d4ccd96a7c495a91bb8272bf872
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 64900 421ce6b03daf43a5ca9769d95c614a34
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 68682 a3b21eb50c8757538bc234e948a3e35a
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 30710 9eb38bbec69e72e52581cd355373ced3
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 31932 e2fbc77b172c6eb54c12461333f00ef1
HP Precision architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 256874 140bdfc671e9acd9150a6995b247af34
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 57454 caa48211376a98c67e03d068e6fbeb6f
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 516072 ae166665afe33ad8e24ae155e74e7bce
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 119300 8b7fae0ab762cb2522db9b78d8c0d186
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 162998 c4c23fcc53e97f070b5d528eb163af00
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 37784 dbf2fb481981fe63a558447139c5b7bb
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 69388 fbd6ba202c666b7c8b27686fb309f528
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 23946 96ab72df3ae02e9822a52fa4d0fe08c2
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 42206 50ce55dbed833c43a58c7b5913249754
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 43540 8b1c4044113c1021717ef3c5b79686d6
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 34384 ce7f69712e2af6ec72bbddaaa4a4ed9d
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 45178 2148edf895d480b315fd5236a82af8be
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 32060 966345ea7709602258fefcc66b75c2a3
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 139936 a1917b6ae317b87749a7ea8b6c68cc96
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 70198 5350eedbce161c1c2cd09d780a80e8ae
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 60560 722387dd2747e994d49335669ea93449
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 30790 07abee4e10bd0f2834292aa9aed0351c
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 31656 a2601adf14c97c6339e5eece745b61ed
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 211826 b3a51143513404c3a58869ccdc980352
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 52172 05037589546d7bad9cf0fdc47c9b234a
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 399312 bdec29fdaa096cfb4205448ca30debdf
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 105690 104bd645147011b71b3d4250083df27d
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 138286 5f206db56db8e0c610eb17349f6da5be
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 35156 c55f2924284487b4169a9d52f3b79f18
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 55500 b0b11055a2b744a20688eda87678f24c
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 23424 3e66bc4d54685e4cbafc1a53dcb7e4cf
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 38200 296ae362e7a9483e866f959ad4a5832b
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 37984 aa745d6da276a877a415fd66a06128d8
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 31712 9af44dffde45b673760c7991606eb312
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 39850 606e9fe193e34f3ae1ea864e3a9e21bd
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 29436 ba92cf45fc7bfed068cc3de3d63220ee
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 111036 ade91cc8a12d1d5a3e57e4762a68a060
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 68726 77f24b45977cb9e3e729ee64d4e3ec4b
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 49958 4967192c48b8ad8bc1f0c0b244635616
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 27460 883c720bb718cd60dbe9f38c8792c2e0
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 28192 88b86afb0a2b04da8785c165402d7727
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 248918 005efbd5408a65d580e0c4d8ed8ed80b
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 55564 4aa128a89c3f5b8dd3529e89e3d27f37
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 505212 d8dda2a0131d90cf29d9e299d28b356b
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 114882 5102fbf99e5f52569a22a2c17748a520
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 160242 cf112ed81fdf868ab6efb07ef93ac2d7
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 37388 6a46e03e6fdbd7e4803ef2fb1370c699
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 58340 086cf69030b957bbe6cd27516f717f29
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 23590 15c7586e6b6cd94e3c3a559e980e5645
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 39534 755f9ee7cd757674e4d569ae01ec9474
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 39014 7199130531d369f8c8bd8178ae66158f
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 32122 8d128559a4e7b55a8309c7ded954ea93
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 40734 cd594016cfb45138345f8d19f824d5b2
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 30376 946da152608b5d49ed90edb152946442
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 120610 42e1d7253a98a12279a61bc3b12bfe10
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 57476 f4e2d9e86dc852068faad25bb8e78ca5
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 53346 974a501c32c765c9063ca0b1bf0100b3
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 28520 fa5ce3789529406ce6c62f6fb24e46b2
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 29186 8736a50aa2789aaed507714ebd298240
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 248064 8891058ed6fc8826f4bd57d5b8eb26b1
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 55550 559be15f2dc64fffea360f5281660435
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 499388 8c838954ef0b75815fc8eedb3fc7559f
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 114840 5d87f1b1d7dddf6d4087730b810d3d5d
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 160350 cae061acf36faa4acc76abf8640051f8
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 37308 b14e3b3f5c4ef1c9bb0615a9c2dace69
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 57946 acc5e0cee40880946eb211fb6d395f2c
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 23590 4b376e0c25d261f8eaa64e8a8bbd3d8c
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 39220 5c6c245272b4b80fadd56f2248f7861e
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 38712 e57c37dc5afcb2d09d684b759ac33f77
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 32044 dc3622de31025834023b1c2e68ef3246
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 40354 9ffa12ee944c9def479add6f18db7dc1
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 30352 69ea54f0432371140f802ac1a2e6f1ff
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 119520 307afbe2f26e9db953abb82c7d305799
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 52682 07759311f573f201c3187808f0955b54
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 53410 4033254bfa0482ec101e9de313ba5bfd
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 28588 71be890e75aa25f27cac29437ba3b4cb
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 29268 8260428b6857d0b2bf127f47d8082f66
PowerPC architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 228262 a5c5faca2967096b1a364c13740d32df
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 53894 552c568c50d62e54a5e96daa2bb87c1c
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 466526 a50ed6bb5e236c8d6db8243734803ea0
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 110132 4c947ba0c94cef3629eaa0f7eac8c2a1
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 149254 722d7ced6894cefd14f68e446af458db
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 36230 dfbe16f671521b1515c9c8c9265a5342
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 57226 cfea58fb03d07ed85d674df21f1c7e7e
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 23580 7d63a22a980a14030126cfa322243ffc
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 39364 f6e7d32e6da45f8d5893e1d681eb9788
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 38630 1a815e315e9650a39f9c685fa8861846
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 31794 b54c265e1578e0f40cc7a683d6b8c742
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 40104 7dd0775da038d1b34428efd6bffa4b6c
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 30246 a7a5c8635a3c1c9b508e8af3dd05d44f
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 118918 2f21bb221eef3fb8ab9caa3006dae794
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 69400 7d1bb7b9e83a7ed9cf53cb5d385e9447
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 53826 fe4212f691d675bf1f682d17329c6c5e
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 28744 0012158f14e5fff7ec9988e2d7939cf6
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 29560 58921e138af421a9ea48d7a35b728f01
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 235020 45fae34704d01f03b5e0dd716bf91e90
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 55710 9cd974e488c7bc3a8430d01fe5dd6ad0
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 433342 d6affed884050cffe8776f79ed749897
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 116002 7d68b959b4d7897179273c0d795c4a21
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 153824 6de2ef670834b0b22cde0888637d81a6
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 36982 fc870d47a3a23441cb83452904bed977
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 58358 ccf0873fd87a468e71c2d2745fcc0284
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 23664 6229dd41d0719f3a8b5fbafa81221584
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 41084 ed1f1756f66cfa655b04e77c02308fa3
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 39846 edc6789b94dc803b6e59efb287151162
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 33028 f74bb90f54953af275deadb3a09beedc
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 41900 81aa709bde50ea906d512637db5412df
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 30394 4055618b16374db57fcbe27264e35f61
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 125432 4e1b2fd68cdb66d210b5860870654a81
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 69554 606b376355b9392208cbba9cd43d6e0a
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 54608 a2f3303e3a1bb49e47ed0f68673509b2
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 28688 2df7664e3ff5a1173c62575184c674e8
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 29510 6b28d5ca95a5e09b74989bc1f6f81c14
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 227226 513f1a6c24c6b815470078cc0e2ee72e
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 54026 52d920d2cfcf8e208e3a04afc2983751
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 430544 7819784bedbc84d394ca11ed42c2c9e4
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 107728 c694c5e1d66d5985aaf2bf4eda793ba0
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 151578 07eb106e95368b5dec91521907398d1d
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 35636 1eab2cc36c7adc947b5e2fa70800e9b8
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 54854 eb29480cce8645f5bb72f2f2694b2f26
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 26260 9ddcdbc49b997c4dc903a651e3007877
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 39100 cf636dca0a94f193f46bcf88db439672
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 38004 28e82ffa12af5c90df707e686ef29906
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 31738 c70af19b2e2f73f1359208f0f8ce59b6
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 39884 cb269f527e83ae03a9b2db051a487fa8
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 29702 925140a648da199ef7338bf415f605db
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 112400 5c9329c597ca1448ed158e30b4f7895a
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 58340 473a1c45ba02d9c84bb786ee116a46bd
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 55444 0272fc78d38e0c1d3dd7176e412504e2
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 28256 a33d2dbf32502d3f3caf3917e82c5ffe
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 28954 28a7aed2ab84250549c5e64ac987e00c
These files will probably be moved into the stable distribution on its next update. BACKGROUND
The TELNET protocol allows virtual network terminals to be connected to over the internet. The initial description of the protocol was given in RFC854 in May 1983. Since then there have been many extra features added including encryption.
II.
The vulnerability specifically exists in the handling of the LINEMODE suboptions, in that there is no size check made on the output, which is stored in a fixed length buffer.
III. It may be possible to automatically launch the telnet command from a webpage, for example:
On opening this page the telnet client may be launched and attempt to connect to the host 'malicious.server'. IV. DETECTION iDEFENSE has confirmed the existence of the vulnerability in the telnet client included in the Kerberos V5 Release 1.3.6 package and the client included in the SUNWtnetc package of Solaris 5.9. V. WORKAROUND iDEFENSE is currently unaware of any effective workarounds for this vulnerability. VI. VENDOR RESPONSE The following vendors have provided official responses related to this vulnerability. Other vendors may be affected but have not provided an official response. Vulnerable: - ALT Linux All supported ALT Linux distributions include telnet client derived from OpenBSD 3.0. Updated packages with fixes for these issues will be released on March 28, 2005. http://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html - Apple Computer, Inc. Component: Telnet Available for: Mac OS X 10.3.8, Mac OS X Server 10.3.8 This is fixed in Security Update 2005-003, which is available at http://docs.info.apple.com/article.html?artnum=61798 - FreeBSD FreeBSD-SA-05:01.telnet security advisory: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc - MIT (Kerberos) This vulnerability is covered in the following upcoming advisory: MITKRB5-SA-2005-001: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-001-telnet.txt patch against krb5-1.4: http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt - Openwall Project The bugs are fixed starting with telnet package version 3.0-owl2. http://www.openwall.com/Owl/CHANGES-current.shtml - Red Hat, Inc. Red Hat Enterprise Linux ships with telnet and krb5 packages vulnerable to this issue. New telnet and krb5 packages are now available along with our advisory at the URLs below and by using the Red Hat Network 'up2date' tool. Red Hat Enterprise Linux - telnet http://rhn.redhat.com/errata/RHSA-2005-330.html Red Hat Enterprise Linux - krb5 http://rhn.redhat.com/errata/RHSA-2005-327.html - Sun Microsystems Inc. Sun confirms that the telnet(1) vulnerabilities do affect all currently supported versions of Solaris: Solaris 7, 8, 9 and 10 Sun has released a Sun Alert which describes a workaround until patches are available at: http://sunsolve.sun.com Sun Alert #57755 The Sun Alert will be updated with the patch information once it becomes available. Sun patches are available from: http://sunsolve.sun.com/securitypatch Not Vulnerable: - CyberSafe Limited The CyberSafe TrustBroker products, version 3.0 or later, are not vulnerable. - Hewlett-Packard Development Company, L.P. HP-UX and HP Tru64 UNIX are not vulnerable. - InterSoft International, Inc. InterSoft International, Inc. products NetTerm, SecureNetTerm and SNetTerm are not affected by the slc_add_reply() buffer overflow conditions. VII. CVE INFORMATION The Common Vulnerabilities and Exposures (CVE) project has assigned the names CAN-2005-0469 to these issues. This is a candidate for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems. VIII. DISCLOSURE TIMELINE 02/18/2005 Initial vendor notification 03/28/2005 Coordinated public disclosure IX. CREDIT Ga\xebl Delalleau credited with this discovery. Get paid for vulnerability research http://www.idefense.com/poi/teams/vcp.jsp Free tools, research and upcoming events http://labs.idefense.com X. LEGAL NOTICES Copyright \xa9 2005 iDEFENSE, Inc. Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDEFENSE. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please email customerservice@idefense.com for permission. Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. This is a multi-part message in MIME format. Background ========== netkit-telnetd provides standard Linux telnet client and server. Workaround ========== There is no known workaround at this time. Resolution ========== All netkit-telnetd users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/netkit-telnetd-0.17-r6" References ========== [ 1 ] CAN-2005-0469 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469 [ 2 ] iDEFENSE Advisory 03-28-05 http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200503-36.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.0 --------------enig5AB53435F202A7CF12E5E13A Content-Type: application/pgp-signature; name="signature.asc" Content-Transfer-Encoding: 7bit Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFCS97/vcL1obalX08RAqPTAJ0U96lQ6ItuSV4jrDU16XhgSX4fnwCeJ2kS RMB/LUN0B0tNRKR3DBoB0YE= =0wgI -----END PGP SIGNATURE----- --------------enig5AB53435F202A7CF12E5E13A-- . http://creativecommons.org/licenses/by-sa/2.0 Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200505-0163", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: null, scope: null, trust: 1.6, vendor: "apple computer", version: null, }, { model: null, scope: null, trust: 1.6, vendor: "f5", version: null, }, { model: null, scope: null, trust: 1.6, vendor: "mit kerberos team", version: null, }, { model: null, scope: null, trust: 1.6, vendor: "red hat", version: null, }, { model: null, scope: null, trust: 1.6, vendor: "sun microsystems", version: null, }, { model: "telnet", scope: "eq", trust: 1, vendor: "ncsa", version: "*", }, { model: null, scope: null, trust: 0.8, vendor: "conectiva", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "debian", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "fedora", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "freebsd", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "gentoo linux", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "heimdal", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "mandrakesoft", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "openbsd", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "openwall gnu linux", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "sco unix", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "sgi", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "debian linux", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "mandriva", version: null, }, { model: "kerberos", scope: "lt", trust: 0.8, vendor: "mit kerberos", version: "5 (krb5-1.4.1 )", }, { model: "seil/neu", scope: "eq", trust: 0.8, vendor: "internet initiative", version: "ver. 2.x firmware version 2.10(jamming) ~ 2.27(ridge)", }, { model: "seil/plus", scope: "eq", trust: 0.8, vendor: "internet initiative", version: "firmware version 1.00(snappy) ~ 1.51(swisssingle)", }, { model: "seil/turbo", scope: "eq", trust: 0.8, vendor: "internet initiative", version: "firmware version 1.10(aberdeen) ~ 1.51(riodell)", }, { model: "asianux server", scope: "eq", trust: 0.8, vendor: "cybertrust", version: "2.0", }, { model: "asianux server", scope: "eq", trust: 0.8, vendor: "cybertrust", version: "2.1", }, { model: "asianux server", scope: "eq", trust: 0.8, vendor: "cybertrust", version: "3.0", }, { model: "seam", scope: "lte", trust: 0.8, vendor: "sun microsystems", version: "1.0.2", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "10 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "10 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "7.0 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "7.0 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "8 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "8 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "9 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "9 (x86)", }, { model: "turbolinux", scope: "eq", trust: 0.8, vendor: "turbo linux", version: "10_f", }, { model: "turbolinux appliance server", scope: "eq", trust: 0.8, vendor: "turbo linux", version: "1.0 (hosting)", }, { model: "turbolinux appliance server", scope: "eq", trust: 0.8, vendor: "turbo linux", version: "1.0 (workgroup)", }, { model: "turbolinux server", scope: "eq", trust: 0.8, vendor: "turbo linux", version: "10", }, { model: "turbolinux server", scope: "eq", trust: 0.8, vendor: "turbo linux", version: "8", }, { model: "home", scope: null, trust: 0.8, vendor: "turbo linux", version: null, }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "2.1 (as)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "2.1 (es)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "2.1 (ws)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "3 (as)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "3 (es)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "3 (ws)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "4 (as)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "4 (es)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "4 (ws)", }, { model: "irix", scope: "eq", trust: 0.6, vendor: "sgi", version: "4.0.5", }, { model: "telnet", scope: null, trust: 0.6, vendor: "ncsa", version: null, }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.1.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.8", }, { model: "e", scope: "eq", trust: 0.3, vendor: "heimdal", version: "0.4", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.2", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.20", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.14", }, { model: "openbsd", scope: "eq", trust: 0.3, vendor: "openbsd", version: "3.5", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.3", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.16", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.6", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.1", }, { model: "mn100", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.1", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3", }, { model: "s8500 r2.0.1", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.4", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "suse", version: "7.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1", }, { model: "big-ip", scope: "ne", trust: 0.3, vendor: "f5", version: "4.6.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.8", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.4", }, { model: "4.10-prerelease", scope: null, trust: 0.3, vendor: "freebsd", version: null, }, { model: "irix .19m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.3", }, { model: "linux personal", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.4", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.6.2", }, { model: "irix e", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.5", }, { model: "solaris 8 sparc", scope: null, trust: 0.3, vendor: "sun", version: null, }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.18", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.11", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.8", }, { model: "openbsd", scope: "eq", trust: 0.3, vendor: "openbsd", version: "3.6", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.13", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.9", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.0", }, { model: "linux enterprise server", scope: "eq", trust: 0.3, vendor: "suse", version: "8", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "5.1", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "7.1x86", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.3", }, { model: "linux enterprise server for s/390", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.8", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.1", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "slackware", version: "9.1", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.7", }, { model: "linux i686", scope: "eq", trust: 0.3, vendor: "redhat", version: "7.3", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.1", }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.0", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.9", }, { model: "heimdal", scope: "eq", trust: 0.3, vendor: "heimdal", version: "0.6.3", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.7", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "7.3", }, { model: "unixware", scope: "eq", trust: 0.3, vendor: "sco", version: "7.1.4", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "5.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.6", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.14", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.2", }, { model: "linux personal", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.0", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.11", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.2", }, { model: "-release-p20", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.6", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.13", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.17", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.27", }, { model: "modular messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "2.0", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.3", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.6", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.7", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.10", }, { model: "solaris 7.0 x86", scope: null, trust: 0.3, vendor: "sun", version: null, }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.5", }, { model: "linux mipsel", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "irix t", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.1", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "5.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.5", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.2", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.16", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.6", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.3", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "suse", version: "7.3", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.20", }, { model: "linux mipsel", scope: "eq", trust: 0.3, vendor: "debian", version: "3.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.5", }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.19", }, { model: "linux enterprise server", scope: "eq", trust: 0.3, vendor: "suse", version: "9", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "8.0", }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "debian", version: "3.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.1", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.17", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.5", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.3", }, { model: "-stablepre122300", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.2", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.23", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.1", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "5.04", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.2.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.4", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.12", }, { model: "linux ia-64", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.20", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.0.x", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0.8", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "3.3.2", }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.3", }, { model: "advanced workstation for the itanium processor", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.1", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.18", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.03", }, { model: "linux ia-64", scope: "eq", trust: 0.3, vendor: "debian", version: "3.1", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "5.0", }, { model: "seam", scope: "eq", trust: 0.3, vendor: "sun", version: "1.0", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "suse", version: "8.0", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.9", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0.6", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.11", }, { model: "kerberos -alpha1", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.5", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "7.1", }, { model: "secure linux", scope: "eq", trust: 0.3, vendor: "trustix", version: "2.1", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "slackware", version: "8.1", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.25", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.8", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.3", }, { model: "-stablepre2002-03-07", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.5", }, { model: "linux enterprise server", scope: "eq", trust: 0.3, vendor: "suse", version: "7", }, { model: "intuity lx", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.14", }, { model: "netbsd", scope: "eq", trust: 0.3, vendor: "netbsd", version: "2.0", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.17.17", }, { model: "linux personal x86 64", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.5", }, { model: "netbsd", scope: "eq", trust: 0.3, vendor: "netbsd", version: "2.0.2", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.18", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.1", }, { model: "solaris 8 x86", scope: null, trust: 0.3, vendor: "sun", version: null, }, { model: "heimdal", scope: "eq", trust: 0.3, vendor: "heimdal", version: "0.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.2", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "7.2", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.9", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.7", }, { model: "alpha", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.0", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.10", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.2", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.7", }, { model: "linux personal", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.2", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.1.1", }, { model: "cvlan", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "heimdal", scope: "eq", trust: 0.3, vendor: "heimdal", version: "0.6.1", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.1", }, { model: "unixware", scope: "eq", trust: 0.3, vendor: "sco", version: "7.1.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.1", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.19", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "debian", version: "3.1", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.14", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "5.04", }, { model: "fedora core1", scope: null, trust: 0.3, vendor: "redhat", version: null, }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.3", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.6.2", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.15", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "7.0", }, { model: "linux mips", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "irix g", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.5", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.4", }, { model: "-release-p5", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.1", }, { model: "linux personal x86 64", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.0", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "5.04", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.1", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.5", }, { model: "linux arm", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "-stablepre050201", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.2", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.12", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.0", }, { model: "linux mips", scope: "eq", trust: 0.3, vendor: "debian", version: "3.1", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.3", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.10", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.21", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.3", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.1", }, { model: "linux alt linux compact", scope: "eq", trust: 0.3, vendor: "alt", version: "2.3", }, { model: "converged communications server", scope: "eq", trust: 0.3, vendor: "avaya", version: "2.0", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.2", }, { model: "modular messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "1.1", }, { model: "linux arm", scope: "eq", trust: 0.3, vendor: "debian", version: "3.1", }, { model: "heimdal", scope: "eq", trust: 0.3, vendor: "heimdal", version: "0.5.1", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.4", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.10", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "2.0", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.1", }, { model: "s8500 r2.0.0", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.2", }, { model: "s8700 r2.0.0", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.19", }, { model: "irix xfs", scope: "eq", trust: 0.3, vendor: "sgi", version: "5.3", }, { model: "seam", scope: "eq", trust: 0.3, vendor: "sun", version: "1.0.1", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.10", }, { model: "linux alt linux junior", scope: "eq", trust: 0.3, vendor: "alt", version: "2.3", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "slackware", version: "9.0", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.17", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.1", }, { model: "irix a", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.5", }, { model: "gnu/*/linux", scope: "eq", trust: 0.3, vendor: "openwall", version: "1.0", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.21", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2", }, { model: "seam", scope: "eq", trust: 0.3, vendor: "sun", version: "1.0.2", }, { model: "open server", scope: "eq", trust: 0.3, vendor: "sco", version: "5.0.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.1", }, { model: "irix d", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.5", }, { model: "-release-p7", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.8", }, { model: "-release-p32", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.5", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.12", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.2", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "redhat", version: "7.3", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.8", }, { model: "linux alpha", scope: "eq", trust: 0.3, vendor: "suse", version: "7.1", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.22", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.4", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.11", }, { model: "3-dns", scope: "ne", trust: 0.3, vendor: "f5", version: "4.5.13", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.7", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.3", }, { model: "heimdal", scope: "eq", trust: 0.3, vendor: "heimdal", version: "0.5.3", }, { model: "kerberos -beta1", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.2", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "9", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.5", }, { model: "secure linux", scope: "eq", trust: 0.3, vendor: "trustix", version: "2.2", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.6.2", }, { model: "gnu/*/linux -current", scope: null, trust: 0.3, vendor: "openwall", version: null, }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.6", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.2", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "slackware", version: "10.1", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.8", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.24", }, { model: "s8300 r2.0.0", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "heimdal", scope: "eq", trust: 0.3, vendor: "heimdal", version: "0.6.2", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "3.3.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.1.1", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.15", }, { model: "netbsd", scope: "eq", trust: 0.3, vendor: "netbsd", version: "2.0.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.6", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.6", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.10", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "7.0", }, { model: "-prerelease", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.4", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.12", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "5.1.1", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.6", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.3", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.5", }, { model: "-release-p38", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.3", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.0", }, { model: "gnu/*/linux", scope: "eq", trust: 0.3, vendor: "openwall", version: "1.1", }, { model: "s8710 r2.0.0", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.2", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.11", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "3.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.7", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.8", }, { model: "linux personal x86 64", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.2", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.3", }, { model: "heimdal", scope: "ne", trust: 0.3, vendor: "heimdal", version: "0.6.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.2", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.10", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.12", }, { model: "linux s/390", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.15", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.2", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.2", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.0", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.6", }, { model: "unixware", scope: "eq", trust: 0.3, vendor: "sco", version: "7.1.3", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.2", }, { model: "irix .19f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5", }, { model: "linux s/390", scope: "eq", trust: 0.3, vendor: "debian", version: "3.1", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.12", }, { model: "linux personal", scope: "eq", trust: 0.3, vendor: "s u s e", version: "8.2", }, { model: "irix t", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.4", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.16", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.4", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.0", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "suse", version: "7.2", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "slackware", version: "10.0", }, { model: "open server", scope: "eq", trust: 0.3, vendor: "sco", version: "5.0.6", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "redhat", version: "9.0", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.22", }, { model: "linux m68k", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.4", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.4", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.23", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "big-ip", scope: "ne", trust: 0.3, vendor: "f5", version: "4.5.13", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.0", }, { model: "linux hppa", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux m68k", scope: "eq", trust: 0.3, vendor: "debian", version: "3.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.7", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.3", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.3", }, { model: "irix h", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.5", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "debian", version: "3.1", }, { model: "irix b", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.4", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.4", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.9", }, { model: "linux hppa", scope: "eq", trust: 0.3, vendor: "debian", version: "3.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.8", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.26", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.7", }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.1", }, { model: "s8710 r2.0.1", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "3.3.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.2", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.2", }, { model: "modular messaging s3400", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.24", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.8", }, { model: "3-dns", scope: "ne", trust: 0.3, vendor: "f5", version: "4.6.3", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.0", }, { model: "linux -current", scope: null, trust: 0.3, vendor: "slackware", version: null, }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.11", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.4", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "debian", version: "3.1", }, { model: "propack", scope: "eq", trust: 0.3, vendor: "sgi", version: "3.0", }, { model: "irix ipr", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.5", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "8.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.2", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.7", }, { model: "linux desktop", scope: "eq", trust: 0.3, vendor: "suse", version: "1.0", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.9", }, { model: "linux alpha", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4", }, { model: "linux alpha", scope: "eq", trust: 0.3, vendor: "suse", version: "7.0", }, { model: "advanced workstation for the itanium processor ia64", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.1", }, { model: "irix xfs", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.0.1", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.5", }, { model: "heimdal", scope: "eq", trust: 0.3, vendor: "heimdal", version: "0.5.2", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "5.2", }, { model: "linux", scope: null, trust: 0.3, vendor: "gentoo", version: null, }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.0.1", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "redhat", version: "7.3", }, { model: "-release-p17", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.7", }, { model: "linux alpha", scope: "eq", trust: 0.3, vendor: "debian", version: "3.1", }, { model: "secure enterprise linux", scope: "eq", trust: 0.3, vendor: "trustix", version: "2.0", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.13", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "3.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.6", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.3", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.7", }, { model: "s8300 r2.0.1", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "10", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.7", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.1", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "5.0.1", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.10", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.1", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "4.0.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.520", }, { model: "-prerelease", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.8", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.6", }, { model: "linux ia-32", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "heimdal", scope: "eq", trust: 0.3, vendor: "heimdal", version: "0.5.0", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.1.1", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.15", }, { model: "solaris 10 x86", scope: null, trust: 0.3, vendor: "sun", version: null, }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.1", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.21", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.3", }, { model: "s8700 r2.0.1", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.9", }, { model: "netbsd", scope: "ne", trust: 0.3, vendor: "netbsd", version: "2.0.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.3", }, { model: "irix m", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.16", }, { model: "irix f", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.5", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.11", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.4", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.3", }, { model: "linux ia-32", scope: "eq", trust: 0.3, vendor: "debian", version: "3.1", }, { model: "solaris 9 x86", scope: null, trust: 0.3, vendor: "sun", version: null, }, { model: "-prerelease", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.9", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.17", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.3", }, { model: "-release-p42", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.4", }, ], sources: [ { db: "CERT/CC", id: "VU#341908", }, { db: "CERT/CC", id: "VU#291924", }, { db: "BID", id: "12918", }, { db: "JVNDB", id: "JVNDB-2005-000203", }, { db: "CNNVD", id: "CNNVD-200505-613", }, { db: "NVD", id: "CVE-2005-0469", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:ncsa:telnet:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2005-0469", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Gael DelalleauiDEFENSE Labs labs@idefense.com", sources: [ { db: "CNNVD", id: "CNNVD-200505-613", }, ], trust: 0.6, }, cve: "CVE-2005-0469", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: true, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2005-0469", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2005-0469", trust: 1.8, value: "HIGH", }, { author: "CARNEGIE MELLON", id: "VU#341908", trust: 0.8, value: "29.95", }, { author: "CARNEGIE MELLON", id: "VU#291924", trust: 0.8, value: "12.60", }, { author: "CNNVD", id: "CNNVD-200505-613", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CERT/CC", id: "VU#341908", }, { db: "CERT/CC", id: "VU#291924", }, { db: "JVNDB", id: "JVNDB-2005-000203", }, { db: "CNNVD", id: "CNNVD-200505-613", }, { db: "NVD", id: "CVE-2005-0469", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands. Multiple Telnet clients contain a data length validation flaw which may allow a server to induce arbitrary code execution on the client host. A remote buffer-overflow vulnerability affects multiple vendors' Telnet client. This issue is due to the application's failure to properly validate the length of user-supplied strings before copying them into static process buffers. \nAn attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation. \n\n----------------------------------------------------------------------\n\nWant a new IT Security job?\n\nVacant positions at Secunia:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nSun SEAM Telnet Client Buffer Overflow Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA15030\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15030/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSystem access\n\nWHERE:\n>From remote\n\nSOFTWARE:\nSun SEAM 1.x\nhttp://secunia.com/product/1006/\n\nDESCRIPTION:\nSun has acknowledged some vulnerabilities in SEAM, which can be\nexploited by malicious people to compromise a vulnerable system. \n\nFor more information:\nSA14745\n\nSOLUTION:\nThe vendor suggests removing the execute permissions from\n\"/usr/krb5/bin/telnet\". \n\nORIGINAL ADVISORY:\nSun Microsystems:\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1\n\nOTHER REFERENCES:\nSA14745:\nhttp://secunia.com/advisories/14745/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Heimdal, a free implementation\nof Kerberos 5, also contains such a client. This can lead to the\nexecution of arbitrary code when connected to a malicious server. \n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 0.4e-7.woody.11. \n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 0.6.3-10. \n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 0.6.3-10. \n\nWe recommend that you upgrade your heimdal package. \n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.11.dsc\n Size/MD5 checksum: 1065 8fc37ea432a8120da0f370b0b2c9125b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.11.diff.gz\n Size/MD5 checksum: 1295043 b27c9a952ed6a53698d654b2dbca9b52\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e.orig.tar.gz\n Size/MD5 checksum: 2885718 1d27b06ec2f818f5b4ae2b90ca0e9cb8\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-docs_0.4e-7.woody.11_all.deb\n Size/MD5 checksum: 1056336 e6f819c78b38e6c9b854104879a82a76\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-lib_0.4e-7.woody.11_all.deb\n Size/MD5 checksum: 20298 630b472eea6aef8b53ed678ebd6d9676\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 275276 12437fc71585df2debc30260d44881ae\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 61016 e28f3db25cf9fced15d07c9843d0bb7f\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 573726 fcd82b8d22e86f0f67b188e5a182aad9\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 135164 67d1f00e15b893fbd7f1a0009eb9047c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 181834 7860ca01ee394b8200487356546fe94e\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 39864 f631f57c94a0554e3daa62b6f3029999\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 65534 6b3fa215d70b35e71ec21545d3db48db\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 23892 fc3c8e707764634638083acb5b4b6312\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 43368 269a6e04b6e7db823a237b7af6812eb3\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 41880 0e9ca330caa8ae710f8594d156065e0c\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 33922 2d774846eed21710c9c9cf19e9af2cf8\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 44744 d154ba1ed49d1458ee2707d021d1e8b8\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 31484 d22c13f1da35553ba942274dec958959\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 134054 3261ce8e03209f64748d4e05fcf47bc3\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 65944 5a5aeea7b73b37b3604d9d3d43991881\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 59356 80c67e5e8bba2ffeaad753a6dd5173be\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 28538 700352c1de8dd30a37f95da03d5ad9ce\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 29424 91458eb256f4d7b446f8d3899f751193\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 227174 8ab44db32ee205256ca597197eff9427\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 53968 ca664151450031013a9bfb0dd5fb32af\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 441598 25127b23b893ba6515cbb9be7dee0ebd\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 110266 ec3cde13087c74757744ca9bfebe00d5\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 148006 ee02412bfd96d484a147e5e8c06f40ee\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 35538 aa3e74b814fcdb1abb401f11eb8842e1\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 57216 4081aad0b651d131f3424980879bc861\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 23412 03b68670c37f4a4cc8fee59f4023e903\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 38594 7a3315d21fdf7c3854bba5e17bca1e11\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 38298 0f16402f3694c2bb1d4cc4450df540e4\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 31850 3e1bd368481f666f6d7b2ec2dc4ed912\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 40000 024228d74f0a589c73e31688cbb9f3e1\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 29842 9e7ef427e9d3fd277ca8448d3078a2b6\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 112472 3fc814c80adaaace125166bd8cd013d3\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 51960 b48f25ea15d3e65d6444ce5960213d32\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 53414 fdd7b63f63ffea2ef5e4574528419baf\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 28918 a15c818745634dee06c40610b66a92f6\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 29636 e97a487116f2367299decb51cccc098f\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 219936 7cd4a7ae4c56f3a1a4700fea756b62c3\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 52704 a64eea9e99a5dffeb211167f2edfac7b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 405344 d5d263dba7f36d95ac5344d750abd1f0\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 109934 37fab8f1c45a897a7a063641133789d5\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 144312 21570cc9e367ab0ccb89a011a56b2177\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 35670 039764b15c3a1e18703cc1fa2773c97e\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 59842 4a1a98a52cbc2d86d4c5adf088bec1e3\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 23304 ad9ed998a1ae50e6dd5368c07ed5db7d\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 38682 5170e1500eba0b17baedc95e6e763063\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 38612 425b8857ddb2105a6d2ec9399eeeef4e\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 32068 6cb760663c089906b9c8cc89c1395f34\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 40062 9f9d04c843ae164bbdf28b7d1a4ede7f\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 29712 a375688e6029d5fae6ae4e3662ed88b1\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 111312 1ea1a0a7b36935fa1d3fbaf508530a94\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 51816 935711339e95322f578622bf3271c4fd\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 51696 223796e010ca4be9e927c438ffa921ac\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 27500 4b5382836ff3c4f1bdcff2a30e7a97ba\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 28222 d4ea500c49786252fbb522d32fb78ee3\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 335082 762bb44529ac965fafe57a153375f8cf\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 69096 cf9fd237439d89479af7e813447c7ad5\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 613424 efacfc44d5d6bac9227bc6709e52182c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 154164 ec762443001df7fe29a3a497ad9c14df\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 210540 d4e2c1c65f0a4f1bc1d20ca1348d3972\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 44222 87a27ba41ffc9ad9d5296ba1133ec8cc\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 82102 a1cabba1e3ab285acc9d0ec414ea5d5c\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 24782 996c48ba78eabc7a24c92eea9abf70bc\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 50174 21abd59f30af1574012e6c75d7f7d7e5\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 48600 b12ccb241bbe65a5acc1009cb41508d8\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 37744 d881400db00426478c525913366d5dcb\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 52210 81a0014eee08020f7f333f2835d089b8\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 35256 49820e0275c2f170d50531d0cf4be224\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 169750 ae2c7d4ccd96a7c495a91bb8272bf872\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 64900 421ce6b03daf43a5ca9769d95c614a34\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 68682 a3b21eb50c8757538bc234e948a3e35a\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 30710 9eb38bbec69e72e52581cd355373ced3\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 31932 e2fbc77b172c6eb54c12461333f00ef1\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 256874 140bdfc671e9acd9150a6995b247af34\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 57454 caa48211376a98c67e03d068e6fbeb6f\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 516072 ae166665afe33ad8e24ae155e74e7bce\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 119300 8b7fae0ab762cb2522db9b78d8c0d186\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 162998 c4c23fcc53e97f070b5d528eb163af00\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 37784 dbf2fb481981fe63a558447139c5b7bb\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 69388 fbd6ba202c666b7c8b27686fb309f528\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 23946 96ab72df3ae02e9822a52fa4d0fe08c2\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 42206 50ce55dbed833c43a58c7b5913249754\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 43540 8b1c4044113c1021717ef3c5b79686d6\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 34384 ce7f69712e2af6ec72bbddaaa4a4ed9d\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 45178 2148edf895d480b315fd5236a82af8be\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 32060 966345ea7709602258fefcc66b75c2a3\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 139936 a1917b6ae317b87749a7ea8b6c68cc96\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 70198 5350eedbce161c1c2cd09d780a80e8ae\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 60560 722387dd2747e994d49335669ea93449\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 30790 07abee4e10bd0f2834292aa9aed0351c\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 31656 a2601adf14c97c6339e5eece745b61ed\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 211826 b3a51143513404c3a58869ccdc980352\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 52172 05037589546d7bad9cf0fdc47c9b234a\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 399312 bdec29fdaa096cfb4205448ca30debdf\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 105690 104bd645147011b71b3d4250083df27d\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 138286 5f206db56db8e0c610eb17349f6da5be\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 35156 c55f2924284487b4169a9d52f3b79f18\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 55500 b0b11055a2b744a20688eda87678f24c\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 23424 3e66bc4d54685e4cbafc1a53dcb7e4cf\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 38200 296ae362e7a9483e866f959ad4a5832b\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 37984 aa745d6da276a877a415fd66a06128d8\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 31712 9af44dffde45b673760c7991606eb312\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 39850 606e9fe193e34f3ae1ea864e3a9e21bd\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 29436 ba92cf45fc7bfed068cc3de3d63220ee\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 111036 ade91cc8a12d1d5a3e57e4762a68a060\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 68726 77f24b45977cb9e3e729ee64d4e3ec4b\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 49958 4967192c48b8ad8bc1f0c0b244635616\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 27460 883c720bb718cd60dbe9f38c8792c2e0\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 28192 88b86afb0a2b04da8785c165402d7727\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 248918 005efbd5408a65d580e0c4d8ed8ed80b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 55564 4aa128a89c3f5b8dd3529e89e3d27f37\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 505212 d8dda2a0131d90cf29d9e299d28b356b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 114882 5102fbf99e5f52569a22a2c17748a520\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 160242 cf112ed81fdf868ab6efb07ef93ac2d7\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 37388 6a46e03e6fdbd7e4803ef2fb1370c699\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 58340 086cf69030b957bbe6cd27516f717f29\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 23590 15c7586e6b6cd94e3c3a559e980e5645\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 39534 755f9ee7cd757674e4d569ae01ec9474\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 39014 7199130531d369f8c8bd8178ae66158f\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 32122 8d128559a4e7b55a8309c7ded954ea93\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 40734 cd594016cfb45138345f8d19f824d5b2\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 30376 946da152608b5d49ed90edb152946442\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 120610 42e1d7253a98a12279a61bc3b12bfe10\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 57476 f4e2d9e86dc852068faad25bb8e78ca5\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 53346 974a501c32c765c9063ca0b1bf0100b3\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 28520 fa5ce3789529406ce6c62f6fb24e46b2\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 29186 8736a50aa2789aaed507714ebd298240\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 248064 8891058ed6fc8826f4bd57d5b8eb26b1\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 55550 559be15f2dc64fffea360f5281660435\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 499388 8c838954ef0b75815fc8eedb3fc7559f\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 114840 5d87f1b1d7dddf6d4087730b810d3d5d\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 160350 cae061acf36faa4acc76abf8640051f8\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 37308 b14e3b3f5c4ef1c9bb0615a9c2dace69\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 57946 acc5e0cee40880946eb211fb6d395f2c\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 23590 4b376e0c25d261f8eaa64e8a8bbd3d8c\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 39220 5c6c245272b4b80fadd56f2248f7861e\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 38712 e57c37dc5afcb2d09d684b759ac33f77\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 32044 dc3622de31025834023b1c2e68ef3246\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 40354 9ffa12ee944c9def479add6f18db7dc1\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 30352 69ea54f0432371140f802ac1a2e6f1ff\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 119520 307afbe2f26e9db953abb82c7d305799\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 52682 07759311f573f201c3187808f0955b54\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 53410 4033254bfa0482ec101e9de313ba5bfd\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 28588 71be890e75aa25f27cac29437ba3b4cb\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 29268 8260428b6857d0b2bf127f47d8082f66\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 228262 a5c5faca2967096b1a364c13740d32df\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 53894 552c568c50d62e54a5e96daa2bb87c1c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 466526 a50ed6bb5e236c8d6db8243734803ea0\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 110132 4c947ba0c94cef3629eaa0f7eac8c2a1\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 149254 722d7ced6894cefd14f68e446af458db\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 36230 dfbe16f671521b1515c9c8c9265a5342\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 57226 cfea58fb03d07ed85d674df21f1c7e7e\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 23580 7d63a22a980a14030126cfa322243ffc\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 39364 f6e7d32e6da45f8d5893e1d681eb9788\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 38630 1a815e315e9650a39f9c685fa8861846\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 31794 b54c265e1578e0f40cc7a683d6b8c742\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 40104 7dd0775da038d1b34428efd6bffa4b6c\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 30246 a7a5c8635a3c1c9b508e8af3dd05d44f\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 118918 2f21bb221eef3fb8ab9caa3006dae794\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 69400 7d1bb7b9e83a7ed9cf53cb5d385e9447\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 53826 fe4212f691d675bf1f682d17329c6c5e\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 28744 0012158f14e5fff7ec9988e2d7939cf6\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 29560 58921e138af421a9ea48d7a35b728f01\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 235020 45fae34704d01f03b5e0dd716bf91e90\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 55710 9cd974e488c7bc3a8430d01fe5dd6ad0\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 433342 d6affed884050cffe8776f79ed749897\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 116002 7d68b959b4d7897179273c0d795c4a21\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 153824 6de2ef670834b0b22cde0888637d81a6\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 36982 fc870d47a3a23441cb83452904bed977\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 58358 ccf0873fd87a468e71c2d2745fcc0284\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 23664 6229dd41d0719f3a8b5fbafa81221584\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 41084 ed1f1756f66cfa655b04e77c02308fa3\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 39846 edc6789b94dc803b6e59efb287151162\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 33028 f74bb90f54953af275deadb3a09beedc\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 41900 81aa709bde50ea906d512637db5412df\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 30394 4055618b16374db57fcbe27264e35f61\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 125432 4e1b2fd68cdb66d210b5860870654a81\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 69554 606b376355b9392208cbba9cd43d6e0a\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 54608 a2f3303e3a1bb49e47ed0f68673509b2\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 28688 2df7664e3ff5a1173c62575184c674e8\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 29510 6b28d5ca95a5e09b74989bc1f6f81c14\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 227226 513f1a6c24c6b815470078cc0e2ee72e\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 54026 52d920d2cfcf8e208e3a04afc2983751\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 430544 7819784bedbc84d394ca11ed42c2c9e4\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 107728 c694c5e1d66d5985aaf2bf4eda793ba0\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 151578 07eb106e95368b5dec91521907398d1d\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 35636 1eab2cc36c7adc947b5e2fa70800e9b8\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 54854 eb29480cce8645f5bb72f2f2694b2f26\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 26260 9ddcdbc49b997c4dc903a651e3007877\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 39100 cf636dca0a94f193f46bcf88db439672\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 38004 28e82ffa12af5c90df707e686ef29906\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 31738 c70af19b2e2f73f1359208f0f8ce59b6\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 39884 cb269f527e83ae03a9b2db051a487fa8\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 29702 925140a648da199ef7338bf415f605db\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 112400 5c9329c597ca1448ed158e30b4f7895a\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 58340 473a1c45ba02d9c84bb786ee116a46bd\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 55444 0272fc78d38e0c1d3dd7176e412504e2\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 28256 a33d2dbf32502d3f3caf3917e82c5ffe\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 28954 28a7aed2ab84250549c5e64ac987e00c\n\n These files will probably be moved into the stable distribution on\n its next update. BACKGROUND\n\nThe TELNET protocol allows virtual network terminals to be connected to\nover the internet. The initial description of the protocol was given in\nRFC854 in May 1983. Since then there have been many extra features added\nincluding encryption. \n\nII. \n\nThe vulnerability specifically exists in the handling of the LINEMODE\nsuboptions, in that there is no size check made on the output, which is\nstored in a fixed length buffer. \n\nIII. It may be \npossible to automatically launch the telnet command from a webpage, for \nexample:\n\n<html><body>\n<iframe src='telnet://malicious.server/'>\n</body>\n\nOn opening this page the telnet client may be launched and attempt to \nconnect to the host 'malicious.server'. \n\nIV. DETECTION\n\niDEFENSE has confirmed the existence of the vulnerability in the telnet \nclient included in the Kerberos V5 Release 1.3.6 package and the client \nincluded in the SUNWtnetc package of Solaris 5.9. \n\nV. WORKAROUND\n\niDEFENSE is currently unaware of any effective workarounds for this \nvulnerability. \n\nVI. VENDOR RESPONSE\n\nThe following vendors have provided official responses related to this\nvulnerability. Other vendors may be affected but have not provided an\nofficial response. \n\nVulnerable:\n\n- ALT Linux\nAll supported ALT Linux distributions include telnet client derived from\nOpenBSD 3.0. Updated packages with fixes for\nthese issues will be released on March 28, 2005. \nhttp://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html\n\n- Apple Computer, Inc. \nComponent: Telnet\nAvailable for: Mac OS X 10.3.8, Mac OS X Server 10.3.8\nThis is fixed in Security Update 2005-003, which is available at\nhttp://docs.info.apple.com/article.html?artnum=61798\n\n- FreeBSD\nFreeBSD-SA-05:01.telnet security advisory:\nftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc\n\n- MIT (Kerberos)\nThis vulnerability is covered in the following upcoming advisory:\nMITKRB5-SA-2005-001:\n http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-001-telnet.txt\npatch against krb5-1.4:\n http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt\n\n- Openwall Project\nThe bugs are fixed starting with telnet package version 3.0-owl2. \n http://www.openwall.com/Owl/CHANGES-current.shtml\n\n- Red Hat, Inc. \nRed Hat Enterprise Linux ships with telnet and krb5 packages vulnerable\nto this issue. New telnet and krb5 packages are now available along\nwith our advisory at the URLs below and by using the Red Hat Network\n'up2date' tool. \n Red Hat Enterprise Linux - telnet\n http://rhn.redhat.com/errata/RHSA-2005-330.html\n Red Hat Enterprise Linux - krb5\n http://rhn.redhat.com/errata/RHSA-2005-327.html\n\n- Sun Microsystems Inc. \nSun confirms that the telnet(1) vulnerabilities do affect all\ncurrently supported versions of Solaris:\n Solaris 7, 8, 9 and 10\nSun has released a Sun Alert which describes a workaround until patches\nare available at:\n http://sunsolve.sun.com\n Sun Alert #57755 \nThe Sun Alert will be updated with the patch information once it becomes\navailable. Sun patches are available from:\n http://sunsolve.sun.com/securitypatch\n\nNot Vulnerable:\n\n- CyberSafe Limited\nThe CyberSafe TrustBroker products, version 3.0 or later, are not vulnerable. \n\n- Hewlett-Packard Development Company, L.P. \nHP-UX and HP Tru64 UNIX are not vulnerable. \n\n- InterSoft International, Inc. \nInterSoft International, Inc. products NetTerm, SecureNetTerm and\nSNetTerm are not affected by the slc_add_reply() buffer overflow\nconditions. \n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nnames CAN-2005-0469 to these issues. This is a candidate for inclusion\nin the CVE list (http://cve.mitre.org), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n02/18/2005 Initial vendor notification\n03/28/2005 Coordinated public disclosure\n\nIX. CREDIT\n\nGa\\xebl Delalleau credited with this discovery. \n\nGet paid for vulnerability research\nhttp://www.idefense.com/poi/teams/vcp.jsp\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com\n\nX. LEGAL NOTICES\n\nCopyright \\xa9 2005 iDEFENSE, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDEFENSE. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically, please\nemail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \nThere are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct, indirect,\nor consequential loss or damage arising from use of, or reliance on,\nthis information. This is a multi-part message in MIME format. \n\nBackground\n==========\n\nnetkit-telnetd provides standard Linux telnet client and server. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll netkit-telnetd users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/netkit-telnetd-0.17-r6\"\n\nReferences\n==========\n\n [ 1 ] CAN-2005-0469\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469\n [ 2 ] iDEFENSE Advisory 03-28-05\n\nhttp://www.idefense.com/application/poi/display?id=220&type=vulnerabilities\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200503-36.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2005 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.0\n\n\n--------------enig5AB53435F202A7CF12E5E13A\nContent-Type: application/pgp-signature;\n\tname=\"signature.asc\"\nContent-Transfer-Encoding: 7bit\nContent-Description: OpenPGP digital signature\nContent-Disposition: attachment;\n\tfilename=\"signature.asc\"\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.1 (GNU/Linux)\n\niD8DBQFCS97/vcL1obalX08RAqPTAJ0U96lQ6ItuSV4jrDU16XhgSX4fnwCeJ2kS\nRMB/LUN0B0tNRKR3DBoB0YE=\n=0wgI\n-----END PGP SIGNATURE-----\n\n--------------enig5AB53435F202A7CF12E5E13A--\n. \n\nhttp://creativecommons.org/licenses/by-sa/2.0\n\n", sources: [ { db: "NVD", id: "CVE-2005-0469", }, { db: "CERT/CC", id: "VU#341908", }, { db: "CERT/CC", id: "VU#291924", }, { db: "JVNDB", id: "JVNDB-2005-000203", }, { db: "BID", id: "12918", }, { db: "PACKETSTORM", id: "37506", }, { db: "PACKETSTORM", id: "38922", }, { db: "PACKETSTORM", id: "38276", }, { db: "PACKETSTORM", id: "36840", }, { db: "PACKETSTORM", id: "36914", }, { db: "PACKETSTORM", id: "37029", }, ], trust: 3.87, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "SECUNIA", id: "14745", trust: 4, }, { db: "NVD", id: "CVE-2005-0469", trust: 3.2, }, { db: "BID", id: "12918", trust: 2.7, }, { db: "CERT/CC", id: "VU#291924", trust: 2.4, }, { db: "AUSCERT", id: "ESB-2005.0419", trust: 1.6, }, { db: "CERT/CC", id: "VU#341908", trust: 1.6, }, { db: "SECUNIA", id: "17899", trust: 1.6, }, { db: "SECUNIA", id: "15030", trust: 0.9, }, { db: "JVNDB", id: "JVNDB-2005-000203", trust: 0.8, }, { db: "FREEBSD", id: "FREEBSD-SA-05:01.TELNET", trust: 0.6, }, { db: "SUNALERT", id: "57761", trust: 0.6, }, { db: "SUNALERT", id: "57755", trust: 0.6, }, { db: "SUNALERT", id: "101665", trust: 0.6, }, { db: "SUNALERT", id: "101671", trust: 0.6, }, { db: "IDEFENSE", id: "20050328 MULTIPLE TELNET CLIENT SLC_ADD_REPLY() BUFFER OVERFLOW VULNERABILITY", trust: 0.6, }, { db: "DEBIAN", id: "DSA-731", trust: 0.6, }, { db: "DEBIAN", id: "DSA-699", trust: 0.6, }, { db: "DEBIAN", id: "DSA-703", trust: 0.6, }, { db: "DEBIAN", id: "DSA-697", trust: 0.6, }, { db: "REDHAT", id: "RHSA-2005:330", trust: 0.6, }, { db: "REDHAT", id: "RHSA-2005:327", trust: 0.6, }, { db: "UBUNTU", id: "USN-224-1", trust: 0.6, }, { db: "MANDRAKE", id: "MDKSA-2005:061", trust: 0.6, }, { db: "SGI", id: "20050405-01-P", trust: 0.6, }, { db: "GENTOO", id: "GLSA-200503-36", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-200505-613", trust: 0.6, }, { db: "PACKETSTORM", id: "37506", trust: 0.1, }, { db: "PACKETSTORM", id: "38922", trust: 0.1, }, { db: "PACKETSTORM", id: "38276", trust: 0.1, }, { db: "PACKETSTORM", id: "36840", trust: 0.1, }, { db: "PACKETSTORM", id: "36914", trust: 0.1, }, { db: "PACKETSTORM", id: "37029", trust: 0.1, }, ], sources: [ { db: "CERT/CC", id: "VU#341908", }, { db: "CERT/CC", id: "VU#291924", }, { db: "BID", id: "12918", }, { db: "JVNDB", id: "JVNDB-2005-000203", }, { db: "PACKETSTORM", id: "37506", }, { db: "PACKETSTORM", id: "38922", }, { db: "PACKETSTORM", id: "38276", }, { db: "PACKETSTORM", id: "36840", }, { db: "PACKETSTORM", id: "36914", }, { db: "PACKETSTORM", id: "37029", }, { db: "CNNVD", id: "CNNVD-200505-613", }, { db: "NVD", id: "CVE-2005-0469", }, ], }, id: "VAR-200505-0163", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.4615448, }, last_update_date: "2024-07-23T20:48:54.841000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "telnet", trust: 0.8, url: "http://www.miraclelinux.com/support/update/data/telnet.html", }, { title: "MITKRB5-SA-2005-001", trust: 0.8, url: "http://web.mit.edu/kerberos/www/advisories/mitkrb5-sa-2005-001-telnet.txt", }, { title: "RHSA-2005:327", trust: 0.8, url: "http://rhn.redhat.com/errata/rhsa-2005-327.html", }, { title: "RHSA-2005:330", trust: 0.8, url: "https://rhn.redhat.com/errata/rhsa-2005-330.html", }, { title: "Telnet ソフトウェアの脆弱性による SEIL シリーズへの影響について", trust: 0.8, url: "http://www.seil.jp/seilseries/news/snote/_snote_20050810_01.html", }, { title: "57761", trust: 0.8, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1", }, { title: "57755", trust: 0.8, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1", }, { title: "57761", trust: 0.8, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-3", }, { title: "57755", trust: 0.8, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-3", }, { title: "TLSA-2005-52", trust: 0.8, url: "http://www.turbolinux.com/security/2005/tlsa-2005-52.txt", }, { title: "RHSA-2005:327", trust: 0.8, url: "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-327j.html", }, { title: "RHSA-2005:330", trust: 0.8, url: "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-330j.html", }, { title: "TLSA-2005-52", trust: 0.8, url: "http://www.turbolinux.co.jp/security/2005/tlsa-2005-52j.txt", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2005-000203", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-Other", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2005-0469", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.6, url: "http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities", }, { trust: 2.5, url: "http://secunia.com/advisories/14745/", }, { trust: 2.4, url: "http://www.securityfocus.com/bid/12918", }, { trust: 2, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1", }, { trust: 2, url: "http://web.mit.edu/kerberos/advisories/mitkrb5-sa-2005-001-telnet.txt", }, { trust: 1.9, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1", }, { trust: 1.6, url: "http://web.mit.edu/kerberos/www/...s/mitkrb5-sa-2005-001-telnet.txt ", }, { trust: 1.6, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1 ", }, { trust: 1.6, url: "http://www.auscert.org.au/5134", }, { trust: 1.6, url: "http://www.kb.cert.org/vuls/id/291924", }, { trust: 1.6, url: "http://www.redhat.com/support/errata/rhsa-2005-330.html", }, { trust: 1.6, url: "http://www.redhat.com/support/errata/rhsa-2005-327.html", }, { trust: 1.6, url: "http://www.gentoo.org/security/en/glsa/glsa-200503-36.xml", }, { trust: 1.6, url: "http://www.debian.org/security/2005/dsa-703", }, { trust: 1.6, url: "http://www.debian.org/security/2005/dsa-699", }, { trust: 1.6, url: "http://www.debian.org/security/2005/dsa-697", }, { trust: 1.6, url: "ftp://patches.sgi.com/support/free/security/advisories/20050405-01-p", }, { trust: 1.6, url: "http://www.ubuntulinux.org/usn/usn-224-1", }, { trust: 1.6, url: "http://www.debian.de/security/2005/dsa-731", }, { trust: 1.6, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1", }, { trust: 1.6, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1", }, { trust: 1.6, url: "http://secunia.com/advisories/17899", }, { trust: 1.6, url: "http://secunia.com/advisories/14745", }, { trust: 1.6, url: "ftp://ftp.freebsd.org/pub/freebsd/cert/advisories/freebsd-sa-05:01.telnet.asc", }, { trust: 1.6, url: "http://www.mandriva.com/security/advisories?name=mdksa-2005:061", }, { trust: 1.2, url: "https://rhn.redhat.com/errata/rhsa-2005-327.html", }, { trust: 1, url: "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9708", }, { trust: 0.9, url: "http://secunia.com/advisories/15030/", }, { trust: 0.8, url: "http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-0469", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnvu%23291924/index.html", }, { trust: 0.8, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-0469", }, { trust: 0.8, url: "http://www.kb.cert.org/vuls/id/341908", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2005-0469", }, { trust: 0.4, url: "http://lists.altlinux.ru/pipermail/security-announce/2005-march/000287.html", }, { trust: 0.4, url: "http://www.openwall.com/owl/changes-current.shtml", }, { trust: 0.4, url: "http://rhn.redhat.com/errata/rhsa-2005-330.html", }, { trust: 0.3, url: "http://www.openbsd.org/errata.html#telnet", }, { trust: 0.3, url: "http://www.openbsd.org/errata35.html#telnet", }, { trust: 0.3, url: "http://www.pdc.kth.se/heimdal/advisory/2005-04-20/", }, { trust: 0.3, url: "http://www.uniras.gov.uk/niscc/docs/br-20051101-00969.html?lang=en", }, { trust: 0.3, url: "http://support.avaya.com/elmodocs2/security/asa-2005-088_rhsa-2005-330.pdf", }, { trust: 0.3, url: "http://support.avaya.com/elmodocs2/security/asa-2005-132_rhsa-2005-327.pdf", }, { trust: 0.3, url: "http://www.f5.com/", }, { trust: 0.3, url: "http://www.idefense.com/intelligence/vulnerabilities/display.php?type=vulnerabilities&id=220", }, { trust: 0.3, url: "http://www.netbsd.org/", }, { trust: 0.3, url: "ftp://ftp.uk.linux.org/pub/linux/networking/netkit/", }, { trust: 0.3, url: "http://docs.info.apple.com/article.html?artnum=301061", }, { trust: 0.3, url: "http://bugs.gentoo.org.", }, { trust: 0.3, url: "http://creativecommons.org/licenses/by-sa/2.0", }, { trust: 0.3, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-0469", }, { trust: 0.3, url: "http://security.gentoo.org/", }, { trust: 0.2, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-0468", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2005-0468", }, { trust: 0.1, url: "http://secunia.com/secunia_security_advisories/", }, { trust: 0.1, url: "http://secunia.com/product/1006/", }, { trust: 0.1, url: "http://secunia.com/secunia_vacancies/", }, { trust: 0.1, url: "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org", }, { trust: 0.1, url: "http://secunia.com/about_secunia_advisories/", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e.orig.tar.gz", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_m68k.deb", }, { trust: 0.1, url: "http://www.debian.org/security/faq", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.11.dsc", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-docs_0.4e-7.woody.11_all.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_sparc.deb", }, { trust: 0.1, url: "http://www.debian.org/security/", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.11.diff.gz", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_mips.deb", }, { trust: 0.1, url: "http://packages.debian.org/<pkg>", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-lib_0.4e-7.woody.11_all.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_s390.deb", }, { trust: 0.1, url: "http://security.gentoo.org/glsa/glsa-200504-28.xml", }, { trust: 0.1, url: "http://www.idefense.com/poi/teams/vcp.jsp", }, { trust: 0.1, url: "http://sunsolve.sun.com/securitypatch", }, { trust: 0.1, url: "http://sunsolve.sun.com", }, { trust: 0.1, url: "http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt", }, { trust: 0.1, url: "http://docs.info.apple.com/article.html?artnum=61798", }, { trust: 0.1, url: "http://cve.mitre.org),", }, { trust: 0.1, url: "http://labs.idefense.com", }, { trust: 0.1, url: "http://security.gentoo.org/glsa/glsa-200503-36.xml", }, { trust: 0.1, url: "http://security.gentoo.org/glsa/glsa-200504-04.xml", }, { trust: 0.1, url: "http://web.mit.edu/kerberos/www/advisories/mitkrb5-sa-2005-001-telnet.txt", }, ], sources: [ { db: "CERT/CC", id: "VU#341908", }, { db: "CERT/CC", id: "VU#291924", }, { db: "BID", id: "12918", }, { db: "JVNDB", id: "JVNDB-2005-000203", }, { db: "PACKETSTORM", id: "37506", }, { db: "PACKETSTORM", id: "38922", }, { db: "PACKETSTORM", id: "38276", }, { db: "PACKETSTORM", id: "36840", }, { db: "PACKETSTORM", id: "36914", }, { db: "PACKETSTORM", id: "37029", }, { db: "CNNVD", id: "CNNVD-200505-613", }, { db: "NVD", id: "CVE-2005-0469", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CERT/CC", id: "VU#341908", }, { db: "CERT/CC", id: "VU#291924", }, { db: "BID", id: "12918", }, { db: "JVNDB", id: "JVNDB-2005-000203", }, { db: "PACKETSTORM", id: "37506", }, { db: "PACKETSTORM", id: "38922", }, { db: "PACKETSTORM", id: "38276", }, { db: "PACKETSTORM", id: "36840", }, { db: "PACKETSTORM", id: "36914", }, { db: "PACKETSTORM", id: "37029", }, { db: "CNNVD", id: "CNNVD-200505-613", }, { db: "NVD", id: "CVE-2005-0469", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2005-04-01T00:00:00", db: "CERT/CC", id: "VU#341908", }, { date: "2005-03-29T00:00:00", db: "CERT/CC", id: "VU#291924", }, { date: "2005-03-28T00:00:00", db: "BID", id: "12918", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2005-000203", }, { date: "2005-05-29T20:22:44", db: "PACKETSTORM", id: "37506", }, { date: "2005-07-28T06:36:03", db: "PACKETSTORM", id: "38922", }, { date: "2005-06-24T07:12:08", db: "PACKETSTORM", id: "38276", }, { date: "2005-03-29T05:18:19", db: "PACKETSTORM", id: "36840", }, { date: "2005-04-14T06:14:55", db: "PACKETSTORM", id: "36914", }, { date: "2005-04-17T18:36:49", db: "PACKETSTORM", id: "37029", }, { date: "2005-03-29T00:00:00", db: "CNNVD", id: "CNNVD-200505-613", }, { date: "2005-05-02T04:00:00", db: "NVD", id: "CVE-2005-0469", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2005-07-28T00:00:00", db: "CERT/CC", id: "VU#341908", }, { date: "2005-12-22T00:00:00", db: "CERT/CC", id: "VU#291924", }, { date: "2007-02-22T18:56:00", db: "BID", id: "12918", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2005-000203", }, { date: "2006-09-22T00:00:00", db: "CNNVD", id: "CNNVD-200505-613", }, { date: "2017-10-11T01:29:56.293000", db: "NVD", id: "CVE-2005-0469", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "36840", }, { db: "CNNVD", id: "CNNVD-200505-613", }, ], trust: 0.7, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple Telnet Clients vulnerable to buffer overflow via the env_opt_add() function in telnet.c", sources: [ { db: "CERT/CC", id: "VU#341908", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer overflow", sources: [ { db: "CNNVD", id: "CNNVD-200505-613", }, ], trust: 0.6, }, }
var-201407-0462
Vulnerability from variot
MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session. MIT Kerberos 5 is prone to a remote denial-of-service vulnerability due to a NULL pointer dereference error. An attacker may exploit this issue to crash the affected service, resulting in denial-of-service conditions. Kerberos 5 versions 1.7.0 through 1.12.11 are vulnerable.
CVE-2014-4343
An unauthenticated remote attacker with the ability to spoof packets
appearing to be from a GSSAPI acceptor can cause a double-free
condition in GSSAPI initiators (clients) which are using the SPNEGO
mechanism, by returning a different underlying mechanism than was
proposed by the initiator.
For the stable distribution (wheezy), these problems have been fixed in version 1.10.1+dfsg-5+deb7u2.
For the unstable distribution (sid), these problems have been fixed in version 1.12.1+dfsg-7. ========================================================================== Ubuntu Security Notice USN-2310-1 August 11, 2014
krb5 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in Kerberos. This issue only affected Ubuntu 12.04 LTS. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2014-4344)
Tomas Kuthan and Greg Hudson discovered that the Kerberos kadmind daemon incorrectly handled buffers when used with the LDAP backend. (CVE-2014-4345)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: krb5-admin-server 1.12+dfsg-2ubuntu4.2 krb5-kdc 1.12+dfsg-2ubuntu4.2 krb5-kdc-ldap 1.12+dfsg-2ubuntu4.2 krb5-otp 1.12+dfsg-2ubuntu4.2 krb5-pkinit 1.12+dfsg-2ubuntu4.2 krb5-user 1.12+dfsg-2ubuntu4.2 libgssapi-krb5-2 1.12+dfsg-2ubuntu4.2 libgssrpc4 1.12+dfsg-2ubuntu4.2 libk5crypto3 1.12+dfsg-2ubuntu4.2 libkadm5clnt-mit9 1.12+dfsg-2ubuntu4.2 libkadm5srv-mit9 1.12+dfsg-2ubuntu4.2 libkdb5-7 1.12+dfsg-2ubuntu4.2 libkrad0 1.12+dfsg-2ubuntu4.2 libkrb5-3 1.12+dfsg-2ubuntu4.2 libkrb5support0 1.12+dfsg-2ubuntu4.2
Ubuntu 12.04 LTS: krb5-admin-server 1.10+dfsg~beta1-2ubuntu0.5 krb5-kdc 1.10+dfsg~beta1-2ubuntu0.5 krb5-kdc-ldap 1.10+dfsg~beta1-2ubuntu0.5 krb5-pkinit 1.10+dfsg~beta1-2ubuntu0.5 krb5-user 1.10+dfsg~beta1-2ubuntu0.5 libgssapi-krb5-2 1.10+dfsg~beta1-2ubuntu0.5 libgssrpc4 1.10+dfsg~beta1-2ubuntu0.5 libk5crypto3 1.10+dfsg~beta1-2ubuntu0.5 libkadm5clnt-mit8 1.10+dfsg~beta1-2ubuntu0.5 libkadm5srv-mit8 1.10+dfsg~beta1-2ubuntu0.5 libkdb5-6 1.10+dfsg~beta1-2ubuntu0.5 libkrb5-3 1.10+dfsg~beta1-2ubuntu0.5 libkrb5support0 1.10+dfsg~beta1-2ubuntu0.5
Ubuntu 10.04 LTS: krb5-admin-server 1.8.1+dfsg-2ubuntu0.13 krb5-kdc 1.8.1+dfsg-2ubuntu0.13 krb5-kdc-ldap 1.8.1+dfsg-2ubuntu0.13 krb5-pkinit 1.8.1+dfsg-2ubuntu0.13 krb5-user 1.8.1+dfsg-2ubuntu0.13 libgssapi-krb5-2 1.8.1+dfsg-2ubuntu0.13 libgssrpc4 1.8.1+dfsg-2ubuntu0.13 libk5crypto3 1.8.1+dfsg-2ubuntu0.13 libkadm5clnt-mit7 1.8.1+dfsg-2ubuntu0.13 libkadm5srv-mit7 1.8.1+dfsg-2ubuntu0.13 libkdb5-4 1.8.1+dfsg-2ubuntu0.13 libkrb5-3 1.8.1+dfsg-2ubuntu0.13 libkrb5support0 1.8.1+dfsg-2ubuntu0.13
In general, a standard system update will make all the necessary changes.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345 http://advisories.mageia.org/MGASA-2014-0345.html
Updated Packages:
Mandriva Business Server 1/X86_64: 3d717913ec53cd745cbaa0ea46321815 mbs1/x86_64/krb5-1.9.2-3.5.mbs1.x86_64.rpm e11b2338f4265d9241013211644543d9 mbs1/x86_64/krb5-pkinit-openssl-1.9.2-3.5.mbs1.x86_64.rpm 3dd7ce5af9b798a3be7fb22f3598e3a7 mbs1/x86_64/krb5-server-1.9.2-3.5.mbs1.x86_64.rpm a86c6a16fa6091672020b97d5873fc7f mbs1/x86_64/krb5-server-ldap-1.9.2-3.5.mbs1.x86_64.rpm c56d0f9b2f4f5b7145db65efd8d3627f mbs1/x86_64/krb5-workstation-1.9.2-3.5.mbs1.x86_64.rpm 67a0a6fc9192328cedd811db760089b4 mbs1/x86_64/lib64krb53-1.9.2-3.5.mbs1.x86_64.rpm ff121251269cab55a574bc5a06c739b0 mbs1/x86_64/lib64krb53-devel-1.9.2-3.5.mbs1.x86_64.rpm 0308ef62a73141b5f0915251796608c7 mbs1/SRPMS/krb5-1.9.2-3.5.mbs1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: krb5 security, bug fix and enhancement update Advisory ID: RHSA-2015:0439-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0439.html Issue date: 2015-03-05 CVE Names: CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345 CVE-2014-5352 CVE-2014-5353 CVE-2014-9421 CVE-2014-9422 CVE-2014-9423 =====================================================================
- Summary:
Updated krb5 packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
Kerberos is a networked authentication system which allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos KDC.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application. (CVE-2014-4344)
A buffer overflow was found in the KADM5 administration server (kadmind) when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind. (CVE-2014-4345)
A use-after-free flaw was found in the way the MIT Kerberos libgssapi_krb5 library processed valid context deletion tokens. An attacker able to make an application using the GSS-API library (libgssapi) call the gss_process_context_token() function could use this flaw to crash that application. (CVE-2014-5352)
If kadmind were used with an LDAP back end for the KDC database, a remote, authenticated attacker with the permissions to set the password policy could crash kadmind by attempting to use a named ticket policy object as a password policy for a principal. (CVE-2014-5353)
A double-free flaw was found in the way MIT Kerberos handled invalid External Data Representation (XDR) data. An authenticated user could use this flaw to crash the MIT Kerberos administration server (kadmind), or other applications using Kerberos libraries, using specially crafted XDR packets. (CVE-2014-9421)
It was found that the MIT Kerberos administration server (kadmind) incorrectly accepted certain authentication requests for two-component server principal names. A remote attacker able to acquire a key with a particularly named principal (such as "kad/x") could use this flaw to impersonate any user to kadmind, and perform administrative actions as that user. (CVE-2014-9422)
An information disclosure flaw was found in the way MIT Kerberos RPCSEC_GSS implementation (libgssrpc) handled certain requests. An attacker could send a specially crafted request to an application using libgssrpc to disclose a limited portion of uninitialized memory used by that application. (CVE-2014-9423)
Two buffer over-read flaws were found in the way MIT Kerberos handled certain requests. A remote, unauthenticated attacker able to inject packets into a client or server application's GSSAPI session could use either of these flaws to crash the application. (CVE-2014-4341, CVE-2014-4342)
A double-free flaw was found in the MIT Kerberos SPNEGO initiators. An attacker able to spoof packets to appear as though they are from an GSSAPI acceptor could use this flaw to crash a client application that uses MIT Kerberos. (CVE-2014-4343)
Red Hat would like to thank the MIT Kerberos project for reporting the CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, and CVE-2014-9423 issues. MIT Kerberos project acknowledges Nico Williams for helping with the analysis of CVE-2014-5352.
The krb5 packages have been upgraded to upstream version 1.12, which provides a number of bug fixes and enhancements, including:
-
Added plug-in interfaces for principal-to-username mapping and verifying authorization to user accounts.
-
When communicating with a KDC over a connected TCP or HTTPS socket, the client gives the KDC more time to reply before it transmits the request to another server. (BZ#1049709, BZ#1127995)
This update also fixes multiple bugs, for example:
- The Kerberos client library did not recognize certain exit statuses that the resolver libraries could return when looking up the addresses of servers configured in the /etc/krb5.conf file or locating Kerberos servers using DNS service location. The library could treat non-fatal return codes as fatal errors. Now, the library interprets the specific return codes correctly. (BZ#1084068, BZ#1109102)
In addition, this update adds various enhancements. Among others:
-
Added support for contacting KDCs and kpasswd servers through HTTPS proxies implementing the Kerberos KDC Proxy (KKDCP) protocol. (BZ#1109919)
-
Solution:
All krb5 users are advised to upgrade to these updated packages, which correct these issues and add these enhancements.
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1084068 - ipv6 address handling in krb5.conf 1102837 - Please backport improved GSSAPI mech configuration 1109102 - Kerberos does not handle incorrect Active Directory DNS SRV entries correctly 1109919 - Backport https support into libkrb5 1116180 - CVE-2014-4341 krb5: denial of service flaws when handling padding length longer than the plaintext 1118347 - ksu non-functional, gets invalid argument copying cred cache 1120581 - CVE-2014-4342 krb5: denial of service flaws when handling RFC 1964 tokens 1121789 - CVE-2014-4343: use-after-free crash in SPNEGO 1121876 - CVE-2014-4343 krb5: double-free flaw in SPNEGO initiators 1121877 - CVE-2014-4344 krb5: NULL pointer dereference flaw in SPNEGO acceptor for continuation tokens 1127995 - aggressive kinit timeout causes AS_REQ resent and subsequent OTP auth failure 1128157 - CVE-2014-4345 krb5: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001) 1166012 - libkadmclnt SONAME change (8 to 9) in krb5 1.12 update 1174543 - CVE-2014-5353 krb5: NULL pointer dereference when using a ticket policy name as a password policy name 1179856 - CVE-2014-5352 krb5: gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001) 1179857 - CVE-2014-9421 krb5: kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001) 1179861 - CVE-2014-9422 krb5: kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001) 1179863 - CVE-2014-9423 krb5: libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001) 1184629 - kinit loops on principals on unknown error
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: krb5-1.12.2-14.el7.src.rpm
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: krb5-1.12.2-14.el7.src.rpm
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: krb5-1.12.2-14.el7.src.rpm
ppc64: krb5-debuginfo-1.12.2-14.el7.ppc.rpm krb5-debuginfo-1.12.2-14.el7.ppc64.rpm krb5-devel-1.12.2-14.el7.ppc.rpm krb5-devel-1.12.2-14.el7.ppc64.rpm krb5-libs-1.12.2-14.el7.ppc.rpm krb5-libs-1.12.2-14.el7.ppc64.rpm krb5-pkinit-1.12.2-14.el7.ppc64.rpm krb5-server-1.12.2-14.el7.ppc64.rpm krb5-server-ldap-1.12.2-14.el7.ppc64.rpm krb5-workstation-1.12.2-14.el7.ppc64.rpm
s390x: krb5-debuginfo-1.12.2-14.el7.s390.rpm krb5-debuginfo-1.12.2-14.el7.s390x.rpm krb5-devel-1.12.2-14.el7.s390.rpm krb5-devel-1.12.2-14.el7.s390x.rpm krb5-libs-1.12.2-14.el7.s390.rpm krb5-libs-1.12.2-14.el7.s390x.rpm krb5-pkinit-1.12.2-14.el7.s390x.rpm krb5-server-1.12.2-14.el7.s390x.rpm krb5-server-ldap-1.12.2-14.el7.s390x.rpm krb5-workstation-1.12.2-14.el7.s390x.rpm
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: krb5-1.12.2-14.el7.src.rpm
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-4341 https://access.redhat.com/security/cve/CVE-2014-4342 https://access.redhat.com/security/cve/CVE-2014-4343 https://access.redhat.com/security/cve/CVE-2014-4344 https://access.redhat.com/security/cve/CVE-2014-4345 https://access.redhat.com/security/cve/CVE-2014-5352 https://access.redhat.com/security/cve/CVE-2014-5353 https://access.redhat.com/security/cve/CVE-2014-9421 https://access.redhat.com/security/cve/CVE-2014-9422 https://access.redhat.com/security/cve/CVE-2014-9423 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFU+GoxXlSAg2UNWIIRAtkZAJ9PYyHLsR1t+YWgqw4jb4XTtX8iuACgkxfi gZD8EL2lSaLXnIQxca8zLTg= =aK0y -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 6) - i386, x86_64
It was found that if a KDC served multiple realms, certain requests could cause the setup_server_realm() function to dereference a NULL pointer. (CVE-2014-4343)
These updated krb5 packages also include several bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.6 Technical Notes, linked to in the References section, for information on the most significant of these changes
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201407-0462", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "enterprise linux hpc node", scope: "eq", trust: 1.6, vendor: "redhat", version: "7.0", }, { model: "enterprise linux server", scope: "eq", trust: 1.6, vendor: "redhat", version: "7.0", }, { model: "enterprise linux workstation", scope: "eq", trust: 1.6, vendor: "redhat", version: "7.0", }, { model: "enterprise linux desktop", scope: "eq", trust: 1.6, vendor: "redhat", version: "7.0", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.9.3", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.10", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "7.0", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11.1", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.12", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.12.1", }, { model: "kerberos", scope: "eq", trust: 1, vendor: "mit", version: "5-1.10.6", }, { model: "kerberos", scope: "eq", trust: 1, vendor: "mit", version: "5-1.10.7", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.10.4", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.9", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.8", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.10.1", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11.3", }, { model: "kerberos", scope: "eq", trust: 1, vendor: "mit", version: "5-1.10.5", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11.4", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.10.2", }, { model: "kerberos", scope: "eq", trust: 1, vendor: "mit", version: "5-1.8", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.9.1", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.9.4", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.7", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.8.6", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.10.3", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11.2", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.8.1", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.8.2", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.8.4", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.8.3", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.7.1", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.9.2", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.8.5", }, { model: "kerberos", scope: "lt", trust: 0.8, vendor: "mit kerberos", version: "1.12.x", }, { model: "kerberos", scope: "eq", trust: 0.8, vendor: "mit kerberos", version: "5 1.7.x and later", }, { model: "kerberos", scope: "eq", trust: 0.8, vendor: "mit kerberos", version: "5 1.12.2", }, { model: "big-ip apm hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "aura collaboration environment", scope: "eq", trust: 0.3, vendor: "avaya", version: "3.0", }, { model: "big-ip afm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "enterprise manager", scope: "eq", trust: 0.3, vendor: "f5", version: "3.0", }, { model: "big-ip wom hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "enterprise linux hpc node optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip pem", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "big-ip edge gateway hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip aam", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "linux arm", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.11.4", }, { model: "big-ip apm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip psm hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "linux ia-64", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "6.2", }, { model: "big-ip pem", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "big-ip aam", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "enterprise linux server", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "big-ip asm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3.1", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "big-ip afm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "big-ip gtm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0", }, { model: "big-ip apm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip gtm hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "big-ip psm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.8.3", }, { model: "big-ip gtm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.8", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.11.1", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0", }, { model: "big-ip link controller hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.8.4", }, { model: "enterprise linux workstation", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1", }, { model: "business server", scope: "eq", trust: 0.3, vendor: "mandriva", version: "1x8664", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.9", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.11.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.8.1", }, { model: "big-ip link controller hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip apm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "aura collaboration environment", scope: "eq", trust: 0.3, vendor: "avaya", version: "2.0", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-iq device", scope: "eq", trust: 0.3, vendor: "f5", version: "4.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10.4", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "big-ip edge gateway hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "big-ip apm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.9.5", }, { model: "big-iq device", scope: "eq", trust: 0.3, vendor: "f5", version: "4.2", }, { model: "big-ip aam", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.0", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.0", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0", }, { model: "big-ip wom hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip asm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip asm hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.1", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.1", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10.2", }, { model: "big-ip edge gateway hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.1.1", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "ip office server edition", scope: "eq", trust: 0.3, vendor: "avaya", version: "9.0", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.00", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0.00", }, { model: "big-ip aam", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "big-ip asm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.00", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip link controller hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "big-iq cloud", scope: "eq", trust: 0.3, vendor: "f5", version: "4.0", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip afm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "big-iq security", scope: "eq", trust: 0.3, vendor: "f5", version: "4.0", }, { model: "big-ip asm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0.0", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1", }, { model: "big-ip apm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip psm hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip gtm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "enterprise manager", scope: "eq", trust: 0.3, vendor: "f5", version: "2.3", }, { model: "big-ip apm hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip gtm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.0", }, { model: "big-ip psm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip wom hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip link controller hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.7", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.12", }, { model: "big-ip psm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip gtm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "business server", scope: "eq", trust: 0.3, vendor: "mandriva", version: "1", }, { model: "big-iq cloud", scope: "eq", trust: 0.3, vendor: "f5", version: "4.3", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.2", }, { model: "power hmc", scope: "eq", trust: 0.3, vendor: "ibm", version: "8.8.1.0", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.11.2", }, { model: "big-ip wom hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip apm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.0", }, { model: "enterprise linux desktop optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "big-iq cloud", scope: "eq", trust: 0.3, vendor: "f5", version: "4.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10.3", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "cms r17", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "power hmc", scope: "eq", trust: 0.3, vendor: "ibm", version: "8.8.2.0", }, { model: "big-iq security", scope: "eq", trust: 0.3, vendor: "f5", version: "4.2", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "7", }, { model: "linux lts", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "14.04", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "big-ip apm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "enterprise linux hpc node", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "big-ip link controller hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.00", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "one-x client enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.8.2", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "10.1", }, { model: "big-ip edge gateway hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip pem", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "big-ip asm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.00", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip afm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "big-ip gtm hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-iq cloud", scope: "eq", trust: 0.3, vendor: "f5", version: "4.1", }, { model: "big-ip afm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "big-iq security", scope: "eq", trust: 0.3, vendor: "f5", version: "4.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.12.1", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.0", }, { model: "big-ip wom hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0", }, { model: "linux ia-32", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "enterprise manager", scope: "eq", trust: 0.3, vendor: "f5", version: "2.1", }, { model: "linux lts", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "12.04", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "linux mips", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "big-ip link controller hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "kerberos", scope: "ne", trust: 0.3, vendor: "mit", version: "51.12.2", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "big-ip gtm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0.00", }, { model: "big-ip link controller hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "big-ip gtm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "ip office application server", scope: "eq", trust: 0.3, vendor: "avaya", version: "9.0", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3.3", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.40", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.4", }, { model: "aura conferencing", scope: "eq", trust: 0.3, vendor: "avaya", version: "8.0", }, { model: "big-ip link controller hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-iq security", scope: "eq", trust: 0.3, vendor: "f5", version: "4.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.7.1", }, { model: "big-ip psm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1", }, { model: "enterprise manager", scope: "eq", trust: 0.3, vendor: "f5", version: "3.1.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10.1", }, { model: "big-ip psm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "linux s/390", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "big-ip asm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "enterprise manager", scope: "eq", trust: 0.3, vendor: "f5", version: "3.1", }, { model: "big-ip pem hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10.6", }, { model: "big-ip link controller hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.7.2", }, { model: "big-ip edge gateway hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.3", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip wom hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip asm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip psm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10.7", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "big-ip afm hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip edge gateway hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "enterprise linux desktop", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "linux 10.04.lts", scope: null, trust: 0.3, vendor: "ubuntu", version: null, }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "big-ip psm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "ip office server edition", scope: "eq", trust: 0.3, vendor: "avaya", version: "8.1", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "big-ip pem", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.2", }, { model: "enterprise manager", scope: "eq", trust: 0.3, vendor: "f5", version: "2.0", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, ], sources: [ { db: "BID", id: "68908", }, { db: "JVNDB", id: "JVNDB-2014-003509", }, { db: "NVD", id: "CVE-2014-4342", }, { db: "CNNVD", id: "CNNVD-201407-513", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos:5-1.8:alpha1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos:5-1.10.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos:5-1.10.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos:5-1.10.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2014-4342", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Reported by the vendor.", sources: [ { db: "BID", id: "68908", }, ], trust: 0.3, }, cve: "CVE-2014-4342", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 5, confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2014-4342", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2014-4342", trust: 1.8, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201407-513", trust: 0.6, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2014-4342", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULMON", id: "CVE-2014-4342", }, { db: "JVNDB", id: "JVNDB-2014-003509", }, { db: "NVD", id: "CVE-2014-4342", }, { db: "CNNVD", id: "CNNVD-201407-513", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session. MIT Kerberos 5 is prone to a remote denial-of-service vulnerability due to a NULL pointer dereference error. \nAn attacker may exploit this issue to crash the affected service, resulting in denial-of-service conditions. \nKerberos 5 versions 1.7.0 through 1.12.11 are vulnerable. \n\nCVE-2014-4343\n\n An unauthenticated remote attacker with the ability to spoof packets\n appearing to be from a GSSAPI acceptor can cause a double-free\n condition in GSSAPI initiators (clients) which are using the SPNEGO\n mechanism, by returning a different underlying mechanism than was\n proposed by the initiator. \n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 1.10.1+dfsg-5+deb7u2. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.12.1+dfsg-7. ==========================================================================\nUbuntu Security Notice USN-2310-1\nAugust 11, 2014\n\nkrb5 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Kerberos. This issue only affected Ubuntu\n12.04 LTS. This\nissue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. This issue only affected\nUbuntu 10.04 LTS and Ubuntu 12.04 LTS. \nThis issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. \n(CVE-2014-4344)\n\nTomas Kuthan and Greg Hudson discovered that the Kerberos kadmind daemon\nincorrectly handled buffers when used with the LDAP backend. (CVE-2014-4345)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n krb5-admin-server 1.12+dfsg-2ubuntu4.2\n krb5-kdc 1.12+dfsg-2ubuntu4.2\n krb5-kdc-ldap 1.12+dfsg-2ubuntu4.2\n krb5-otp 1.12+dfsg-2ubuntu4.2\n krb5-pkinit 1.12+dfsg-2ubuntu4.2\n krb5-user 1.12+dfsg-2ubuntu4.2\n libgssapi-krb5-2 1.12+dfsg-2ubuntu4.2\n libgssrpc4 1.12+dfsg-2ubuntu4.2\n libk5crypto3 1.12+dfsg-2ubuntu4.2\n libkadm5clnt-mit9 1.12+dfsg-2ubuntu4.2\n libkadm5srv-mit9 1.12+dfsg-2ubuntu4.2\n libkdb5-7 1.12+dfsg-2ubuntu4.2\n libkrad0 1.12+dfsg-2ubuntu4.2\n libkrb5-3 1.12+dfsg-2ubuntu4.2\n libkrb5support0 1.12+dfsg-2ubuntu4.2\n\nUbuntu 12.04 LTS:\n krb5-admin-server 1.10+dfsg~beta1-2ubuntu0.5\n krb5-kdc 1.10+dfsg~beta1-2ubuntu0.5\n krb5-kdc-ldap 1.10+dfsg~beta1-2ubuntu0.5\n krb5-pkinit 1.10+dfsg~beta1-2ubuntu0.5\n krb5-user 1.10+dfsg~beta1-2ubuntu0.5\n libgssapi-krb5-2 1.10+dfsg~beta1-2ubuntu0.5\n libgssrpc4 1.10+dfsg~beta1-2ubuntu0.5\n libk5crypto3 1.10+dfsg~beta1-2ubuntu0.5\n libkadm5clnt-mit8 1.10+dfsg~beta1-2ubuntu0.5\n libkadm5srv-mit8 1.10+dfsg~beta1-2ubuntu0.5\n libkdb5-6 1.10+dfsg~beta1-2ubuntu0.5\n libkrb5-3 1.10+dfsg~beta1-2ubuntu0.5\n libkrb5support0 1.10+dfsg~beta1-2ubuntu0.5\n\nUbuntu 10.04 LTS:\n krb5-admin-server 1.8.1+dfsg-2ubuntu0.13\n krb5-kdc 1.8.1+dfsg-2ubuntu0.13\n krb5-kdc-ldap 1.8.1+dfsg-2ubuntu0.13\n krb5-pkinit 1.8.1+dfsg-2ubuntu0.13\n krb5-user 1.8.1+dfsg-2ubuntu0.13\n libgssapi-krb5-2 1.8.1+dfsg-2ubuntu0.13\n libgssrpc4 1.8.1+dfsg-2ubuntu0.13\n libk5crypto3 1.8.1+dfsg-2ubuntu0.13\n libkadm5clnt-mit7 1.8.1+dfsg-2ubuntu0.13\n libkadm5srv-mit7 1.8.1+dfsg-2ubuntu0.13\n libkdb5-4 1.8.1+dfsg-2ubuntu0.13\n libkrb5-3 1.8.1+dfsg-2ubuntu0.13\n libkrb5support0 1.8.1+dfsg-2ubuntu0.13\n\nIn general, a standard system update will make all the necessary changes. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345\n http://advisories.mageia.org/MGASA-2014-0345.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n 3d717913ec53cd745cbaa0ea46321815 mbs1/x86_64/krb5-1.9.2-3.5.mbs1.x86_64.rpm\n e11b2338f4265d9241013211644543d9 mbs1/x86_64/krb5-pkinit-openssl-1.9.2-3.5.mbs1.x86_64.rpm\n 3dd7ce5af9b798a3be7fb22f3598e3a7 mbs1/x86_64/krb5-server-1.9.2-3.5.mbs1.x86_64.rpm\n a86c6a16fa6091672020b97d5873fc7f mbs1/x86_64/krb5-server-ldap-1.9.2-3.5.mbs1.x86_64.rpm\n c56d0f9b2f4f5b7145db65efd8d3627f mbs1/x86_64/krb5-workstation-1.9.2-3.5.mbs1.x86_64.rpm\n 67a0a6fc9192328cedd811db760089b4 mbs1/x86_64/lib64krb53-1.9.2-3.5.mbs1.x86_64.rpm\n ff121251269cab55a574bc5a06c739b0 mbs1/x86_64/lib64krb53-devel-1.9.2-3.5.mbs1.x86_64.rpm \n 0308ef62a73141b5f0915251796608c7 mbs1/SRPMS/krb5-1.9.2-3.5.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: krb5 security, bug fix and enhancement update\nAdvisory ID: RHSA-2015:0439-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-0439.html\nIssue date: 2015-03-05\nCVE Names: CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 \n CVE-2014-4344 CVE-2014-4345 CVE-2014-5352 \n CVE-2014-5353 CVE-2014-9421 CVE-2014-9422 \n CVE-2014-9423 \n=====================================================================\n\n1. Summary:\n\nUpdated krb5 packages that fix multiple security issues, several bugs, and\nadd various enhancements are now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\nKerberos is a networked authentication system which allows clients and\nservers to authenticate to each other with the help of a trusted third\nparty, the Kerberos KDC. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. A remote, unauthenticated attacker could\nuse this flaw to crash a GSSAPI-enabled server application. (CVE-2014-4344)\n\nA buffer overflow was found in the KADM5 administration server (kadmind)\nwhen it was used with an LDAP back end for the KDC database. A remote,\nauthenticated attacker could potentially use this flaw to execute arbitrary\ncode on the system running kadmind. (CVE-2014-4345)\n\nA use-after-free flaw was found in the way the MIT Kerberos libgssapi_krb5\nlibrary processed valid context deletion tokens. An attacker able to make\nan application using the GSS-API library (libgssapi) call the\ngss_process_context_token() function could use this flaw to crash that\napplication. (CVE-2014-5352)\n\nIf kadmind were used with an LDAP back end for the KDC database, a remote,\nauthenticated attacker with the permissions to set the password policy\ncould crash kadmind by attempting to use a named ticket policy object as a\npassword policy for a principal. (CVE-2014-5353)\n\nA double-free flaw was found in the way MIT Kerberos handled invalid\nExternal Data Representation (XDR) data. An authenticated user could use\nthis flaw to crash the MIT Kerberos administration server (kadmind), or\nother applications using Kerberos libraries, using specially crafted XDR\npackets. (CVE-2014-9421)\n\nIt was found that the MIT Kerberos administration server (kadmind)\nincorrectly accepted certain authentication requests for two-component\nserver principal names. A remote attacker able to acquire a key with a\nparticularly named principal (such as \"kad/x\") could use this flaw to\nimpersonate any user to kadmind, and perform administrative actions as that\nuser. (CVE-2014-9422)\n\nAn information disclosure flaw was found in the way MIT Kerberos RPCSEC_GSS\nimplementation (libgssrpc) handled certain requests. An attacker could send\na specially crafted request to an application using libgssrpc to disclose a\nlimited portion of uninitialized memory used by that application. \n(CVE-2014-9423)\n\nTwo buffer over-read flaws were found in the way MIT Kerberos handled\ncertain requests. A remote, unauthenticated attacker able to inject packets\ninto a client or server application's GSSAPI session could use either of\nthese flaws to crash the application. (CVE-2014-4341, CVE-2014-4342)\n\nA double-free flaw was found in the MIT Kerberos SPNEGO initiators. An\nattacker able to spoof packets to appear as though they are from an GSSAPI\nacceptor could use this flaw to crash a client application that uses MIT\nKerberos. (CVE-2014-4343)\n\nRed Hat would like to thank the MIT Kerberos project for reporting the\nCVE-2014-5352, CVE-2014-9421, CVE-2014-9422, and CVE-2014-9423 issues. MIT\nKerberos project acknowledges Nico Williams for helping with the analysis\nof CVE-2014-5352. \n\nThe krb5 packages have been upgraded to upstream version 1.12, which\nprovides a number of bug fixes and enhancements, including:\n\n* Added plug-in interfaces for principal-to-username mapping and verifying\nauthorization to user accounts. \n\n* When communicating with a KDC over a connected TCP or HTTPS socket, the\nclient gives the KDC more time to reply before it transmits the request to\nanother server. (BZ#1049709, BZ#1127995)\n\nThis update also fixes multiple bugs, for example:\n\n* The Kerberos client library did not recognize certain exit statuses that\nthe resolver libraries could return when looking up the addresses of\nservers configured in the /etc/krb5.conf file or locating Kerberos servers\nusing DNS service location. The library could treat non-fatal return codes\nas fatal errors. Now, the library interprets the specific return codes\ncorrectly. (BZ#1084068, BZ#1109102)\n\nIn addition, this update adds various enhancements. Among others:\n\n* Added support for contacting KDCs and kpasswd servers through HTTPS\nproxies implementing the Kerberos KDC Proxy (KKDCP) protocol. (BZ#1109919)\n\n4. Solution:\n\nAll krb5 users are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements. \n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1084068 - ipv6 address handling in krb5.conf\n1102837 - Please backport improved GSSAPI mech configuration\n1109102 - Kerberos does not handle incorrect Active Directory DNS SRV entries correctly\n1109919 - Backport https support into libkrb5\n1116180 - CVE-2014-4341 krb5: denial of service flaws when handling padding length longer than the plaintext\n1118347 - ksu non-functional, gets invalid argument copying cred cache\n1120581 - CVE-2014-4342 krb5: denial of service flaws when handling RFC 1964 tokens\n1121789 - CVE-2014-4343: use-after-free crash in SPNEGO\n1121876 - CVE-2014-4343 krb5: double-free flaw in SPNEGO initiators\n1121877 - CVE-2014-4344 krb5: NULL pointer dereference flaw in SPNEGO acceptor for continuation tokens\n1127995 - aggressive kinit timeout causes AS_REQ resent and subsequent OTP auth failure\n1128157 - CVE-2014-4345 krb5: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001)\n1166012 - libkadmclnt SONAME change (8 to 9) in krb5 1.12 update\n1174543 - CVE-2014-5353 krb5: NULL pointer dereference when using a ticket policy name as a password policy name\n1179856 - CVE-2014-5352 krb5: gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)\n1179857 - CVE-2014-9421 krb5: kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)\n1179861 - CVE-2014-9422 krb5: kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)\n1179863 - CVE-2014-9423 krb5: libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)\n1184629 - kinit loops on principals on unknown error\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nkrb5-1.12.2-14.el7.src.rpm\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-libs-1.12.2-14.el7.i686.rpm\nkrb5-libs-1.12.2-14.el7.x86_64.rpm\nkrb5-pkinit-1.12.2-14.el7.x86_64.rpm\nkrb5-workstation-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-devel-1.12.2-14.el7.i686.rpm\nkrb5-devel-1.12.2-14.el7.x86_64.rpm\nkrb5-server-1.12.2-14.el7.x86_64.rpm\nkrb5-server-ldap-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nkrb5-1.12.2-14.el7.src.rpm\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-libs-1.12.2-14.el7.i686.rpm\nkrb5-libs-1.12.2-14.el7.x86_64.rpm\nkrb5-pkinit-1.12.2-14.el7.x86_64.rpm\nkrb5-workstation-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-devel-1.12.2-14.el7.i686.rpm\nkrb5-devel-1.12.2-14.el7.x86_64.rpm\nkrb5-server-1.12.2-14.el7.x86_64.rpm\nkrb5-server-ldap-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nkrb5-1.12.2-14.el7.src.rpm\n\nppc64:\nkrb5-debuginfo-1.12.2-14.el7.ppc.rpm\nkrb5-debuginfo-1.12.2-14.el7.ppc64.rpm\nkrb5-devel-1.12.2-14.el7.ppc.rpm\nkrb5-devel-1.12.2-14.el7.ppc64.rpm\nkrb5-libs-1.12.2-14.el7.ppc.rpm\nkrb5-libs-1.12.2-14.el7.ppc64.rpm\nkrb5-pkinit-1.12.2-14.el7.ppc64.rpm\nkrb5-server-1.12.2-14.el7.ppc64.rpm\nkrb5-server-ldap-1.12.2-14.el7.ppc64.rpm\nkrb5-workstation-1.12.2-14.el7.ppc64.rpm\n\ns390x:\nkrb5-debuginfo-1.12.2-14.el7.s390.rpm\nkrb5-debuginfo-1.12.2-14.el7.s390x.rpm\nkrb5-devel-1.12.2-14.el7.s390.rpm\nkrb5-devel-1.12.2-14.el7.s390x.rpm\nkrb5-libs-1.12.2-14.el7.s390.rpm\nkrb5-libs-1.12.2-14.el7.s390x.rpm\nkrb5-pkinit-1.12.2-14.el7.s390x.rpm\nkrb5-server-1.12.2-14.el7.s390x.rpm\nkrb5-server-ldap-1.12.2-14.el7.s390x.rpm\nkrb5-workstation-1.12.2-14.el7.s390x.rpm\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-devel-1.12.2-14.el7.i686.rpm\nkrb5-devel-1.12.2-14.el7.x86_64.rpm\nkrb5-libs-1.12.2-14.el7.i686.rpm\nkrb5-libs-1.12.2-14.el7.x86_64.rpm\nkrb5-pkinit-1.12.2-14.el7.x86_64.rpm\nkrb5-server-1.12.2-14.el7.x86_64.rpm\nkrb5-server-ldap-1.12.2-14.el7.x86_64.rpm\nkrb5-workstation-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nkrb5-1.12.2-14.el7.src.rpm\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-devel-1.12.2-14.el7.i686.rpm\nkrb5-devel-1.12.2-14.el7.x86_64.rpm\nkrb5-libs-1.12.2-14.el7.i686.rpm\nkrb5-libs-1.12.2-14.el7.x86_64.rpm\nkrb5-pkinit-1.12.2-14.el7.x86_64.rpm\nkrb5-server-1.12.2-14.el7.x86_64.rpm\nkrb5-server-ldap-1.12.2-14.el7.x86_64.rpm\nkrb5-workstation-1.12.2-14.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-4341\nhttps://access.redhat.com/security/cve/CVE-2014-4342\nhttps://access.redhat.com/security/cve/CVE-2014-4343\nhttps://access.redhat.com/security/cve/CVE-2014-4344\nhttps://access.redhat.com/security/cve/CVE-2014-4345\nhttps://access.redhat.com/security/cve/CVE-2014-5352\nhttps://access.redhat.com/security/cve/CVE-2014-5353\nhttps://access.redhat.com/security/cve/CVE-2014-9421\nhttps://access.redhat.com/security/cve/CVE-2014-9422\nhttps://access.redhat.com/security/cve/CVE-2014-9423\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFU+GoxXlSAg2UNWIIRAtkZAJ9PYyHLsR1t+YWgqw4jb4XTtX8iuACgkxfi\ngZD8EL2lSaLXnIQxca8zLTg=\n=aK0y\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 6) - i386, x86_64\n\n3. \n\nIt was found that if a KDC served multiple realms, certain requests could\ncause the setup_server_realm() function to dereference a NULL pointer. (CVE-2014-4343)\n\nThese updated krb5 packages also include several bug fixes. Space precludes\ndocumenting all of these changes in this advisory. Users are directed to\nthe Red Hat Enterprise Linux 6.6 Technical Notes, linked to in the\nReferences section, for information on the most significant of these\nchanges", sources: [ { db: "NVD", id: "CVE-2014-4342", }, { db: "JVNDB", id: "JVNDB-2014-003509", }, { db: "BID", id: "68908", }, { db: "VULMON", id: "CVE-2014-4342", }, { db: "PACKETSTORM", id: "127813", }, { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "128077", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, ], trust: 2.43, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2014-4342", trust: 3.3, }, { db: "BID", id: "68908", trust: 1.4, }, { db: "SECUNIA", id: "60082", trust: 1.1, }, { db: "SECUNIA", id: "59102", trust: 1.1, }, { db: "SECTRACK", id: "1030706", trust: 1.1, }, { db: "JVNDB", id: "JVNDB-2014-003509", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201407-513", trust: 0.6, }, { db: "VULMON", id: "CVE-2014-4342", trust: 0.1, }, { db: "PACKETSTORM", id: "127813", trust: 0.1, }, { db: "PACKETSTORM", id: "127825", trust: 0.1, }, { db: "PACKETSTORM", id: "128077", trust: 0.1, }, { db: "PACKETSTORM", id: "130669", trust: 0.1, }, { db: "PACKETSTORM", id: "128660", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2014-4342", }, { db: "BID", id: "68908", }, { db: "JVNDB", id: "JVNDB-2014-003509", }, { db: "PACKETSTORM", id: "127813", }, { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "128077", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, { db: "NVD", id: "CVE-2014-4342", }, { db: "CNNVD", id: "CNNVD-201407-513", }, ], }, id: "VAR-201407-0462", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.44401007833333334, }, last_update_date: "2023-12-18T11:10:38.739000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "krb5/krb5", trust: 0.8, url: "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73", }, { title: "RHSA-2015:0439", trust: 0.8, url: "https://rhn.redhat.com/errata/rhsa-2015-0439.html", }, { title: "Ticket #7949 Handle invalid RFC 1964 tokens [CVE-2014-4341 CVE-2014-4342]", trust: 0.8, url: "http://krbdev.mit.edu/rt/ticket/display.html?id=7949", }, { title: "Multiple Buffer Errors vulnerabilities in Kerberos", trust: 0.8, url: "https://blogs.oracle.com/sunsecurity/entry/multiple_buffer_errors_vulnerabilities_in4", }, { title: "Red Hat: CVE-2014-4342", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=cve-2014-4342", }, { title: "Debian CVElist Bug Report Logs: CVE-2014-4344 in krb5: NULL dereference in GSSAPI servers", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=35d4f3ce5652ab755f81ed48de881600", }, { title: "Debian CVElist Bug Report Logs: CVE-2014-4343 in krb5: double-free in SPNEGO initiators", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=9c2c9693f1995e06458de00ef1a741ea", }, { title: "Debian CVElist Bug Report Logs: CVE-2014-4345 in krb5-kdc-ldap: buffer overrun in kadmind", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=5b462e2e6415f47bd0fd28d7421f6993", }, { title: "Debian Security Advisories: DSA-3000-1 krb5 -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=4185a1f803abcb8297ba9b981d24413f", }, { title: "Debian CVElist Bug Report Logs: CVE-2014-4341 in krb5: insufficient validation processing rfc 1964 tokens", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=4d39c93e60e14a46f4d47ceeb92df9f3", }, { title: "Debian CVElist Bug Report Logs: CVE-2014-4342 in krb5: insufficient validation processing rfc 1964 tokens", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=289247c77758756a143eb9a839abfd1d", }, { title: "Ubuntu Security Notice: krb5 vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=usn-2310-1", }, { title: "Amazon Linux AMI: ALAS-2014-443", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=alas-2014-443", }, { title: "Oracle: Oracle Critical Patch Update Advisory - October 2017", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=523d3f220a64ff01dd95e064bd37566a", }, ], sources: [ { db: "VULMON", id: "CVE-2014-4342", }, { db: "JVNDB", id: "JVNDB-2014-003509", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2014-003509", }, { db: "NVD", id: "CVE-2014-4342", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "http://krbdev.mit.edu/rt/ticket/display.html?id=7949", }, { trust: 2, url: "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73", }, { trust: 1.2, url: "http://rhn.redhat.com/errata/rhsa-2015-0439.html", }, { trust: 1.2, url: "http://advisories.mageia.org/mgasa-2014-0345.html", }, { trust: 1.1, url: "http://www.debian.org/security/2014/dsa-3000", }, { trust: 1.1, url: "http://www.securitytracker.com/id/1030706", }, { trust: 1.1, url: "http://www.securityfocus.com/bid/68908", }, { trust: 1.1, url: "http://www.mandriva.com/security/advisories?name=mdvsa-2014:165", }, { trust: 1.1, url: "http://secunia.com/advisories/60082", }, { trust: 1.1, url: "http://secunia.com/advisories/59102", }, { trust: 1.1, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/94903", }, { trust: 1.1, url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { trust: 0.9, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4342", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4342", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4345", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4341", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4344", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4342", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4343", }, { trust: 0.3, url: "http://web.mit.edu/kerberos/", }, { trust: 0.3, url: "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15547.html?%20ref=rss", }, { trust: 0.3, url: "https://downloads.avaya.com/css/p8/documents/101004185", }, { trust: 0.3, url: "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020664", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2014-4342", }, { trust: 0.2, url: "http://www.debian.org/security/", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2013-1418", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2013-6800", }, { trust: 0.2, url: "https://access.redhat.com/articles/11258", }, { trust: 0.2, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.2, url: "https://www.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.2, url: "https://bugzilla.redhat.com/):", }, { trust: 0.2, url: "https://access.redhat.com/security/updates/classification/#moderate", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/119.html", }, { trust: 0.1, url: "http://tools.cisco.com/security/center/viewalert.x?alertid=36462", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://usn.ubuntu.com/2310-1/", }, { trust: 0.1, url: "http://www.debian.org/security/faq", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/krb5/1.8.1+dfsg-2ubuntu0.13", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/krb5/1.12+dfsg-2ubuntu4.2", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-1416", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/krb5/1.10+dfsg~beta1-2ubuntu0.5", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2012-1016", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-1415", }, { trust: 0.1, url: "http://www.ubuntu.com/usn/usn-2310-1", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4344", }, { trust: 0.1, url: "http://www.mandriva.com/en/support/security/", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4345", }, { trust: 0.1, url: "http://www.mandriva.com/en/support/security/advisories/", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4341", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4343", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-9421", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-5353", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-9423", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4341", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-5353", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-9422", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-9421", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4345", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-9423", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-5352", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-5352", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-9422", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4344", }, { trust: 0.1, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2013-6800.html", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4345.html", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4344.html", }, { trust: 0.1, url: "https://rhn.redhat.com/errata/rhsa-2014-1389.html", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4343.html", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2013-1418.html", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/6.6_technical_notes/krb5.html#rhsa-2014-1389", }, { trust: 0.1, url: "https://access.redhat.com/security/team/key/#package", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4342.html", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4341.html", }, ], sources: [ { db: "VULMON", id: "CVE-2014-4342", }, { db: "BID", id: "68908", }, { db: "JVNDB", id: "JVNDB-2014-003509", }, { db: "PACKETSTORM", id: "127813", }, { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "128077", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, { db: "NVD", id: "CVE-2014-4342", }, { db: "CNNVD", id: "CNNVD-201407-513", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2014-4342", }, { db: "BID", id: "68908", }, { db: "JVNDB", id: "JVNDB-2014-003509", }, { db: "PACKETSTORM", id: "127813", }, { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "128077", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, { db: "NVD", id: "CVE-2014-4342", }, { db: "CNNVD", id: "CNNVD-201407-513", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2014-07-20T00:00:00", db: "VULMON", id: "CVE-2014-4342", }, { date: "2014-07-25T00:00:00", db: "BID", id: "68908", }, { date: "2014-07-23T00:00:00", db: "JVNDB", id: "JVNDB-2014-003509", }, { date: "2014-08-11T13:33:00", db: "PACKETSTORM", id: "127813", }, { date: "2014-08-11T18:24:00", db: "PACKETSTORM", id: "127825", }, { date: "2014-09-02T20:17:38", db: "PACKETSTORM", id: "128077", }, { date: "2015-03-05T21:51:51", db: "PACKETSTORM", id: "130669", }, { date: "2014-10-14T23:04:48", db: "PACKETSTORM", id: "128660", }, { date: "2014-07-20T11:12:50.870000", db: "NVD", id: "CVE-2014-4342", }, { date: "2014-07-23T00:00:00", db: "CNNVD", id: "CNNVD-201407-513", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-01-21T00:00:00", db: "VULMON", id: "CVE-2014-4342", }, { date: "2015-05-07T17:31:00", db: "BID", id: "68908", }, { date: "2015-06-08T00:00:00", db: "JVNDB", id: "JVNDB-2014-003509", }, { date: "2020-01-21T15:46:47.197000", db: "NVD", id: "CVE-2014-4342", }, { date: "2014-07-23T00:00:00", db: "CNNVD", id: "CNNVD-201407-513", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "128077", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, { db: "CNNVD", id: "CNNVD-201407-513", }, ], trust: 1, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "MIT Kerberos 5 Service disruption in (DoS) Vulnerabilities", sources: [ { db: "JVNDB", id: "JVNDB-2014-003509", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer overflow", sources: [ { db: "CNNVD", id: "CNNVD-201407-513", }, ], trust: 0.6, }, }
var-200506-0133
Vulnerability from variot
Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. Included with many products Telnet Clients NEW-ENVIRON By command Telnet There is a problem that the environment variable information is illegally taken because the restriction of the environment variable sent to the server is inappropriate.By a third party IFRAME Tag and "TELNET://" Formal URI Etc., Web Malicious via page or email Telnet By enticing a target user to connect to a server, they may be able to obtain important information about the target system, such as the user's name, search path for executables, and locations of important data. still, Microsoft Windows 2000 Is not affected by this issue, Microsoft Windows Services for UNIX If you are using, you may be affected by this issue. Also some Linux Included with the distribution Kerberos Has been reported to be affected by this issue. Telnet clients provided by multiple vendors are prone to a remote information-disclosure vulnerability. Attackers can retrieve any information stored in the environment of clients using the affected telnet application.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: Microsoft Telnet Client Information Disclosure Weakness
SECUNIA ADVISORY ID: SA15690
VERIFY ADVISORY: http://secunia.com/advisories/15690/
CRITICAL: Not critical
IMPACT: Exposure of system information
WHERE:
From remote
OPERATING SYSTEM: Microsoft Windows XP Professional http://secunia.com/product/22/ Microsoft Windows XP Home Edition http://secunia.com/product/16/ Microsoft Windows Server 2003 Web Edition http://secunia.com/product/1176/ Microsoft Windows Server 2003 Datacenter Edition http://secunia.com/product/1175/ Microsoft Windows Server 2003 Standard Edition http://secunia.com/product/1173/ Microsoft Windows Server 2003 Enterprise Edition http://secunia.com/product/1174/
SOFTWARE: Microsoft Windows Services for UNIX 2.x http://secunia.com/product/5243/ Microsoft Windows Services for UNIX 3.x http://secunia.com/product/5244/
DESCRIPTION: Ga\xebl Delalleau has reported a weakness has been reported in Microsoft Windows, which can be exploited by malicious people to gain knowledge of various information.
Successful exploitation requires that a user e.g. visits a malicious web site or is tricked into clicking a specially crafted link.
SOLUTION: Apply patches.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200506-0133", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "sunos", scope: "eq", trust: 1.3, vendor: "sun", version: "5.9", }, { model: "telnet client", scope: "eq", trust: 1, vendor: "microsoft", version: "5.1.2600.2180", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.3.4", }, { model: null, scope: null, trust: 0.8, vendor: "microsoft", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "red hat", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "sun microsystems", version: null, }, { model: "mac os x", scope: "eq", trust: 0.8, vendor: "apple", version: "v10.3.9", }, { model: "mac os x", scope: "eq", trust: 0.8, vendor: "apple", version: "v10.4.7", }, { model: "mac os x server", scope: "eq", trust: 0.8, vendor: "apple", version: "v10.3.9", }, { model: "mac os x server", scope: "eq", trust: 0.8, vendor: "apple", version: "v10.4.7", }, { model: "asianux server", scope: "eq", trust: 0.8, vendor: "cybertrust", version: "2.0", }, { model: "asianux server", scope: "eq", trust: 0.8, vendor: "cybertrust", version: "2.1", }, { model: "seam", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "1.0 (for solaris 7)", }, { model: "seam", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "1.0.1 (for solaris 8)", }, { model: "seam", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "1.0.2 (for solaris 9)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "10 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "10 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "7.0 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "7.0 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "8 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "8 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "9 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "9 (x86)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "2.1 (as)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "2.1 (es)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "2.1 (ws)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "3 (as)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "3 (es)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "3 (ws)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "4 (as)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "4 (es)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "4 (ws)", }, { model: "enterprise linux desktop", scope: "eq", trust: 0.8, vendor: "red hat", version: "3.0", }, { model: "enterprise linux desktop", scope: "eq", trust: 0.8, vendor: "red hat", version: "4.0", }, { model: "linux advanced workstation", scope: "eq", trust: 0.8, vendor: "red hat", version: "2.1", }, { model: "kerberos", scope: "eq", trust: 0.6, vendor: "mit", version: "5-1.3.4", }, { model: "solaris", scope: "eq", trust: 0.6, vendor: "sun", version: "5.9", }, { model: "linux personal", scope: "eq", trust: 0.3, vendor: "s u s e", version: "8.2", }, { model: "windows xp home sp1", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "8.0", }, { model: "sunos x86", scope: "eq", trust: 0.3, vendor: "sun", version: "5.8", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.8", }, { model: "s8500 r2.0.0", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.1", }, { model: "windows server standard edition", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003x64", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.2", }, { model: "s8700 r2.0.0", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "multi network firewall", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "2.0", }, { model: "enterprise linux ws", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.4", }, { model: "seam", scope: "eq", trust: 0.3, vendor: "sun", version: "1.0.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.5", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "5.2", }, { model: "windows xp professional", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "suse", version: "7.2", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "4.2", }, { model: "windows server enterprise edition sp1 beta", scope: "eq", trust: 0.3, vendor: "microsoft", version: "20031", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.9", }, { model: "solaris 2.7 sparc", scope: null, trust: 0.3, vendor: "sun", version: null, }, { model: "open server", scope: "eq", trust: 0.3, vendor: "sco", version: "5.0.6", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "10.1", }, { model: "windows server enterprise edition itanium", scope: "eq", trust: 0.3, vendor: "microsoft", version: "20030", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.2", }, { model: "windows xp tablet pc edition sp1", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.4", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "1.0", }, { model: "linux mandrake amd64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "10.0", }, { model: "windows xp professional edition", scope: "eq", trust: 0.3, vendor: "microsoft", version: "x64", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "10.2", }, { model: "windows xp tablet pc edition", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "6.4", }, { model: "linux personal", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.3", }, { model: "open-enterprise-server", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.0", }, { model: "windows server enterprise edition sp1", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003", }, { model: "directory pro", scope: "eq", trust: 0.3, vendor: "cosmicperl", version: "10.0.3", }, { model: "enterprise linux es", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux es", scope: "eq", trust: 0.3, vendor: "redhat", version: "3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.6", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.0", }, { model: "corporate server x86 64", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "2.1", }, { model: "mn100", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.3", }, { model: "big-ip", scope: "ne", trust: 0.3, vendor: "f5", version: "4.5.13", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.1", }, { model: "seam", scope: "eq", trust: 0.3, vendor: "sun", version: "1.0.2", }, { model: "open server", scope: "eq", trust: 0.3, vendor: "sco", version: "5.0.7", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3", }, { model: "advanced workstation for the itanium processor", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.1", }, { model: "windows xp 64-bit edition", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "s8500 r2.0.1", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.6", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "suse", version: "7.0", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.03", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "6.0", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.12", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5", }, { model: "windows server enterprise edition itanium sp1", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1", }, { model: "seam", scope: "eq", trust: 0.3, vendor: "sun", version: "1.0", }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "6.3", }, { model: "enterprise linux ws ia64", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.1", }, { model: "windows server standard edition sp1 beta", scope: "eq", trust: 0.3, vendor: "microsoft", version: "20031", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.2", }, { model: "windows server standard edition sp1", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "suse", version: "8.0", }, { model: "windows xp media center edition", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.4", }, { model: "linux alpha", scope: "eq", trust: 0.3, vendor: "suse", version: "7.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.8", }, { model: "windows xp media center edition sp2", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.1", }, { model: "s8710 r2.0.1", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.4", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "6.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.3", }, { model: "3-dns", scope: "ne", trust: 0.3, vendor: "f5", version: "4.5.13", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "3.0", }, { model: "linux personal", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.1", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "4.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.2", }, { model: "sunos x86", scope: "eq", trust: 0.3, vendor: "sun", version: "5.9", }, { model: "linux personal x86 64", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.3", }, { model: "windows server datacenter edition itanium", scope: "eq", trust: 0.3, vendor: "microsoft", version: "20030", }, { model: "solaris 8 sparc", scope: null, trust: 0.3, vendor: "sun", version: null, }, { model: "linux imap server", scope: "eq", trust: 0.3, vendor: "s u s e", version: "1.0", }, { model: "windows server datacenter edition sp1 beta", scope: "eq", trust: 0.3, vendor: "microsoft", version: "20031", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.3", }, { model: "big-ip", scope: "ne", trust: 0.3, vendor: "f5", version: "4.7", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "9", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "6.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.7", }, { model: "sunos", scope: "eq", trust: 0.3, vendor: "sun", version: "5.8", }, { model: "enterprise linux es", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.1", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "5.0", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.11", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "7.1", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.6.2", }, { model: "windows xp tablet pc edition sp2", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.1", }, { model: "desktop", scope: "eq", trust: 0.3, vendor: "redhat", version: "4.0", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.3", }, { model: "windows server enterprise edition itanium sp1 beta", scope: "eq", trust: 0.3, vendor: "microsoft", version: "20031", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "8.1", }, { model: "linux enterprise server", scope: "eq", trust: 0.3, vendor: "suse", version: "8", }, { model: "linux openexchange server", scope: null, trust: 0.3, vendor: "suse", version: null, }, { model: "linux enterprise server", scope: "eq", trust: 0.3, vendor: "suse", version: "7", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "7.1x86", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "4.4", }, { model: "linux alpha", scope: "eq", trust: 0.3, vendor: "suse", version: "6.1", }, { model: "intuity lx", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.6.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.8", }, { model: "linux enterprise server for s/390", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.0", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "2.8", }, { model: "corporate server x86 64", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "3.0", }, { model: "linux personal x86 64", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.1", }, { model: "linux professional", scope: "eq", trust: 0.3, vendor: "s u s e", version: "8.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.5", }, { model: "3-dns", scope: "ne", trust: 0.3, vendor: "f5", version: "4.7", }, { model: "linux desktop", scope: "eq", trust: 0.3, vendor: "suse", version: "1.0", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "6.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.1", }, { model: "windows server datacenter edition itanium sp1 beta", scope: "eq", trust: 0.3, vendor: "microsoft", version: "20031", }, { model: "linux alpha", scope: "eq", trust: 0.3, vendor: "suse", version: "7.0", }, { model: "advanced workstation for the itanium processor ia64", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.1", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "2.0", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.1", }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.0", }, { model: "solaris 8 x86", scope: null, trust: 0.3, vendor: "sun", version: null, }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "2.7", }, { model: "windows server datacenter edition", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.2", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "7.2", }, { model: "sunos", scope: "eq", trust: 0.3, vendor: "sun", version: "5.7", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.6.3", }, { model: "s8300 r2.0.0", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "suse", version: "6.4", }, { model: "propack sp5", scope: "eq", trust: 0.3, vendor: "sgi", version: "3.0", }, { model: "linux database server", scope: "eq", trust: 0.3, vendor: "s u s e", version: "0", }, { model: "services for unix", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2.2", }, { model: "windows xp professional sp1", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "7.3", }, { model: "unixware", scope: "eq", trust: 0.3, vendor: "sco", version: "7.1.4", }, { model: "windows server standard edition", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003", }, { model: "services for unix", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.9", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "5.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.5", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "4.4.1", }, { model: "windows server enterprise edition", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003x64", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.6", }, { model: "services for unix", scope: "eq", trust: 0.3, vendor: "microsoft", version: "3.0", }, { model: "linux professional", scope: "eq", trust: 0.3, vendor: "s u s e", version: "7.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.6", }, { model: "linux personal", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.6", }, { model: "enterprise linux as ia64", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.1", }, { model: "linux personal", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.0", }, { model: "s8300 r2.0.1", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "10", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "7.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.4", }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "10.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.6", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.7", }, { model: "windows xp home", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "10.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.3", }, { model: "enterprise linux as", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux as", scope: "eq", trust: 0.3, vendor: "redhat", version: "3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.1", }, { model: "windows xp media center edition sp1", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.0", }, { model: "modular messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "2.0", }, { model: "linux office server", scope: null, trust: 0.3, vendor: "s u s e", version: null, }, { model: "s8710 r2.0.0", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "propack sp6", scope: "eq", trust: 0.3, vendor: "sgi", version: "3.0", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.11", }, { model: "suse linux school server for i386", scope: null, trust: 0.3, vendor: "s u s e", version: null, }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.6", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.6.2", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "7.0", }, { model: "solaris 7.0 x86", scope: null, trust: 0.3, vendor: "sun", version: null, }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.7", }, { model: "enterprise linux ws", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux ws", scope: "eq", trust: 0.3, vendor: "redhat", version: "3", }, { model: "solaris 9 x86 update", scope: "eq", trust: 0.3, vendor: "sun", version: "2", }, { model: "desktop", scope: "eq", trust: 0.3, vendor: "redhat", version: "3.0", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.8", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.3", }, { model: "s8700 r2.0.1", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "linux personal x86 64", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.2", }, { model: "services for unix", scope: "eq", trust: 0.3, vendor: "microsoft", version: "3.5", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.9", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.3", }, { model: "windows xp professional sp2", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "windows xp home sp2", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "suse email server iii", scope: null, trust: 0.3, vendor: "s u s e", version: null, }, { model: "corporate server", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "2.1", }, { model: "linux personal x86 64", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.0", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.5", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "suse", version: "7.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.2", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.3", }, { model: "services for unix", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2.0", }, { model: "windows xp 64-bit edition sp1", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "solaris 9 x86", scope: null, trust: 0.3, vendor: "sun", version: null, }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.12", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "6.1", }, { model: "windows xp 64-bit edition version sp1", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.4", }, { model: "corporate server", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "3.0", }, { model: "linux alpha", scope: "eq", trust: 0.3, vendor: "suse", version: "6.4", }, { model: "sunos x86", scope: "eq", trust: 0.3, vendor: "sun", version: "5.7", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.3", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0", }, { model: "windows server datacenter edition sp1", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.3", }, { model: "suse email server", scope: "eq", trust: 0.3, vendor: "s u s e", version: "3.1", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.5", }, { model: "linux enterprise server for s/390", scope: null, trust: 0.3, vendor: "s u s e", version: null, }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.7", }, { model: "converged communications server", scope: "eq", trust: 0.3, vendor: "avaya", version: "2.0", }, { model: "unixware", scope: "eq", trust: 0.3, vendor: "sco", version: "7.1.3", }, { model: "linux enterprise server", scope: "eq", trust: 0.3, vendor: "suse", version: "9", }, { model: "modular messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "1.1", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "4.0", }, { model: "windows server enterprise edition", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.2", }, { model: "linux connectivity server", scope: null, trust: 0.3, vendor: "s u s e", version: null, }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.3", }, { model: "enterprise linux es ia64", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.1", }, { model: "windows xp 64-bit edition version", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003", }, { model: "windows server datacenter edition itanium sp1", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "10.0", }, { model: "enterprise linux as", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.1", }, { model: "windows server datacenter edition", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003x64", }, { model: "linux alpha", scope: "eq", trust: 0.3, vendor: "suse", version: "6.3", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "5.3", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.10", }, ], sources: [ { db: "CERT/CC", id: "VU#800829", }, { db: "BID", id: "13940", }, { db: "JVNDB", id: "JVNDB-2005-000380", }, { db: "CNNVD", id: "CNNVD-200506-129", }, { db: "NVD", id: "CVE-2005-0488", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:microsoft:telnet_client:5.1.2600.2180:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2005-0488", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Gaël Delalleau gael.delalleau+ moz@m4x.org", sources: [ { db: "CNNVD", id: "CNNVD-200506-129", }, ], trust: 0.6, }, cve: "CVE-2005-0488", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "None", baseScore: 5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2005-0488", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2005-0488", trust: 1.8, value: "MEDIUM", }, { author: "CARNEGIE MELLON", id: "VU#800829", trust: 0.8, value: "0.17", }, { author: "CNNVD", id: "CNNVD-200506-129", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CERT/CC", id: "VU#800829", }, { db: "JVNDB", id: "JVNDB-2005-000380", }, { db: "CNNVD", id: "CNNVD-200506-129", }, { db: "NVD", id: "CVE-2005-0488", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. Included with many products Telnet Clients NEW-ENVIRON By command Telnet There is a problem that the environment variable information is illegally taken because the restriction of the environment variable sent to the server is inappropriate.By a third party IFRAME Tag and \"TELNET://\" Formal URI Etc., Web Malicious via page or email Telnet By enticing a target user to connect to a server, they may be able to obtain important information about the target system, such as the user's name, search path for executables, and locations of important data. still, Microsoft Windows 2000 Is not affected by this issue, Microsoft Windows Services for UNIX If you are using, you may be affected by this issue. Also some Linux Included with the distribution Kerberos Has been reported to be affected by this issue. Telnet clients provided by multiple vendors are prone to a remote information-disclosure vulnerability. \nAttackers can retrieve any information stored in the environment of clients using the affected telnet application. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nMicrosoft Telnet Client Information Disclosure Weakness\n\nSECUNIA ADVISORY ID:\nSA15690\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15690/\n\nCRITICAL:\nNot critical\n\nIMPACT:\nExposure of system information\n\nWHERE:\n>From remote\n\nOPERATING SYSTEM:\nMicrosoft Windows XP Professional\nhttp://secunia.com/product/22/\nMicrosoft Windows XP Home Edition\nhttp://secunia.com/product/16/\nMicrosoft Windows Server 2003 Web Edition\nhttp://secunia.com/product/1176/\nMicrosoft Windows Server 2003 Datacenter Edition\nhttp://secunia.com/product/1175/\nMicrosoft Windows Server 2003 Standard Edition\nhttp://secunia.com/product/1173/\nMicrosoft Windows Server 2003 Enterprise Edition\nhttp://secunia.com/product/1174/\n\nSOFTWARE:\nMicrosoft Windows Services for UNIX 2.x\nhttp://secunia.com/product/5243/\nMicrosoft Windows Services for UNIX 3.x\nhttp://secunia.com/product/5244/\n\nDESCRIPTION:\nGa\\xebl Delalleau has reported a weakness has been reported in Microsoft\nWindows, which can be exploited by malicious people to gain knowledge\nof various information. \n\nSuccessful exploitation requires that a user e.g. visits a malicious\nweb site or is tricked into clicking a specially crafted link. \n\nSOLUTION:\nApply patches. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n", sources: [ { db: "NVD", id: "CVE-2005-0488", }, { db: "CERT/CC", id: "VU#800829", }, { db: "JVNDB", id: "JVNDB-2005-000380", }, { db: "BID", id: "13940", }, { db: "PACKETSTORM", id: "37995", }, ], trust: 2.7, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2005-0488", trust: 3.5, }, { db: "CERT/CC", id: "VU#800829", trust: 3.2, }, { db: "BID", id: "13940", trust: 2.7, }, { db: "USCERT", id: "TA06-214A", trust: 2.4, }, { db: "SECTRACK", id: "1014203", trust: 1.6, }, { db: "SECUNIA", id: "17135", trust: 1.6, }, { db: "SECUNIA", id: "21253", trust: 1.6, }, { db: "VUPEN", id: "ADV-2006-3101", trust: 1.6, }, { db: "BID", id: "19289", trust: 1.6, }, { db: "SECUNIA", id: "15690", trust: 0.9, }, { db: "USCERT", id: "SA06-214A", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2005-000380", trust: 0.8, }, { db: "CERT/CC", id: "TA06-214A", trust: 0.6, }, { db: "SUNALERT", id: "101665", trust: 0.6, }, { db: "SUNALERT", id: "57761", trust: 0.6, }, { db: "SUNALERT", id: "101671", trust: 0.6, }, { db: "SUNALERT", id: "57755", trust: 0.6, }, { db: "OVAL", id: "OVAL:ORG.MITRE.OVAL:DEF:1139", trust: 0.6, }, { db: "REDHAT", id: "RHSA-2005:504", trust: 0.6, }, { db: "REDHAT", id: "RHSA-2005:562", trust: 0.6, }, { db: "APPLE", id: "APPLE-SA-2006-08-01", trust: 0.6, }, { db: "SUSE", id: "SUSE-SR:2005:016", trust: 0.6, }, { db: "IDEFENSE", id: "20050614 MULTIPLE VENDOR TELNET CLIENT INFORMATION DISCLOSURE VULNERABILITY", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-200506-129", trust: 0.6, }, { db: "PACKETSTORM", id: "37995", trust: 0.1, }, ], sources: [ { db: "CERT/CC", id: "VU#800829", }, { db: "BID", id: "13940", }, { db: "JVNDB", id: "JVNDB-2005-000380", }, { db: "PACKETSTORM", id: "37995", }, { db: "CNNVD", id: "CNNVD-200506-129", }, { db: "NVD", id: "CVE-2005-0488", }, ], }, id: "VAR-200506-0133", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.4615448, }, last_update_date: "2024-07-23T21:22:45.018000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Update 2006-004 Mac OS X 10.4.7 Client (PPC)", trust: 0.8, url: "http://www.apple.com/support/downloads/securityupdate2006004macosx1047clientppc.html", }, { title: "Security Update 2006-004 (10.3.9 Client)", trust: 0.8, url: "http://www.apple.com/support/downloads/securityupdate20060041039client.html", }, { title: "Security Update 2006-004 (10.3.9 Server)", trust: 0.8, url: "http://www.apple.com/support/downloads/securityupdate20060041039server.html", }, { title: "Security Update 2006-004 Mac OS X 10.4.7 Client (Intel)", trust: 0.8, url: "http://www.apple.com/support/downloads/securityupdate2006004macosx1047clientintel.html", }, { title: "Security Update 2006-004", trust: 0.8, url: "http://docs.info.apple.com/jarticle.html?artnum=304063-en", }, { title: "Security Update 2006-004", trust: 0.8, url: "http://docs.info.apple.com/jarticle.html?artnum=304063", }, { title: "krb5 (V2.x)", trust: 0.8, url: "http://www.miraclelinux.com/update/linux/list.php?errata_id=168", }, { title: "telnet (V2.x)", trust: 0.8, url: "http://www.miraclelinux.com/support/update/list.php?errata_id=1087", }, { title: "RHSA-2005:504", trust: 0.8, url: "https://rhn.redhat.com/errata/rhsa-2005-504.html", }, { title: "RHSA-2005:562", trust: 0.8, url: "https://rhn.redhat.com/errata/rhsa-2005-562.html", }, { title: "101665", trust: 0.8, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1", }, { title: "101671", trust: 0.8, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1", }, { title: "101665", trust: 0.8, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-3", }, { title: "101671", trust: 0.8, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-3", }, { title: "Security Update 2006-004 (10.3.9 Client)", trust: 0.8, url: "http://www.apple.com/jp/ftp-info/reference/securityupdate20060041039client.html", }, { title: "Security Update 2006-004 (10.3.9 Server)", trust: 0.8, url: "http://www.apple.com/jp/ftp-info/reference/securityupdate20060041039server.html", }, { title: "Security Update 2006-004 Mac OS X 10.4.7 Client (Intel)", trust: 0.8, url: "http://www.apple.com/jp/ftp-info/reference/securityupdate2006004macosx1047clientintel.html", }, { title: "Security Update 2006-004 Mac OS X 10.4.7 Client (PPC)", trust: 0.8, url: "http://www.apple.com/jp/ftp-info/reference/securityupdate2006004macosx1047clientppc.html", }, { title: "RHSA-2005:562", trust: 0.8, url: "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-562j.html", }, { title: "RHSA-2005:504", trust: 0.8, url: "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-504j.html", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2005-000380", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-Other", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2005-0488", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "http://www.securityfocus.com/bid/13940", }, { trust: 2.4, url: "http://www.us-cert.gov/cas/techalerts/ta06-214a.html", }, { trust: 2.4, url: "http://www.kb.cert.org/vuls/id/800829", }, { trust: 1.9, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1", }, { trust: 1.9, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1", }, { trust: 1.7, url: "http://idefense.com/application/poi/display?id=260&type=vulnerabilities", }, { trust: 1.6, url: "http://www.redhat.com/support/errata/rhsa-2005-504.html", }, { trust: 1.6, url: "http://www.novell.com/linux/security/advisories/2005_16_sr.html", }, { trust: 1.6, url: "http://www.securityfocus.com/bid/19289", }, { trust: 1.6, url: "http://www.redhat.com/support/errata/rhsa-2005-562.html", }, { trust: 1.6, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1", }, { trust: 1.6, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1", }, { trust: 1.6, url: "http://securitytracker.com/id?1014203", }, { trust: 1.6, url: "http://secunia.com/advisories/21253", }, { trust: 1.6, url: "http://secunia.com/advisories/17135", }, { trust: 1.6, url: "http://lists.apple.com/archives/security-announce/2006//aug/msg00000.html", }, { trust: 1, url: "http://www.vupen.com/english/advisories/2006/3101", }, { trust: 1, url: "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11373", }, { trust: 1, url: "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1139", }, { trust: 0.9, url: "http://secunia.com/advisories/15690/", }, { trust: 0.8, url: "http://www.idefense.com/application/poi/display?id=260", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-0488", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-1205", }, { trust: 0.8, url: "http://www.apps.ietf.org/rfc/rfc1572.html", }, { trust: 0.8, url: "http://www.securityfocus.com/archive/1/402230", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-0488", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnta06-214a/index.html", }, { trust: 0.8, url: "http://jvn.jp/tr/trta06-214a/", }, { trust: 0.8, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-0488", }, { trust: 0.8, url: "http://www.us-cert.gov/cas/alerts/sa06-214a.html", }, { trust: 0.6, url: "http://www.frsirt.com/english/advisories/2006/3101", }, { trust: 0.6, url: "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:1139", }, { trust: 0.4, url: "http://www.microsoft.com/technet/security/bulletin/ms05-033.mspx", }, { trust: 0.3, url: "http://support.avaya.com/elmodocs2/security/asa-2005-145_rhsa-2005-504.pdf", }, { trust: 0.3, url: "http://rhn.redhat.com/errata/rhsa-2005-562.html", }, { trust: 0.3, url: "http://rhn.redhat.com/errata/rhsa-2005-567.html", }, { trust: 0.3, url: "http://www.microsoft.com/windowsserversystem/sfu/", }, { trust: 0.3, url: "http://tech.f5.com/home/bigip/solutions/advisories/sol4616.html", }, { trust: 0.3, url: "/archive/1/402230", }, { trust: 0.1, url: "http://www.microsoft.com/downloads/details.aspx?familyid=32c4e286-2c4d-491a-9e05-4ca0b055d5dc", }, { trust: 0.1, url: "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org", }, { trust: 0.1, url: "http://secunia.com/product/1176/", }, { trust: 0.1, url: "http://secunia.com/about_secunia_advisories/", }, { trust: 0.1, url: "http://secunia.com/product/22/", }, { trust: 0.1, url: "http://www.microsoft.com/downloads/details.aspx?familyid=c6161d9e-1672-479e-8baf-754a64dfab47", }, { trust: 0.1, url: "http://www.microsoft.com/downloads/details.aspx?familyid=7c3dd615-b82d-4520-9c3a-376283b01d5b", }, { trust: 0.1, url: "http://secunia.com/product/1175/", }, { trust: 0.1, url: "http://secunia.com/secunia_vacancies/", }, { trust: 0.1, url: "http://secunia.com/product/16/", }, { trust: 0.1, url: "http://secunia.com/product/5243/", }, { trust: 0.1, url: "http://www.microsoft.com/downloads/details.aspx?familyid=22095e78-a559-40ea-8b65-9c727f4e752f", }, { trust: 0.1, url: "http://secunia.com/product/5244/", }, { trust: 0.1, url: "http://www.microsoft.com/downloads/details.aspx?familyid=b8ba775e-e9a7-47e9-81a9-a68a71b9faac", }, { trust: 0.1, url: "http://secunia.com/product/1173/", }, { trust: 0.1, url: "http://www.microsoft.com/downloads/details.aspx?familyid=dcc6840f-e626-4266-a63a-cddec0ec44d6", }, { trust: 0.1, url: "http://secunia.com/secunia_security_advisories/", }, { trust: 0.1, url: "http://www.microsoft.com/downloads/details.aspx?familyid=b281550b-8fae-4ff3-9bb7-e4ba325779b9", }, { trust: 0.1, url: "http://secunia.com/product/1174/", }, { trust: 0.1, url: "http://www.microsoft.com/downloads/details.aspx?familyid=8eaad650-54db-44bc-ac9b-fc8a50f5a3b5", }, { trust: 0.1, url: "http://www.microsoft.com/downloads/details.aspx?familyid=c23a4e16-e228-4a80-a4cb-9dcef462b97a", }, ], sources: [ { db: "CERT/CC", id: "VU#800829", }, { db: "BID", id: "13940", }, { db: "JVNDB", id: "JVNDB-2005-000380", }, { db: "PACKETSTORM", id: "37995", }, { db: "CNNVD", id: "CNNVD-200506-129", }, { db: "NVD", id: "CVE-2005-0488", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CERT/CC", id: "VU#800829", }, { db: "BID", id: "13940", }, { db: "JVNDB", id: "JVNDB-2005-000380", }, { db: "PACKETSTORM", id: "37995", }, { db: "CNNVD", id: "CNNVD-200506-129", }, { db: "NVD", id: "CVE-2005-0488", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2005-06-14T00:00:00", db: "CERT/CC", id: "VU#800829", }, { date: "2005-06-14T00:00:00", db: "BID", id: "13940", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2005-000380", }, { date: "2005-06-16T05:01:37", db: "PACKETSTORM", id: "37995", }, { date: "2005-04-21T00:00:00", db: "CNNVD", id: "CNNVD-200506-129", }, { date: "2005-06-14T04:00:00", db: "NVD", id: "CVE-2005-0488", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2005-07-28T00:00:00", db: "CERT/CC", id: "VU#800829", }, { date: "2006-08-02T20:16:00", db: "BID", id: "13940", }, { date: "2007-07-24T00:00:00", db: "JVNDB", id: "JVNDB-2005-000380", }, { date: "2012-12-26T00:00:00", db: "CNNVD", id: "CNNVD-200506-129", }, { date: "2020-01-21T15:45:16.083000", db: "NVD", id: "CVE-2005-0488", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-200506-129", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Telnet Client Information Disclosure Vulnerability", sources: [ { db: "CERT/CC", id: "VU#800829", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "access verification error", sources: [ { db: "CNNVD", id: "CNNVD-200506-129", }, ], trust: 0.6, }, }
var-200506-0234
Vulnerability from variot
The Telnet client for Microsoft Windows XP, Windows Server 2003, and Windows Services for UNIX allows remote attackers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. Remote attackers who exploit this issue IFRAME Tag and "TELNET://" Formal URI Etc., Web Malicious via page or email Telnet By guiding the target user to connect to the server, important information on the target system, such as the user name, executable file search path, and the location of important data, may be taken. Also some Linux Included with the distribution Kerberos Has been reported to be affected by this issue.Please refer to the “Overview” for the impact of this vulnerability. Telnet clients provided by multiple vendors are prone to a remote information-disclosure vulnerability. Attackers can retrieve any information stored in the environment of clients using the affected telnet application. The contents of the environment variables may be sensitive in nature, allowing attackers to gain information that may aid them in further attacks. This can be exploited to gain knowledge of the session variables for a user, who has an open connection to a malicious Telnet server.
Successful exploitation requires that a user e.g. visits a malicious web site or is tricked into clicking a specially crafted link.
SOLUTION: Apply patches.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200506-0234", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "windows 2003 server", scope: "eq", trust: 1.6, vendor: "microsoft", version: "r2", }, { model: "windows 2003 server", scope: "eq", trust: 1.6, vendor: "microsoft", version: "web", }, { model: "windows 2003 server", scope: "eq", trust: 1.6, vendor: "microsoft", version: "enterprise", }, { model: "windows 2003 server", scope: "eq", trust: 1.6, vendor: "microsoft", version: "standard", }, { model: "asianux server", scope: "eq", trust: 0.8, vendor: "cybertrust", version: "2.0", }, { model: "asianux server", scope: "eq", trust: 0.8, vendor: "cybertrust", version: "2.1", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "10 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "10 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "7.0 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "7.0 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "8 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "8 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "9 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "9 (x86)", }, { model: "windows server 2003", scope: null, trust: 0.8, vendor: "microsoft", version: null, }, { model: "windows xp", scope: "eq", trust: 0.8, vendor: "microsoft", version: "sp3", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "2.1 (as)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "2.1 (es)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "2.1 (ws)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "3 (as)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "3 (es)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "3 (ws)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "4 (as)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "4 (es)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "4 (ws)", }, { model: "linux personal", scope: "eq", trust: 0.3, vendor: "s u s e", version: "8.2", }, { model: "windows xp home sp1", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "8.0", }, { model: "sunos x86", scope: "eq", trust: 0.3, vendor: "sun", version: "5.8", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.8", }, { model: "sunos", scope: "eq", trust: 0.3, vendor: "sun", version: "5.9", }, { model: "s8500 r2.0.0", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.1", }, { model: "windows server standard edition", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003x64", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.2", }, { model: "s8700 r2.0.0", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "multi network firewall", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "2.0", }, { model: "enterprise linux ws", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.4", }, { model: "seam", scope: "eq", trust: 0.3, vendor: "sun", version: "1.0.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.5", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "5.2", }, { model: "windows xp professional", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "suse", version: "7.2", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "4.2", }, { model: "windows server enterprise edition sp1 beta", scope: "eq", trust: 0.3, vendor: "microsoft", version: "20031", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.9", }, { model: "solaris 2.7 sparc", scope: null, trust: 0.3, vendor: "sun", version: null, }, { model: "open server", scope: "eq", trust: 0.3, vendor: "sco", version: "5.0.6", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "10.1", }, { model: "windows server enterprise edition itanium", scope: "eq", trust: 0.3, vendor: "microsoft", version: "20030", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.2", }, { model: "windows xp tablet pc edition sp1", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.4", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "1.0", }, { model: "linux mandrake amd64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "10.0", }, { model: "windows xp professional edition", scope: "eq", trust: 0.3, vendor: "microsoft", version: "x64", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "10.2", }, { model: "windows xp tablet pc edition", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "6.4", }, { model: "linux personal", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.3", }, { model: "open-enterprise-server", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.0", }, { model: "windows server enterprise edition sp1", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003", }, { model: "directory pro", scope: "eq", trust: 0.3, vendor: "cosmicperl", version: "10.0.3", }, { model: "enterprise linux es", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux es", scope: "eq", trust: 0.3, vendor: "redhat", version: "3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.6", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.0", }, { model: "corporate server x86 64", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "2.1", }, { model: "mn100", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.3", }, { model: "big-ip", scope: "ne", trust: 0.3, vendor: "f5", version: "4.5.13", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.1", }, { model: "seam", scope: "eq", trust: 0.3, vendor: "sun", version: "1.0.2", }, { model: "open server", scope: "eq", trust: 0.3, vendor: "sco", version: "5.0.7", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3", }, { model: "advanced workstation for the itanium processor", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.1", }, { model: "windows xp 64-bit edition", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "s8500 r2.0.1", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.6", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "suse", version: "7.0", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.03", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "6.0", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.12", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5", }, { model: "windows server enterprise edition itanium sp1", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1", }, { model: "seam", scope: "eq", trust: 0.3, vendor: "sun", version: "1.0", }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "6.3", }, { model: "enterprise linux ws ia64", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.1", }, { model: "windows server standard edition sp1 beta", scope: "eq", trust: 0.3, vendor: "microsoft", version: "20031", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.2", }, { model: "windows server standard edition sp1", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "suse", version: "8.0", }, { model: "windows xp media center edition", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.4", }, { model: "linux alpha", scope: "eq", trust: 0.3, vendor: "suse", version: "7.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.8", }, { model: "windows xp media center edition sp2", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.1", }, { model: "s8710 r2.0.1", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.4", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "6.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.3", }, { model: "3-dns", scope: "ne", trust: 0.3, vendor: "f5", version: "4.5.13", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "3.0", }, { model: "linux personal", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.1", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "4.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.2", }, { model: "sunos x86", scope: "eq", trust: 0.3, vendor: "sun", version: "5.9", }, { model: "linux personal x86 64", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.3", }, { model: "windows server datacenter edition itanium", scope: "eq", trust: 0.3, vendor: "microsoft", version: "20030", }, { model: "solaris 8 sparc", scope: null, trust: 0.3, vendor: "sun", version: null, }, { model: "linux imap server", scope: "eq", trust: 0.3, vendor: "s u s e", version: "1.0", }, { model: "windows server datacenter edition sp1 beta", scope: "eq", trust: 0.3, vendor: "microsoft", version: "20031", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.3", }, { model: "big-ip", scope: "ne", trust: 0.3, vendor: "f5", version: "4.7", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "9", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "6.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.7", }, { model: "sunos", scope: "eq", trust: 0.3, vendor: "sun", version: "5.8", }, { model: "enterprise linux es", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.1", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "5.0", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.11", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "7.1", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.6.2", }, { model: "windows xp tablet pc edition sp2", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.1", }, { model: "desktop", scope: "eq", trust: 0.3, vendor: "redhat", version: "4.0", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.3", }, { model: "windows server enterprise edition itanium sp1 beta", scope: "eq", trust: 0.3, vendor: "microsoft", version: "20031", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "8.1", }, { model: "linux enterprise server", scope: "eq", trust: 0.3, vendor: "suse", version: "8", }, { model: "linux openexchange server", scope: null, trust: 0.3, vendor: "suse", version: null, }, { model: "linux enterprise server", scope: "eq", trust: 0.3, vendor: "suse", version: "7", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "7.1x86", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "4.4", }, { model: "linux alpha", scope: "eq", trust: 0.3, vendor: "suse", version: "6.1", }, { model: "intuity lx", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.6.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.8", }, { model: "linux enterprise server for s/390", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.0", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "2.8", }, { model: "corporate server x86 64", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "3.0", }, { model: "linux personal x86 64", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.1", }, { model: "linux professional", scope: "eq", trust: 0.3, vendor: "s u s e", version: "8.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.5", }, { model: "3-dns", scope: "ne", trust: 0.3, vendor: "f5", version: "4.7", }, { model: "linux desktop", scope: "eq", trust: 0.3, vendor: "suse", version: "1.0", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "6.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.1", }, { model: "windows server datacenter edition itanium sp1 beta", scope: "eq", trust: 0.3, vendor: "microsoft", version: "20031", }, { model: "linux alpha", scope: "eq", trust: 0.3, vendor: "suse", version: "7.0", }, { model: "advanced workstation for the itanium processor ia64", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.1", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "2.0", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.1", }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.0", }, { model: "solaris 8 x86", scope: null, trust: 0.3, vendor: "sun", version: null, }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "2.7", }, { model: "windows server datacenter edition", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.2", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "7.2", }, { model: "sunos", scope: "eq", trust: 0.3, vendor: "sun", version: "5.7", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.6.3", }, { model: "s8300 r2.0.0", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "suse", version: "6.4", }, { model: "propack sp5", scope: "eq", trust: 0.3, vendor: "sgi", version: "3.0", }, { model: "linux database server", scope: "eq", trust: 0.3, vendor: "s u s e", version: "0", }, { model: "services for unix", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2.2", }, { model: "windows xp professional sp1", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "7.3", }, { model: "unixware", scope: "eq", trust: 0.3, vendor: "sco", version: "7.1.4", }, { model: "windows server standard edition", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003", }, { model: "services for unix", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.9", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "5.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.5", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "4.4.1", }, { model: "windows server enterprise edition", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003x64", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.6", }, { model: "services for unix", scope: "eq", trust: 0.3, vendor: "microsoft", version: "3.0", }, { model: "linux professional", scope: "eq", trust: 0.3, vendor: "s u s e", version: "7.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.6", }, { model: "linux personal", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.6", }, { model: "enterprise linux as ia64", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.1", }, { model: "linux personal", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.0", }, { model: "s8300 r2.0.1", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "10", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "7.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.4", }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "10.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.6", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.7", }, { model: "windows xp home", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "10.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.3", }, { model: "enterprise linux as", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux as", scope: "eq", trust: 0.3, vendor: "redhat", version: "3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.1", }, { model: "windows xp media center edition sp1", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.0", }, { model: "modular messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "2.0", }, { model: "linux office server", scope: null, trust: 0.3, vendor: "s u s e", version: null, }, { model: "s8710 r2.0.0", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "propack sp6", scope: "eq", trust: 0.3, vendor: "sgi", version: "3.0", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.11", }, { model: "suse linux school server for i386", scope: null, trust: 0.3, vendor: "s u s e", version: null, }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.6", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.6.2", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "7.0", }, { model: "solaris 7.0 x86", scope: null, trust: 0.3, vendor: "sun", version: null, }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.7", }, { model: "enterprise linux ws", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux ws", scope: "eq", trust: 0.3, vendor: "redhat", version: "3", }, { model: "solaris 9 x86 update", scope: "eq", trust: 0.3, vendor: "sun", version: "2", }, { model: "desktop", scope: "eq", trust: 0.3, vendor: "redhat", version: "3.0", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.8", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.3", }, { model: "s8700 r2.0.1", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "linux personal x86 64", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.2", }, { model: "services for unix", scope: "eq", trust: 0.3, vendor: "microsoft", version: "3.5", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.9", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.3", }, { model: "windows xp professional sp2", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "windows xp home sp2", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "suse email server iii", scope: null, trust: 0.3, vendor: "s u s e", version: null, }, { model: "corporate server", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "2.1", }, { model: "linux personal x86 64", scope: "eq", trust: 0.3, vendor: "s u s e", version: "9.0", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.5", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "suse", version: "7.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.2", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.3", }, { model: "services for unix", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2.0", }, { model: "windows xp 64-bit edition sp1", scope: null, trust: 0.3, vendor: "microsoft", version: null, }, { model: "solaris 9 x86", scope: null, trust: 0.3, vendor: "sun", version: null, }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.12", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "6.1", }, { model: "windows xp 64-bit edition version sp1", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.4", }, { model: "corporate server", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "3.0", }, { model: "linux alpha", scope: "eq", trust: 0.3, vendor: "suse", version: "6.4", }, { model: "sunos x86", scope: "eq", trust: 0.3, vendor: "sun", version: "5.7", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.3", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0", }, { model: "windows server datacenter edition sp1", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.3", }, { model: "suse email server", scope: "eq", trust: 0.3, vendor: "s u s e", version: "3.1", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "suse", version: "7.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.5", }, { model: "linux enterprise server for s/390", scope: null, trust: 0.3, vendor: "s u s e", version: null, }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.7", }, { model: "converged communications server", scope: "eq", trust: 0.3, vendor: "avaya", version: "2.0", }, { model: "unixware", scope: "eq", trust: 0.3, vendor: "sco", version: "7.1.3", }, { model: "linux enterprise server", scope: "eq", trust: 0.3, vendor: "suse", version: "9", }, { model: "modular messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "1.1", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "4.0", }, { model: "windows server enterprise edition", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.2", }, { model: "linux connectivity server", scope: null, trust: 0.3, vendor: "s u s e", version: null, }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.3", }, { model: "enterprise linux es ia64", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.1", }, { model: "windows xp 64-bit edition version", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003", }, { model: "windows server datacenter edition itanium sp1", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "10.0", }, { model: "enterprise linux as", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.1", }, { model: "windows server datacenter edition", scope: "eq", trust: 0.3, vendor: "microsoft", version: "2003x64", }, { model: "linux alpha", scope: "eq", trust: 0.3, vendor: "suse", version: "6.3", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "5.3", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5.10", }, ], sources: [ { db: "BID", id: "13940", }, { db: "JVNDB", id: "JVNDB-2005-000382", }, { db: "NVD", id: "CVE-2005-1205", }, { db: "CNNVD", id: "CNNVD-200506-123", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2005-1205", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Gaël Delalleau gael.delalleau+ moz@m4x.org", sources: [ { db: "CNNVD", id: "CNNVD-200506-123", }, ], trust: 0.6, }, cve: "CVE-2005-1205", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "None", baseScore: 5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2005-1205", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2005-1205", trust: 1.8, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-200506-123", trust: 0.6, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2005-1205", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULMON", id: "CVE-2005-1205", }, { db: "JVNDB", id: "JVNDB-2005-000382", }, { db: "NVD", id: "CVE-2005-1205", }, { db: "CNNVD", id: "CNNVD-200506-123", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The Telnet client for Microsoft Windows XP, Windows Server 2003, and Windows Services for UNIX allows remote attackers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. Remote attackers who exploit this issue IFRAME Tag and \"TELNET://\" Formal URI Etc., Web Malicious via page or email Telnet By guiding the target user to connect to the server, important information on the target system, such as the user name, executable file search path, and the location of important data, may be taken. Also some Linux Included with the distribution Kerberos Has been reported to be affected by this issue.Please refer to the “Overview” for the impact of this vulnerability. Telnet clients provided by multiple vendors are prone to a remote information-disclosure vulnerability. \nAttackers can retrieve any information stored in the environment of clients using the affected telnet application. The contents of the environment variables may be sensitive in nature, allowing attackers to gain information that may aid them in further attacks. This can be exploited to gain knowledge of the session\nvariables for a user, who has an open connection to a malicious\nTelnet server. \n\nSuccessful exploitation requires that a user e.g. visits a malicious\nweb site or is tricked into clicking a specially crafted link. \n\nSOLUTION:\nApply patches. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n", sources: [ { db: "NVD", id: "CVE-2005-1205", }, { db: "JVNDB", id: "JVNDB-2005-000382", }, { db: "BID", id: "13940", }, { db: "VULMON", id: "CVE-2005-1205", }, { db: "PACKETSTORM", id: "37995", }, ], trust: 2.07, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "BID", id: "13940", trust: 2.8, }, { db: "NVD", id: "CVE-2005-1205", trust: 2.8, }, { db: "SECUNIA", id: "15690", trust: 2.6, }, { db: "CERT/CC", id: "VU#800829", trust: 2.5, }, { db: "SECTRACK", id: "1014203", trust: 1.7, }, { db: "JVNDB", id: "JVNDB-2005-000382", trust: 0.8, }, { db: "MS", id: "MS05-033", trust: 0.6, }, { db: "OVAL", id: "OVAL:ORG.MITRE.OVAL:DEF:1132", trust: 0.6, }, { db: "OVAL", id: "OVAL:ORG.MITRE.OVAL:DEF:784", trust: 0.6, }, { db: "OVAL", id: "OVAL:ORG.MITRE.OVAL:DEF:605", trust: 0.6, }, { db: "IDEFENSE", id: "20050614 MULTIPLE VENDOR TELNET CLIENT INFORMATION DISCLOSURE VULNERABILITY", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-200506-123", trust: 0.6, }, { db: "VULMON", id: "CVE-2005-1205", trust: 0.1, }, { db: "PACKETSTORM", id: "37995", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2005-1205", }, { db: "BID", id: "13940", }, { db: "JVNDB", id: "JVNDB-2005-000382", }, { db: "PACKETSTORM", id: "37995", }, { db: "NVD", id: "CVE-2005-1205", }, { db: "CNNVD", id: "CNNVD-200506-123", }, ], }, id: "VAR-200506-0234", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.4615448, }, last_update_date: "2023-12-18T11:13:25.482000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "MS05-033", trust: 0.8, url: "http://www.microsoft.com/technet/security/bulletin/ms05-033.mspx", }, { title: "krb5", trust: 0.8, url: "http://www.miraclelinux.com/support/update/data/krb5.html", }, { title: "RHSA-2005:562", trust: 0.8, url: "https://rhn.redhat.com/errata/rhsa-2005-562.html", }, { title: "RHSA-2005:504", trust: 0.8, url: "https://rhn.redhat.com/errata/rhsa-2005-504.html", }, { title: "101665", trust: 0.8, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1", }, { title: "101671", trust: 0.8, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1", }, { title: "101665", trust: 0.8, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-3", }, { title: "101671", trust: 0.8, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-3", }, { title: "MS05-033", trust: 0.8, url: "http://www.microsoft.com/japan/technet/security/bulletin/ms05-033.mspx", }, { title: "RHSA-2005:562", trust: 0.8, url: "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-562j.html", }, { title: "RHSA-2005:504", trust: 0.8, url: "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-504j.html", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2005-000382", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-Other", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2005-1205", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.6, url: "http://secunia.com/advisories/15690/", }, { trust: 2.6, url: "http://www.securityfocus.com/bid/13940", }, { trust: 2.5, url: "http://www.kb.cert.org/vuls/id/800829", }, { trust: 1.8, url: "http://idefense.com/application/poi/display?id=260&type=vulnerabilities", }, { trust: 1.7, url: "http://securitytracker.com/id?1014203", }, { trust: 1.1, url: "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a784", }, { trust: 1.1, url: "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a605", }, { trust: 1.1, url: "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1132", }, { trust: 1.1, url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-033", }, { trust: 1, url: "http://www.microsoft.com/technet/security/bulletin/ms05-033.mspx", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-1205", }, { trust: 0.8, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-1205", }, { trust: 0.6, url: "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:784", }, { trust: 0.6, url: "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:605", }, { trust: 0.6, url: "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:1132", }, { trust: 0.3, url: "http://support.avaya.com/elmodocs2/security/asa-2005-145_rhsa-2005-504.pdf", }, { trust: 0.3, url: "http://rhn.redhat.com/errata/rhsa-2005-562.html", }, { trust: 0.3, url: "http://rhn.redhat.com/errata/rhsa-2005-567.html", }, { trust: 0.3, url: "http://www.microsoft.com/windowsserversystem/sfu/", }, { trust: 0.3, url: "http://tech.f5.com/home/bigip/solutions/advisories/sol4616.html", }, { trust: 0.3, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1", }, { trust: 0.3, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1", }, { trust: 0.3, url: "/archive/1/402230", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "http://www.microsoft.com/downloads/details.aspx?familyid=32c4e286-2c4d-491a-9e05-4ca0b055d5dc", }, { trust: 0.1, url: "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org", }, { trust: 0.1, url: "http://secunia.com/product/1176/", }, { trust: 0.1, url: "http://secunia.com/about_secunia_advisories/", }, { trust: 0.1, url: "http://secunia.com/product/22/", }, { trust: 0.1, url: "http://www.microsoft.com/downloads/details.aspx?familyid=c6161d9e-1672-479e-8baf-754a64dfab47", }, { trust: 0.1, url: "http://www.microsoft.com/downloads/details.aspx?familyid=7c3dd615-b82d-4520-9c3a-376283b01d5b", }, { trust: 0.1, url: "http://secunia.com/product/1175/", }, { trust: 0.1, url: "http://secunia.com/secunia_vacancies/", }, { trust: 0.1, url: "http://secunia.com/product/16/", }, { trust: 0.1, url: "http://secunia.com/product/5243/", }, { trust: 0.1, url: "http://www.microsoft.com/downloads/details.aspx?familyid=22095e78-a559-40ea-8b65-9c727f4e752f", }, { trust: 0.1, url: "http://secunia.com/product/5244/", }, { trust: 0.1, url: "http://www.microsoft.com/downloads/details.aspx?familyid=b8ba775e-e9a7-47e9-81a9-a68a71b9faac", }, { trust: 0.1, url: "http://secunia.com/product/1173/", }, { trust: 0.1, url: "http://www.microsoft.com/downloads/details.aspx?familyid=dcc6840f-e626-4266-a63a-cddec0ec44d6", }, { trust: 0.1, url: "http://secunia.com/secunia_security_advisories/", }, { trust: 0.1, url: "http://www.microsoft.com/downloads/details.aspx?familyid=b281550b-8fae-4ff3-9bb7-e4ba325779b9", }, { trust: 0.1, url: "http://secunia.com/product/1174/", }, { trust: 0.1, url: "http://www.microsoft.com/downloads/details.aspx?familyid=8eaad650-54db-44bc-ac9b-fc8a50f5a3b5", }, { trust: 0.1, url: "http://www.microsoft.com/downloads/details.aspx?familyid=c23a4e16-e228-4a80-a4cb-9dcef462b97a", }, ], sources: [ { db: "VULMON", id: "CVE-2005-1205", }, { db: "BID", id: "13940", }, { db: "JVNDB", id: "JVNDB-2005-000382", }, { db: "PACKETSTORM", id: "37995", }, { db: "NVD", id: "CVE-2005-1205", }, { db: "CNNVD", id: "CNNVD-200506-123", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2005-1205", }, { db: "BID", id: "13940", }, { db: "JVNDB", id: "JVNDB-2005-000382", }, { db: "PACKETSTORM", id: "37995", }, { db: "NVD", id: "CVE-2005-1205", }, { db: "CNNVD", id: "CNNVD-200506-123", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2005-06-14T00:00:00", db: "VULMON", id: "CVE-2005-1205", }, { date: "2005-06-14T00:00:00", db: "BID", id: "13940", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2005-000382", }, { date: "2005-06-16T05:01:37", db: "PACKETSTORM", id: "37995", }, { date: "2005-06-14T04:00:00", db: "NVD", id: "CVE-2005-1205", }, { date: "2005-04-21T00:00:00", db: "CNNVD", id: "CNNVD-200506-123", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2018-10-12T00:00:00", db: "VULMON", id: "CVE-2005-1205", }, { date: "2006-08-02T20:16:00", db: "BID", id: "13940", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2005-000382", }, { date: "2018-10-12T21:36:25.407000", db: "NVD", id: "CVE-2005-1205", }, { date: "2012-12-26T00:00:00", db: "CNNVD", id: "CNNVD-200506-123", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-200506-123", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Microsoft Windows of Telnet Environment variable disclosure vulnerability in the client", sources: [ { db: "JVNDB", id: "JVNDB-2005-000382", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "access verification error", sources: [ { db: "CNNVD", id: "CNNVD-200506-123", }, ], trust: 0.6, }, }
var-200712-0599
Vulnerability from variot
Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote attackers to have an unknown impact via a large length value for a GSS client name in an RPC request. Kerberos是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等。MIT Kerberos 5(又名krb5)是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等. Kerberos的实现上存在多个内存破坏漏洞,远程攻击者可能利用这些漏洞导致服务程序崩溃. gssftp的ftpd是Kerberos加密的FTP服务器,可通过Kerberos 5认证。在ftpd.c的reply()函数中存在未初始化的指针:
void reply(int n, char fmt, ...) { ... (1) int length, kerror; <---- declared length without initializer if (n) sprintf(in, \"\%d\%c\", n, cont_char); else in[0] = \'\'\0\'\'; strncat(in, buf, sizeof (in) - strlen(in) - 1); #ifdef KRB5_KRB4_COMPAT if (strcmp(auth_type, \"KERBEROS_V4\") == 0) { if (clevel == PROT_P) length = krb_mk_priv((unsigned char )in, (unsigned char )out, strlen(in), schedule, &kdata.session, &ctrl_addr, &his_addr); else length = krb_mk_safe((unsigned char )in, (unsigned char )out, strlen(in), &kdata.session, &ctrl_addr, &his_addr); if (length == -1) { syslog(LOG_ERR, \"krb_mk_\%s failed for KERBEROS_V4\", clevel == PROT_P ? \"priv\" : \"safe\"); fputs(in,stdout); } } else #endif / KRB5_KRB4_COMPAT / #ifdef GSSAPI / reply (based on level) / if (strcmp(auth_type, \"GSSAPI\") == 0) { gss_buffer_desc in_buf, out_buf; OM_uint32 maj_stat, min_stat; int conf_state; in_buf.value = in; in_buf.length = strlen(in); maj_stat = gss_seal(&min_stat, gcontext, clevel == PROT_P, / private / GSS_C_QOP_DEFAULT, &in_buf, &conf_state, &out_buf); if (maj_stat != GSS_S_COMPLETE) { #if 0 / Don\'\'t setup an infinite loop / / generally need to deal / secure_gss_error(maj_stat, min_stat, (clevel==PROT_P)? \"gss_seal ENC didn\'\'t complete\": \"gss_seal MIC didn\'\'t complete\"); #endif / 0 / } else if ((clevel == PROT_P) && !conf_state) { #if 0 / Don\'\'t setup an infinite loop / secure_error(\"GSSAPI didn\'\'t encrypt message\"); #endif / 0 / } else { memcpy(out, out_buf.value, length=out_buf.length); gss_release_buffer(&min_stat, &out_buf); } } #endif / GSSAPI / / Othe. Multiple memory-corruption vulnerabilities with unknown impacts affect MIT Kerberos 5. These issues include a use-after-free vulnerability, an integer-overflow vulnerability, and two double-free vulnerabilities. It adopts a client/server structure, and both the client and the server can authenticate each other (that is, double verification), which can prevent eavesdropping and replay attack, etc. MIT Kerberos 5 (also known as krb5) is a set of network authentication protocols developed by the Massachusetts Institute of Technology (MIT). ), which can prevent eavesdropping, prevent replay attacks, etc. There are multiple memory corruption vulnerabilities in the implementation of Kerberos, and remote attackers may use these vulnerabilities to cause the service program to crash. gssftp's ftpd is a Kerberos-encrypted FTP server that can pass Kerberos 5 authentication. (Only Ubuntu 6.06 LTS was affected.) (CVE-2007-5902, CVE-2007-5971, CVE-2007-5972)
Joel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos did not correctly verify certain packet structures.
II.DETAILS:
Background MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol.
Description
A uninitialized vulnerability (CVE-2007-5894)in function reply() in
ftpd.c. A dereferencing vulnerability(CVE-2007-5901) in gssapi lib in function gss_indicate_mechs(mi norStatus, mechSet) in g_initialize.c and a integer overflow vunerability(CVE-2007-5902) in rpc lib in function svcauth_gss_get_principal in svc_auth_gss.c. A double free vulnerability(CVE-2007-5971) in function gss_krb5int_make_seal_token_v3 in k5sealv3.c and another double free vulnerability(CVE-2007-5972) in function krb5_def_store_mkey in lib/kdb/kdb_default.c.
Impact
Reading uninitialized variables can result in unpredictable behavior, crashes, or security holes. Dereferencing,integer overflow and double free may cause instability and potentially crash.
References
[ 1 ] CVE-2007-5894 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894 [ 2 ] CVE-2007-5901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901 [ 3 ] CVE-2007-5902 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5902 [ 4 ] CVE-2007-5971 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971 [ 5 ] CVE-2007-5972 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5972
III.CREDIT:
Venustech AD-LAB discovery this vuln. Thank to all Venustech AD-Lab
guys.
V.DISCLAIMS:
The information in this bulletin is provided "AS IS" without warranty of any kind. In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
Copyright 1996-2007 VENUSTECH. All Rights Reserved. Terms of use.
VENUSTECH Security Lab VENUSTECH INFORMATION TECHNOLOGY CO.,LTD(http://www.venustech.com.cn)
Security Trusted {Solution} Provider Service
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . =========================================================== Ubuntu Security Notice USN-924-1 April 07, 2010 krb5 vulnerabilities CVE-2007-5901, CVE-2007-5902, CVE-2007-5971, CVE-2007-5972, CVE-2010-0629 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 8.04 LTS: krb5-kdc 1.6.dfsg.3~beta1-2ubuntu1.4 libkrb53 1.6.dfsg.3~beta1-2ubuntu1.4
Ubuntu 8.10: krb5-kdc 1.6.dfsg.4~beta1-3ubuntu0.4
Ubuntu 9.04: krb5-kdc 1.6.dfsg.4~beta1-5ubuntu2.3 libkrb53 1.6.dfsg.4~beta1-5ubuntu2.3
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Sol Jerome discovered that the Kerberos kadmind service did not correctly free memory. An unauthenticated remote attacker could send specially crafted traffic to crash the kadmind process, leading to a denial of service. (CVE-2010-0629)
It was discovered that Kerberos did not correctly free memory in the GSSAPI library. If a remote attacker were able to manipulate an application using GSSAPI carefully, the service could crash, leading to a denial of service. (Ubuntu 8.10 was not affected.) (CVE-2007-5901, CVE-2007-5971)
It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service. (Only Ubuntu 8.04 LTS was affected.) (CVE-2007-5902, CVE-2007-5972)
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.diff.gz
Size/MD5: 1747579 857bc90fe202aacef9aa7ec1915912b0
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.dsc
Size/MD5: 1135 4cacf5667996472a34c29f5db3590a0a
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1.orig.tar.gz
Size/MD5: 14672599 7a36c3471aa31ffd01d5a020f9d82dff
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.3~beta1-2ubuntu1.4_all.deb
Size/MD5: 2121560 319ec346ce4f7acfcd3f535276b2e7e9
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 140892 372ce44cc13bfcea71652553d16ab0f6
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 162164 6b37b079fa1b8fd1d512e8d5a268c6e3
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 1337522 23370d40c101659acb54bd203c263e3d
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 89344 02a61de3df97772e9a46ce5f960d392d
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 497374 89e647e9beec851c340774d758f6d68c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 88168 6f6c1a76b5fd3f579c26f5438fb04f69
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 230020 ff26ae7c13bedcd6335b36d335357f79
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 65660 6ad8023f8ec936b19046b04c95c948bc
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 186140 af7b0135284c9bffd16a6a03b2c36703
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 64960 abc799e9e887480fc993bdba504af466
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 91866 cfb606d8378283313f5009faa2dec564
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 73208 6ee86c16449e975666de4454ca001fb4
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 131262 a8beec1ae2763a39f4224e6457d79a68
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 146000 ea7aad15118b9e3df627d9e41f641c25
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 1289340 b3f36e7e2fb3fdba00a5af1153c4f407
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 89352 372324ef9477c4a6f3f9bc31ef297a57
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 460514 62959156fab7500c76d9f11ebae51d52
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 81706 fbbc1993212b37307d15fbac473a1568
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 201704 e920981af86ee031bcf12fdf0d58f044
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 60694 c1e8663d26f5090f64350e56967f1b4b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 173246 532692f310673efbd4329d0661811370
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 61726 78e20ba263aad29b73f92ce156ba12a7
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 84298 fe5eceddccc659692e8c95149da13dd9
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 66892 efb07a08a44037d73c7e98525dcbab56
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 131436 e9a07a3d73999fe64e97ec4f15754f00
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 143896 0885dad9ce7cfb900e80f664256ce3c7
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 1318388 8c5fee9fe04a1d4d5cd50e31066c592d
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 89348 f12babd06a10b951388d6618288b081d
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 455898 ceb7713ec70fe69de2e9e675f34162eb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 82168 603b21fbba3e4092e21e95f7fc79addb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 200914 066a5fa912c9a64a2a4f4de12326ded2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 60786 d11c67185932d0b746584e0406294a3e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 172640 2de487fc075709f917b2396a053d8bde
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 61574 394a1d2ee087fb9ed2d8bbdd6b54c1c2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 84204 1c7cccecf78f77db4073669da9f82ef7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 67206 ce64e680e6c213afea88440bb1d944b6
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 158748 c5daffac1ce8e89ee9002325f63ed078
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 159344 9fb7e6c72d4e07e06e704b127582204a
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 1335326 2e5bf6c9daec4169d467583f70b2652f
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 89362 edd451d9c7efb36480bd396347d33b47
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 482430 c4f6f3ee75b56c4fb436e0a55f008097
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 95278 554caab935dc3d35ed2297dff4b9cd21
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 245012 0a16b0e350544021fd2a3a8879d1372f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 68806 ea6d4ae9080e63be328418af216cf7fd
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 199412 9063aec6b15eab435032ac249f516a44
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 64060 a367b9c7a4afee60fe4b8e7e98eac1a4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 100238 e253160984af0fd0f914b453bf604b1d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 75518 7bfda8e39e560cb747ad8b78ceee7fa8
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 134486 d031b1b700640b4e254e9ba9950c0a9c
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 142010 d0fd459614fb1e4bb411b5ff1220e6a9
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 1213582 cd49f178b2202d58d3eb471a3c791e49
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 89356 8e603c181d789500185720f8e35da971
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 428108 356af6cc775d8bafe2a028c43a33b89c
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 83266 e87d03878c6db3b236edbe0616e1c839
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 211652 121558486b173d309bccbe304b8ec550
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 64092 69c588ea021fc09582f299ec80ce5ebf
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 173032 01fd0f15a60c39f2180c0290b8b4f015
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 58806 e21d86723683a97d0f9812d820b39da7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 87886 eef2eaa5c992cd9849f865c5b88de7aa
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 69614 8f28b615e8a75bb0a6e04da3131c39bb
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.diff.gz
Size/MD5: 858566 abe6f3bf8714b16dd084cd583b5aa350
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.dsc
Size/MD5: 1671 e03526558ccf9a954c92a3e257e66351
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz
Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-3ubuntu0.4_all.deb
Size/MD5: 2148728 a0785e0f46d4268e3906483b821241bb
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 146234 7c1e6b679b00982416953a085acb5f39
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 165978 0415c29a760df4dbf38e3b82e93aaf54
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 1474040 289fcb9189903998fe6adb217d111257
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 92554 db275139f0715242c7f339b0005f7f65
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 510612 ad1d674ce1ffc4f39dfc6d75d8c80282
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 92862 99ee34c7a17ce0cb980ba620cbc97e67
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 237266 eb87e828f93d628e7dab9de7a657566d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 68946 43644b68a2aa3219a07dcb85f7a45371
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 107696 5be51db685dc9d9536765a0771e52223
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 196660 e36a1e5bc9fd0b173bbd0fca05b79d0b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 67914 098fd941dbdb7c32ce12f983dbbd6ed9
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 94504 4bbe57034a98573f623870361380055d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 76670 6759a5aad2f5ba13b5b0354dc025aa0c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 136816 71232407545e52025735e7e630496f84
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 150618 e413fd35cb127f765870211bc25a47ec
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 1413034 f1f3fb8a55ee8ba77c9b6aac5ad9aff4
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 92570 98ed6b6053fff58ac3a600f4b51b7cd0
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 472690 7cf30b9521b99808b48879295b579d07
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 86424 76aefeea8bbaecc66933de53158503fe
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 213602 a6d796c92390bc1b9ff794ae4204f974
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 63886 8a7affbe90bd3c31e1bb360f4f93ce90
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 102054 15234247c475c7ac05549b3e0ac04e8a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 183124 34b361091e4883adf77658c04f431edb
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 64676 72cd11a2060ebd4524dfb4345d6ac3b0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 87766 bd091590f2ebf42a256b00c00ca08704
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 70558 37b76c195ee928457ddb7f859ee19b80
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 136772 173deb07bb07502e6d16adc880d27209
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 148130 beebf3d09c4c0f5b605a1719d87d3f62
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 1443468 4236ad375d51fe23404e21b1979103cf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 92538 c696e177873d8255183b7cc50576eb48
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 463248 680eff30a2fd36ab52900ad3b7d58192
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 86530 2d5c2d44148bcc30b1fc0862c26bbc88
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 206758 d08cdf41d7ee2bacd847639b5f5b8676
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 63948 c42df041a5ed4079b03fad6d1fd16a5d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 101826 1bfed64995fab3d278fd7e382be0f207
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 182666 c40bbef2b97460a08eb18a64767c9f8f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 64188 1421cd4073a447d334eea471a2dd548f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 86954 b9b8f522b5881cc111124d368dcc0d6f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 70346 f77d255277ff6ea8964c3992dded5118
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 157076 4501c9b76ba4cd09cce27ef2ce1a74ad
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 161396 9f6134a5f7e29859b46f41fa1f6c23a8
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 1472026 4f1e6fbc7c474bd9ddedce81c307e52f
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 92578 3b7a1d729048d6c66629e03a8230cb8b
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 492848 c791a13ad685af0293c3b8b0397adb25
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 96700 4980c34839066b9866eacb06fb385d23
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 245612 c4f47729971c422bdf47cbc86669999b
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 70360 4904070348252bd4bdd692d85af4249a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 110768 2c18038848b99c2f90b87a0c8af7a2e5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 202494 7c9671f7bdb178be8f1bbc8445ab00a9
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 66680 36a33a9765740aa2eab16419017562b0
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 98830 bfafb479fdc24c38cda9ab334c7c059e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 77096 ffc6213bd7623df1b396d14a72d4e830
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 140360 97dcf304de4a27ebac536e0092b7fc1b
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 144848 64545260134ceba4c1fa36bbb5dbb3e7
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 1332818 cfbeb843bc41b29bc39c9f472cc6f388
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 92562 18978f9e7ff1ce581359bffaa3183cae
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 433500 135cfb8e8a08c6086ee81a2401f5caea
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 87970 205855c848f241acd5262a11ca7bbc7a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 221618 1475ec81f68851111b85bb0bb0ab6fbf
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 67506 5742f0bd5b8775f8aa948f8fda02456b
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 100974 b9c4cb0e343eb63dbda925b29888186d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 182710 be662df46e52c604f0ef9aee39287bd4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 60936 d39a4e432ed22e23cc7342986b59cad2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 91922 62f5f68fe447a9e1367457ba4ac1033e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 72734 e3a771cb836f6fc6b40402befbdfdf20
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.diff.gz
Size/MD5: 884759 6834e06b9b7420e013639e5f0177dde7
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.dsc
Size/MD5: 1671 2df8fc05d522a39465b516106eb1c720
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz
Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5ubuntu2.3_all.deb
Size/MD5: 2149012 143718b601a3a99b8ebd05937ecaed25
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 146656 2d86ade2be3e079d940e8919217802e7
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 166316 faec7da08e9aa386f72e349c7408bf10
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 1479408 de4a5e28107e556683c959c1a0cfa819
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 93046 a88830b71b66d9071ecf9e43422c1d3e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 512336 6623911d29c86d0da61a57ac3f5443fa
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 93766 c1fe58d664c3021eb0f3b39a21f292f6
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 237514 15434edb948a81df6827c54e7cfc493a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 69208 f38a09c9ce73b663053b0c16e562d53e
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 108010 397c0979124621bde63b49d55df1951b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 198894 971764b78a61757018f675faaf8d13c2
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 68258 7abb3d320bbaac22e6d91c8ddf808ced
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 94832 c3b98b57230bdd7b7f6ebb83418b398f
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 76946 85b0519be431be8228d1b8930ca82032
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 137258 6722093f41aea33c126c60594e91aa89
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 150922 b01712adff6c2dd19bbb578691b55a82
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 1417102 87153ec02650a379e068d91412027243
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 93044 d29e99de8b3cd37a2f66411cb62f69e6
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 473744 d7f752135e4a924139b89e5873901aa1
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 87338 441b4cbdfcf76a714c81f88fc78d45f0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 213942 12b948c395cf70a2fea94cc8fc195228
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 64306 bab53b895c90f98f7964e66768e8e020
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 102364 0892484a20867e24c567a57fa9bdabbe
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 185436 c7716a56e5e00c6b34c37d619c3e2fd3
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 65034 673f5afa510e0b6c9718ca2b0b1d8634
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 88118 4d16b24b0c8de073394fcd16efbd471b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 70886 7c57638b2967e79f0b35ed27baca2c5c
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 137092 88eac351aa4c04cabeb5004ba0488a89
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 148518 5c4bcb387e8ceae4642e955c9073b936
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 1448176 04dc34d8d656fdd5cabfd522a2862fcb
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 93040 696bfd471bba2b1f3cb7d5c0538068d0
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 464142 11481d506c939a4595c5d235768692e5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 87422 41b6c7fb1aed7ddfd0732af69c393ee5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 207106 86e5df0b876d7a0fc53ff75dffcced9e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 64392 783c9e473eb37ca0368c9a52aa92d343
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 102218 548d6f447c103522fa6616dbea42e75a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 184990 325f5322d631683068bc6ddc6af35940
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 64550 b6b3f9ad2c07f8f7597c484fc14315be
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 87292 bcdb18ceb438927ab77150be9c4176f9
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 70680 eb8483a9164d278a76774413d9660ddb
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 157362 3603a529157befb84af0edad2c3bb7dc
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 161722 7ba5b2cd8023ffb44230d435aad75f4c
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 1476674 1db714f8b53e25bdc2301cdfa99551bf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 93054 82c6e84e63e5c5a561dfc55a5bbee018
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 494652 9251f6d55d90fbf9bb28ee930cef7aed
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 97626 05a2eef51dafed34f8689bde6d025d51
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 245924 2e85a1edc5ea735861525a91a37bcca6
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 70818 aa62de270b7d513cd8bd5831c63e4d20
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 111146 d4464357b86e371914cc23251c2c1780
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 204756 dd5364842f6604199e2d7698334771ff
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 67072 5144031c10eebd19c85b9bed8186b5a7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 99180 54eca3303b1097ee902e2ef84f0220e7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 77438 a18355513e1155b4dc997881878ce816
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 140558 5c0e1c57333b16f654ed94502e54d354
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 145012 bc16c76d7e202efb7f392185f9a34ecf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 1337686 00ce5bdd2e53fd6059205375458ba917
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 93054 29490c704727e89faf1079f1b517606e
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 434466 9047f19cc6730c592a0f9ac99abd31e4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 88702 55bf696f05f0d9b72b630d35422ed905
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 221790 bf2fb8e80cf389bee1a7b9edbcacb3d0
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 67822 4c2219ff77a59d8bcc8c78fb07e5b0e7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 101378 d7720e20362e7870e6d205a924b7e486
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 184808 7d8827058a213b3216c16cfe15d26bf1
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 61274 1b5b021b7e019641010877555e99058d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 92206 8baa9bba468967c26e6a2c87ffa8dfbb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 73024 607a1edca12d6130393158fc82b86b28
Show details on source website
{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200712-0599", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: null, }, { model: "kerberos", scope: "eq", trust: 0.8, vendor: "mit kerberos", version: "5", }, { model: "kerberos", scope: "eq", trust: 0.6, vendor: "mit", version: "5", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux lts sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "6.06", }, { model: "linux lts powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "6.06", }, { model: "linux lts i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "6.06", }, { model: "linux lts amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "6.06", }, { model: "linux enterprise server sp1", scope: "eq", trust: 0.3, vendor: "suse", version: "10", }, { model: "linux enterprise server", scope: "eq", trust: 0.3, vendor: "suse", version: "10", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "10.1x86-64", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "10.1x86", }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "10.1", }, { model: "opensuse", scope: "eq", trust: 0.3, vendor: "s u s e", version: "10.3", }, { model: "opensuse", scope: "eq", trust: 0.3, vendor: "s u s e", version: "10.2", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "rpath", version: "1", }, { model: "appliance platform linux service", scope: "eq", trust: 0.3, vendor: "rpath", version: "1", }, { model: "fedora", scope: "eq", trust: 0.3, vendor: "redhat", version: "7", }, { model: "enterprise linux ws", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux es", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux desktop workstation client", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "enterprise linux desktop client", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "enterprise linux as", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux server", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "desktop", scope: "eq", trust: 0.3, vendor: "redhat", version: "4.0", }, { model: "application server es", scope: "eq", trust: 0.3, vendor: "redhat", version: "3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.1", }, { model: "kerberos -alpha1", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.8", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.7", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.3", }, { model: "kerberos -beta1", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.1.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0.8", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0", }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2008.0", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2008.0", }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2007.1", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2007.1", }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2007.0", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2007.0", }, { model: "corporate server x86 64", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "4.0", }, { model: "corporate server", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "4.0", }, { model: "linux", scope: null, trust: 0.3, vendor: "gentoo", version: null, }, { model: "directory pro", scope: "eq", trust: 0.3, vendor: "cosmicperl", version: "10.0.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.11", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.10", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.9", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.8", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.7", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.9", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.8", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.7", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.8", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.7", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.11", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.10", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.9", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.8", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.6", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.9", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.8", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.6", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.8", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.6", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5", }, ], sources: [ { db: "BID", id: "26750", }, { db: "JVNDB", id: "JVNDB-2007-004613", }, { db: "CNNVD", id: "CNNVD-200712-055", }, { db: "NVD", id: "CVE-2007-5902", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2007-5902", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Venustech AD-LAB", sources: [ { db: "PACKETSTORM", id: "61598", }, { db: "CNNVD", id: "CNNVD-200712-055", }, ], trust: 0.7, }, cve: "CVE-2007-5902", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: true, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Complete", baseScore: 10, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2007-5902", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "VHN-29264", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2007-5902", trust: 1.8, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-200712-055", trust: 0.6, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-29264", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-29264", }, { db: "JVNDB", id: "JVNDB-2007-004613", }, { db: "CNNVD", id: "CNNVD-200712-055", }, { db: "NVD", id: "CVE-2007-5902", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote attackers to have an unknown impact via a large length value for a GSS client name in an RPC request. Kerberos是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等。MIT Kerberos 5(又名krb5)是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等. \nKerberos的实现上存在多个内存破坏漏洞,远程攻击者可能利用这些漏洞导致服务程序崩溃. \ngssftp的ftpd是Kerberos加密的FTP服务器,可通过Kerberos 5认证。在ftpd.c的reply()函数中存在未初始化的指针:\n\nvoid reply(int n, char *fmt, ...)\n{\n... \n(1) int length, kerror; <---- declared length without initializer\nif (n) sprintf(in, \\\"\\\\%d\\\\%c\\\", n, cont_char);\nelse in[0] = \\'\\'\0\\'\\';\nstrncat(in, buf, sizeof (in) - strlen(in) - 1);\n#ifdef KRB5_KRB4_COMPAT\nif (strcmp(auth_type, \\\"KERBEROS_V4\\\") == 0) {\nif (clevel == PROT_P)\nlength = krb_mk_priv((unsigned char\n*)in,\n(unsigned char\n*)out,\nstrlen(in),\nschedule,\n&kdata.session,\n&ctrl_addr,\n&his_addr);\nelse\nlength = krb_mk_safe((unsigned char\n*)in,\n(unsigned char\n*)out,\nstrlen(in),\n&kdata.session,\n&ctrl_addr,\n&his_addr);\nif (length == -1) {\nsyslog(LOG_ERR,\n\\\"krb_mk_\\\\%s failed for\nKERBEROS_V4\\\",\nclevel == PROT_P ? \\\"priv\\\" :\n\\\"safe\\\");\nfputs(in,stdout);\n}\n} else\n#endif /* KRB5_KRB4_COMPAT */\n#ifdef GSSAPI\n/* reply (based on level) */\nif (strcmp(auth_type, \\\"GSSAPI\\\") == 0) {\ngss_buffer_desc in_buf, out_buf;\nOM_uint32 maj_stat, min_stat;\nint conf_state;\nin_buf.value = in;\nin_buf.length = strlen(in);\nmaj_stat = gss_seal(&min_stat, gcontext,\nclevel == PROT_P, /*\nprivate */\nGSS_C_QOP_DEFAULT,\n&in_buf, &conf_state,\n&out_buf);\nif (maj_stat != GSS_S_COMPLETE) {\n#if 0\n/* Don\\'\\'t setup an infinite loop */\n/* generally need to deal */\nsecure_gss_error(maj_stat, min_stat,\n(clevel==PROT_P)?\n\\\"gss_seal ENC didn\\'\\'t\ncomplete\\\":\n\\\"gss_seal MIC didn\\'\\'t\ncomplete\\\");\n#endif /* 0 */\n} else if ((clevel == PROT_P) && !conf_state) {\n#if 0\n/* Don\\'\\'t setup an infinite loop */\nsecure_error(\\\"GSSAPI didn\\'\\'t encrypt\nmessage\\\");\n#endif /* 0 */\n} else {\nmemcpy(out, out_buf.value,\nlength=out_buf.length);\ngss_release_buffer(&min_stat,\n&out_buf);\n}\n}\n#endif /* GSSAPI */\n/* Othe. Multiple memory-corruption vulnerabilities with unknown impacts affect MIT Kerberos 5. These issues include a use-after-free vulnerability, an integer-overflow vulnerability, and two double-free vulnerabilities. It adopts a client/server structure, and both the client and the server can authenticate each other (that is, double verification), which can prevent eavesdropping and replay attack, etc. MIT Kerberos 5 (also known as krb5) is a set of network authentication protocols developed by the Massachusetts Institute of Technology (MIT). ), which can prevent eavesdropping, prevent replay attacks, etc. There are multiple memory corruption vulnerabilities in the implementation of Kerberos, and remote attackers may use these vulnerabilities to cause the service program to crash. gssftp's ftpd is a Kerberos-encrypted FTP server that can pass Kerberos 5 authentication. (Only Ubuntu 6.06 LTS was\naffected.) (CVE-2007-5902, CVE-2007-5971, CVE-2007-5972)\n\nJoel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos\ndid not correctly verify certain packet structures. \n\nII.DETAILS:\n----------\nBackground\nMIT Kerberos 5 is a suite of applications that implement the Kerberos\nnetwork protocol. \n\nDescription\n\n\tA uninitialized vulnerability (CVE-2007-5894)in function reply() in\nftpd.c. \n A dereferencing vulnerability(CVE-2007-5901) in gssapi lib in function\ngss_indicate_mechs(mi\nnorStatus, mechSet) in g_initialize.c and a integer overflow\nvunerability(CVE-2007-5902)\nin rpc lib in function svcauth_gss_get_principal in svc_auth_gss.c. A\ndouble free vulnerability(CVE-2007-5971)\nin function gss_krb5int_make_seal_token_v3 in k5sealv3.c and another\ndouble free vulnerability(CVE-2007-5972)\nin function krb5_def_store_mkey in lib/kdb/kdb_default.c. \n\nImpact\n\nReading uninitialized variables can result in unpredictable behavior,\ncrashes, or security holes. \nDereferencing,integer overflow and double free may cause instability and\npotentially crash. \n\nReferences\n==========\n\n [ 1 ] CVE-2007-5894\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894\n [ 2 ] CVE-2007-5901\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901\n [ 3 ] CVE-2007-5902\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5902\n [ 4 ] CVE-2007-5971\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971\n [ 5 ] CVE-2007-5972\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5972\n\n\nIII.CREDIT:\n----------\n Venustech AD-LAB discovery this vuln. Thank to all Venustech AD-Lab\nguys. \n\nV.DISCLAIMS:\n-----------\n\nThe information in this bulletin is provided \"AS IS\" without warranty of\nany\nkind. In no event shall we be liable for any damages whatsoever\nincluding direct,\nindirect, incidental, consequential, loss of business profits or special\ndamages. \n\nCopyright 1996-2007 VENUSTECH. All Rights Reserved. Terms of use. \n\nVENUSTECH Security Lab\nVENUSTECH INFORMATION TECHNOLOGY CO.,LTD(http://www.venustech.com.cn)\n\nSecurity\nTrusted {Solution} Provider\nService\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ===========================================================\nUbuntu Security Notice USN-924-1 April 07, 2010\nkrb5 vulnerabilities\nCVE-2007-5901, CVE-2007-5902, CVE-2007-5971, CVE-2007-5972,\nCVE-2010-0629\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 8.04 LTS\nUbuntu 8.10\nUbuntu 9.04\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 8.04 LTS:\n krb5-kdc 1.6.dfsg.3~beta1-2ubuntu1.4\n libkrb53 1.6.dfsg.3~beta1-2ubuntu1.4\n\nUbuntu 8.10:\n krb5-kdc 1.6.dfsg.4~beta1-3ubuntu0.4\n\nUbuntu 9.04:\n krb5-kdc 1.6.dfsg.4~beta1-5ubuntu2.3\n libkrb53 1.6.dfsg.4~beta1-5ubuntu2.3\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nSol Jerome discovered that the Kerberos kadmind service did not correctly\nfree memory. An unauthenticated remote attacker could send specially\ncrafted traffic to crash the kadmind process, leading to a denial of\nservice. (CVE-2010-0629)\n\nIt was discovered that Kerberos did not correctly free memory in\nthe GSSAPI library. If a remote attacker were able to manipulate an\napplication using GSSAPI carefully, the service could crash, leading to\na denial of service. (Ubuntu 8.10 was not affected.) (CVE-2007-5901,\nCVE-2007-5971)\n\nIt was discovered that Kerberos did not correctly free memory in the\nGSSAPI and kdb libraries. If a remote attacker were able to manipulate\nan application using these libraries carefully, the service could crash,\nleading to a denial of service. (Only Ubuntu 8.04 LTS was affected.)\n(CVE-2007-5902, CVE-2007-5972)\n\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.diff.gz\n Size/MD5: 1747579 857bc90fe202aacef9aa7ec1915912b0\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.dsc\n Size/MD5: 1135 4cacf5667996472a34c29f5db3590a0a\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1.orig.tar.gz\n Size/MD5: 14672599 7a36c3471aa31ffd01d5a020f9d82dff\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.3~beta1-2ubuntu1.4_all.deb\n Size/MD5: 2121560 319ec346ce4f7acfcd3f535276b2e7e9\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 140892 372ce44cc13bfcea71652553d16ab0f6\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 162164 6b37b079fa1b8fd1d512e8d5a268c6e3\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 1337522 23370d40c101659acb54bd203c263e3d\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 89344 02a61de3df97772e9a46ce5f960d392d\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 497374 89e647e9beec851c340774d758f6d68c\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 88168 6f6c1a76b5fd3f579c26f5438fb04f69\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 230020 ff26ae7c13bedcd6335b36d335357f79\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 65660 6ad8023f8ec936b19046b04c95c948bc\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 186140 af7b0135284c9bffd16a6a03b2c36703\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 64960 abc799e9e887480fc993bdba504af466\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 91866 cfb606d8378283313f5009faa2dec564\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 73208 6ee86c16449e975666de4454ca001fb4\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 131262 a8beec1ae2763a39f4224e6457d79a68\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 146000 ea7aad15118b9e3df627d9e41f641c25\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 1289340 b3f36e7e2fb3fdba00a5af1153c4f407\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 89352 372324ef9477c4a6f3f9bc31ef297a57\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 460514 62959156fab7500c76d9f11ebae51d52\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 81706 fbbc1993212b37307d15fbac473a1568\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 201704 e920981af86ee031bcf12fdf0d58f044\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 60694 c1e8663d26f5090f64350e56967f1b4b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 173246 532692f310673efbd4329d0661811370\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 61726 78e20ba263aad29b73f92ce156ba12a7\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 84298 fe5eceddccc659692e8c95149da13dd9\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 66892 efb07a08a44037d73c7e98525dcbab56\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 131436 e9a07a3d73999fe64e97ec4f15754f00\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 143896 0885dad9ce7cfb900e80f664256ce3c7\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 1318388 8c5fee9fe04a1d4d5cd50e31066c592d\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 89348 f12babd06a10b951388d6618288b081d\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 455898 ceb7713ec70fe69de2e9e675f34162eb\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 82168 603b21fbba3e4092e21e95f7fc79addb\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 200914 066a5fa912c9a64a2a4f4de12326ded2\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 60786 d11c67185932d0b746584e0406294a3e\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 172640 2de487fc075709f917b2396a053d8bde\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 61574 394a1d2ee087fb9ed2d8bbdd6b54c1c2\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 84204 1c7cccecf78f77db4073669da9f82ef7\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 67206 ce64e680e6c213afea88440bb1d944b6\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 158748 c5daffac1ce8e89ee9002325f63ed078\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 159344 9fb7e6c72d4e07e06e704b127582204a\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 1335326 2e5bf6c9daec4169d467583f70b2652f\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 89362 edd451d9c7efb36480bd396347d33b47\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 482430 c4f6f3ee75b56c4fb436e0a55f008097\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 95278 554caab935dc3d35ed2297dff4b9cd21\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 245012 0a16b0e350544021fd2a3a8879d1372f\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 68806 ea6d4ae9080e63be328418af216cf7fd\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 199412 9063aec6b15eab435032ac249f516a44\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 64060 a367b9c7a4afee60fe4b8e7e98eac1a4\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 100238 e253160984af0fd0f914b453bf604b1d\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 75518 7bfda8e39e560cb747ad8b78ceee7fa8\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 134486 d031b1b700640b4e254e9ba9950c0a9c\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 142010 d0fd459614fb1e4bb411b5ff1220e6a9\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 1213582 cd49f178b2202d58d3eb471a3c791e49\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 89356 8e603c181d789500185720f8e35da971\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 428108 356af6cc775d8bafe2a028c43a33b89c\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 83266 e87d03878c6db3b236edbe0616e1c839\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 211652 121558486b173d309bccbe304b8ec550\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 64092 69c588ea021fc09582f299ec80ce5ebf\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 173032 01fd0f15a60c39f2180c0290b8b4f015\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 58806 e21d86723683a97d0f9812d820b39da7\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 87886 eef2eaa5c992cd9849f865c5b88de7aa\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 69614 8f28b615e8a75bb0a6e04da3131c39bb\n\nUpdated packages for Ubuntu 8.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.diff.gz\n Size/MD5: 858566 abe6f3bf8714b16dd084cd583b5aa350\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.dsc\n Size/MD5: 1671 e03526558ccf9a954c92a3e257e66351\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz\n Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-3ubuntu0.4_all.deb\n Size/MD5: 2148728 a0785e0f46d4268e3906483b821241bb\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 146234 7c1e6b679b00982416953a085acb5f39\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 165978 0415c29a760df4dbf38e3b82e93aaf54\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 1474040 289fcb9189903998fe6adb217d111257\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 92554 db275139f0715242c7f339b0005f7f65\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 510612 ad1d674ce1ffc4f39dfc6d75d8c80282\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 92862 99ee34c7a17ce0cb980ba620cbc97e67\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 237266 eb87e828f93d628e7dab9de7a657566d\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 68946 43644b68a2aa3219a07dcb85f7a45371\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 107696 5be51db685dc9d9536765a0771e52223\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 196660 e36a1e5bc9fd0b173bbd0fca05b79d0b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 67914 098fd941dbdb7c32ce12f983dbbd6ed9\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 94504 4bbe57034a98573f623870361380055d\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 76670 6759a5aad2f5ba13b5b0354dc025aa0c\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 136816 71232407545e52025735e7e630496f84\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 150618 e413fd35cb127f765870211bc25a47ec\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 1413034 f1f3fb8a55ee8ba77c9b6aac5ad9aff4\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 92570 98ed6b6053fff58ac3a600f4b51b7cd0\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 472690 7cf30b9521b99808b48879295b579d07\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 86424 76aefeea8bbaecc66933de53158503fe\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 213602 a6d796c92390bc1b9ff794ae4204f974\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 63886 8a7affbe90bd3c31e1bb360f4f93ce90\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 102054 15234247c475c7ac05549b3e0ac04e8a\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 183124 34b361091e4883adf77658c04f431edb\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 64676 72cd11a2060ebd4524dfb4345d6ac3b0\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 87766 bd091590f2ebf42a256b00c00ca08704\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 70558 37b76c195ee928457ddb7f859ee19b80\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 136772 173deb07bb07502e6d16adc880d27209\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 148130 beebf3d09c4c0f5b605a1719d87d3f62\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 1443468 4236ad375d51fe23404e21b1979103cf\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 92538 c696e177873d8255183b7cc50576eb48\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 463248 680eff30a2fd36ab52900ad3b7d58192\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 86530 2d5c2d44148bcc30b1fc0862c26bbc88\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 206758 d08cdf41d7ee2bacd847639b5f5b8676\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 63948 c42df041a5ed4079b03fad6d1fd16a5d\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 101826 1bfed64995fab3d278fd7e382be0f207\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 182666 c40bbef2b97460a08eb18a64767c9f8f\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 64188 1421cd4073a447d334eea471a2dd548f\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 86954 b9b8f522b5881cc111124d368dcc0d6f\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 70346 f77d255277ff6ea8964c3992dded5118\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 157076 4501c9b76ba4cd09cce27ef2ce1a74ad\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 161396 9f6134a5f7e29859b46f41fa1f6c23a8\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 1472026 4f1e6fbc7c474bd9ddedce81c307e52f\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 92578 3b7a1d729048d6c66629e03a8230cb8b\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 492848 c791a13ad685af0293c3b8b0397adb25\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 96700 4980c34839066b9866eacb06fb385d23\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 245612 c4f47729971c422bdf47cbc86669999b\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 70360 4904070348252bd4bdd692d85af4249a\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 110768 2c18038848b99c2f90b87a0c8af7a2e5\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 202494 7c9671f7bdb178be8f1bbc8445ab00a9\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 66680 36a33a9765740aa2eab16419017562b0\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 98830 bfafb479fdc24c38cda9ab334c7c059e\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 77096 ffc6213bd7623df1b396d14a72d4e830\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 140360 97dcf304de4a27ebac536e0092b7fc1b\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 144848 64545260134ceba4c1fa36bbb5dbb3e7\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 1332818 cfbeb843bc41b29bc39c9f472cc6f388\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 92562 18978f9e7ff1ce581359bffaa3183cae\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 433500 135cfb8e8a08c6086ee81a2401f5caea\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 87970 205855c848f241acd5262a11ca7bbc7a\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 221618 1475ec81f68851111b85bb0bb0ab6fbf\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 67506 5742f0bd5b8775f8aa948f8fda02456b\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 100974 b9c4cb0e343eb63dbda925b29888186d\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 182710 be662df46e52c604f0ef9aee39287bd4\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 60936 d39a4e432ed22e23cc7342986b59cad2\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 91922 62f5f68fe447a9e1367457ba4ac1033e\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 72734 e3a771cb836f6fc6b40402befbdfdf20\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.diff.gz\n Size/MD5: 884759 6834e06b9b7420e013639e5f0177dde7\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.dsc\n Size/MD5: 1671 2df8fc05d522a39465b516106eb1c720\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz\n Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5ubuntu2.3_all.deb\n Size/MD5: 2149012 143718b601a3a99b8ebd05937ecaed25\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 146656 2d86ade2be3e079d940e8919217802e7\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 166316 faec7da08e9aa386f72e349c7408bf10\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 1479408 de4a5e28107e556683c959c1a0cfa819\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 93046 a88830b71b66d9071ecf9e43422c1d3e\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 512336 6623911d29c86d0da61a57ac3f5443fa\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 93766 c1fe58d664c3021eb0f3b39a21f292f6\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 237514 15434edb948a81df6827c54e7cfc493a\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 69208 f38a09c9ce73b663053b0c16e562d53e\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 108010 397c0979124621bde63b49d55df1951b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 198894 971764b78a61757018f675faaf8d13c2\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 68258 7abb3d320bbaac22e6d91c8ddf808ced\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 94832 c3b98b57230bdd7b7f6ebb83418b398f\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 76946 85b0519be431be8228d1b8930ca82032\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 137258 6722093f41aea33c126c60594e91aa89\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 150922 b01712adff6c2dd19bbb578691b55a82\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 1417102 87153ec02650a379e068d91412027243\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 93044 d29e99de8b3cd37a2f66411cb62f69e6\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 473744 d7f752135e4a924139b89e5873901aa1\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 87338 441b4cbdfcf76a714c81f88fc78d45f0\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 213942 12b948c395cf70a2fea94cc8fc195228\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 64306 bab53b895c90f98f7964e66768e8e020\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 102364 0892484a20867e24c567a57fa9bdabbe\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 185436 c7716a56e5e00c6b34c37d619c3e2fd3\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 65034 673f5afa510e0b6c9718ca2b0b1d8634\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 88118 4d16b24b0c8de073394fcd16efbd471b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 70886 7c57638b2967e79f0b35ed27baca2c5c\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 137092 88eac351aa4c04cabeb5004ba0488a89\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 148518 5c4bcb387e8ceae4642e955c9073b936\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 1448176 04dc34d8d656fdd5cabfd522a2862fcb\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 93040 696bfd471bba2b1f3cb7d5c0538068d0\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 464142 11481d506c939a4595c5d235768692e5\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 87422 41b6c7fb1aed7ddfd0732af69c393ee5\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 207106 86e5df0b876d7a0fc53ff75dffcced9e\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 64392 783c9e473eb37ca0368c9a52aa92d343\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 102218 548d6f447c103522fa6616dbea42e75a\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 184990 325f5322d631683068bc6ddc6af35940\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 64550 b6b3f9ad2c07f8f7597c484fc14315be\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 87292 bcdb18ceb438927ab77150be9c4176f9\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 70680 eb8483a9164d278a76774413d9660ddb\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 157362 3603a529157befb84af0edad2c3bb7dc\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 161722 7ba5b2cd8023ffb44230d435aad75f4c\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 1476674 1db714f8b53e25bdc2301cdfa99551bf\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 93054 82c6e84e63e5c5a561dfc55a5bbee018\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 494652 9251f6d55d90fbf9bb28ee930cef7aed\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 97626 05a2eef51dafed34f8689bde6d025d51\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 245924 2e85a1edc5ea735861525a91a37bcca6\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 70818 aa62de270b7d513cd8bd5831c63e4d20\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 111146 d4464357b86e371914cc23251c2c1780\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 204756 dd5364842f6604199e2d7698334771ff\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 67072 5144031c10eebd19c85b9bed8186b5a7\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 99180 54eca3303b1097ee902e2ef84f0220e7\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 77438 a18355513e1155b4dc997881878ce816\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 140558 5c0e1c57333b16f654ed94502e54d354\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 145012 bc16c76d7e202efb7f392185f9a34ecf\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 1337686 00ce5bdd2e53fd6059205375458ba917\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 93054 29490c704727e89faf1079f1b517606e\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 434466 9047f19cc6730c592a0f9ac99abd31e4\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 88702 55bf696f05f0d9b72b630d35422ed905\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 221790 bf2fb8e80cf389bee1a7b9edbcacb3d0\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 67822 4c2219ff77a59d8bcc8c78fb07e5b0e7\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 101378 d7720e20362e7870e6d205a924b7e486\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 184808 7d8827058a213b3216c16cfe15d26bf1\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 61274 1b5b021b7e019641010877555e99058d\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 92206 8baa9bba468967c26e6a2c87ffa8dfbb\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 73024 607a1edca12d6130393158fc82b86b28\n\n", sources: [ { db: "NVD", id: "CVE-2007-5902", }, { db: "JVNDB", id: "JVNDB-2007-004613", }, { db: "CNNVD", id: "CNNVD-200712-055", }, { db: "BID", id: "26750", }, { db: "VULHUB", id: "VHN-29264", }, { db: "PACKETSTORM", id: "89725", }, { db: "PACKETSTORM", id: "61598", }, { db: "PACKETSTORM", id: "88174", }, ], trust: 2.79, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2007-5902", trust: 3.1, }, { db: "BID", id: "26750", trust: 2, }, { db: "SECUNIA", id: "28636", trust: 1.7, }, { db: "SECUNIA", id: "29457", trust: 1.7, }, { db: "OSVDB", id: "44748", trust: 1.7, }, { db: "SECUNIA", id: "39290", trust: 1.1, }, { db: "SECUNIA", id: "39784", trust: 1.1, }, { db: "VUPEN", id: "ADV-2010-1192", trust: 1.1, }, { db: "JVNDB", id: "JVNDB-2007-004613", trust: 0.8, }, { db: "NSFOCUS", id: "11249", trust: 0.6, }, { db: "FULLDISC", id: "20071208 MIT KERBEROS 5: MULTIPLE VULNERABILITIES", trust: 0.6, }, { db: "FULLDISC", id: "20071208 VENUSTECH REPORTS OF MIT KRB5 VULNS [CVE-2007-5894 CVE-2007-5901 CVE-2007-5902 CVE-2007-5971 CVE-2007-5972]", trust: 0.6, }, { db: "SUSE", id: "SUSE-SR:2008:002", trust: 0.6, }, { db: "BUGTRAQ", id: "20080319 RPSA-2008-0112-1 KRB5 KRB5-SERVER KRB5-SERVICES KRB5-TEST KRB5-WORKSTATION", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-200712-055", trust: 0.6, }, { db: "PACKETSTORM", id: "89725", trust: 0.2, }, { db: "VULHUB", id: "VHN-29264", trust: 0.1, }, { db: "PACKETSTORM", id: "61598", trust: 0.1, }, { db: "PACKETSTORM", id: "88174", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-29264", }, { db: "BID", id: "26750", }, { db: "JVNDB", id: "JVNDB-2007-004613", }, { db: "PACKETSTORM", id: "89725", }, { db: "PACKETSTORM", id: "61598", }, { db: "PACKETSTORM", id: "88174", }, { db: "CNNVD", id: "CNNVD-200712-055", }, { db: "NVD", id: "CVE-2007-5902", }, ], }, id: "VAR-200712-0599", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-29264", }, ], trust: 0.01, }, last_update_date: "2024-07-23T19:39:21.599000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Kerberos", trust: 0.8, url: "http://web.mit.edu/kerberos/www/", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2007-004613", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-189", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-29264", }, { db: "JVNDB", id: "JVNDB-2007-004613", }, { db: "NVD", id: "CVE-2007-5902", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "http://seclists.org/fulldisclosure/2007/dec/0321.html", }, { trust: 2, url: "http://bugs.gentoo.org/show_bug.cgi?id=199214", }, { trust: 1.7, url: "http://www.securityfocus.com/bid/26750", }, { trust: 1.7, url: "http://wiki.rpath.com/advisories:rpsa-2008-0112", }, { trust: 1.7, url: "http://wiki.rpath.com/wiki/advisories:rpsa-2008-0112", }, { trust: 1.7, url: "https://issues.rpath.com/browse/rpl-2012", }, { trust: 1.7, url: "http://seclists.org/fulldisclosure/2007/dec/0176.html", }, { trust: 1.7, url: "http://osvdb.org/44748", }, { trust: 1.7, url: "http://secunia.com/advisories/28636", }, { trust: 1.7, url: "http://secunia.com/advisories/29457", }, { trust: 1.7, url: "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html", }, { trust: 1.1, url: "http://www.securityfocus.com/archive/1/489883/100/0/threaded", }, { trust: 1.1, url: "http://secunia.com/advisories/39290", }, { trust: 1.1, url: "http://secunia.com/advisories/39784", }, { trust: 1.1, url: "http://ubuntu.com/usn/usn-924-1", }, { trust: 1.1, url: "http://www.ubuntu.com/usn/usn-940-1", }, { trust: 1.1, url: "http://www.vupen.com/english/advisories/2010/1192", }, { trust: 0.9, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5902", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-5902", }, { trust: 0.6, url: "http://www.securityfocus.com/archive/1/archive/1/489883/100/0/threaded", }, { trust: 0.6, url: "http://www.nsfocus.net/vulndb/11249", }, { trust: 0.3, url: "http://bugs.gentoo.org/show_bug.cgi?id=199205", }, { trust: 0.3, url: "http://bugs.gentoo.org/show_bug.cgi?id=199211", }, { trust: 0.3, url: "http://bugs.gentoo.org/show_bug.cgi?id=199212", }, { trust: 0.3, url: "http://web.mit.edu/kerberos/", }, { trust: 0.3, url: "http://rhn.redhat.com/errata/rhsa-2008-0164.html", }, { trust: 0.3, url: "http://rhn.redhat.com/errata/rhsa-2008-0180.html", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5972", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5971", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5902", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1.orig.tar.gz", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5901", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.5.dsc", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.11.diff.gz", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.7dfsg~beta3-1ubuntu0.6.dsc", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.7dfsg~beta3-1ubuntu0.6_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-1321", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.7dfsg~beta3.orig.tar.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.4.diff.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.3~beta1-2ubuntu1.5_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.4.dsc", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-1320", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.5.diff.gz", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5ubuntu2.4_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-5ubuntu0.11_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.11.dsc", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.7dfsg~beta3-1ubuntu0.6.diff.gz", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3.orig.tar.gz", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5972", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5971", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5894", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5894", }, { trust: 0.1, url: "http://www.venustech.com.cn)", }, { trust: 0.1, url: "http://secunia.com/", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5901", }, { trust: 0.1, url: "http://lists.grok.org.uk/full-disclosure-charter.html", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.dsc", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-3ubuntu0.4_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.dsc", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-0629", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.diff.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.diff.gz", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.diff.gz", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.dsc", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.3~beta1-2ubuntu1.4_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5ubuntu2.3_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, ], sources: [ { db: "VULHUB", id: "VHN-29264", }, { db: "BID", id: "26750", }, { db: "JVNDB", id: "JVNDB-2007-004613", }, { db: "PACKETSTORM", id: "89725", }, { db: "PACKETSTORM", id: "61598", }, { db: "PACKETSTORM", id: "88174", }, { db: "CNNVD", id: "CNNVD-200712-055", }, { db: "NVD", id: "CVE-2007-5902", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-29264", }, { db: "BID", id: "26750", }, { db: "JVNDB", id: "JVNDB-2007-004613", }, { db: "PACKETSTORM", id: "89725", }, { db: "PACKETSTORM", id: "61598", }, { db: "PACKETSTORM", id: "88174", }, { db: "CNNVD", id: "CNNVD-200712-055", }, { db: "NVD", id: "CVE-2007-5902", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2007-12-06T00:00:00", db: "VULHUB", id: "VHN-29264", }, { date: "2007-12-06T00:00:00", db: "BID", id: "26750", }, { date: "2012-09-25T00:00:00", db: "JVNDB", id: "JVNDB-2007-004613", }, { date: "2010-05-20T02:48:24", db: "PACKETSTORM", id: "89725", }, { date: "2007-12-08T01:06:55", db: "PACKETSTORM", id: "61598", }, { date: "2010-04-07T22:25:37", db: "PACKETSTORM", id: "88174", }, { date: "2007-12-05T00:00:00", db: "CNNVD", id: "CNNVD-200712-055", }, { date: "2007-12-06T02:46:00", db: "NVD", id: "CVE-2007-5902", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-01-21T00:00:00", db: "VULHUB", id: "VHN-29264", }, { date: "2015-04-13T21:56:00", db: "BID", id: "26750", }, { date: "2012-09-25T00:00:00", db: "JVNDB", id: "JVNDB-2007-004613", }, { date: "2007-12-06T00:00:00", db: "CNNVD", id: "CNNVD-200712-055", }, { date: "2020-01-21T15:44:36.617000", db: "NVD", id: "CVE-2007-5902", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "89725", }, { db: "PACKETSTORM", id: "88174", }, { db: "CNNVD", id: "CNNVD-200712-055", }, ], trust: 0.8, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "MIT Kerberos Multiple Memory Corruption Vulnerabilities", sources: [ { db: "BID", id: "26750", }, { db: "CNNVD", id: "CNNVD-200712-055", }, ], trust: 0.9, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "digital error", sources: [ { db: "CNNVD", id: "CNNVD-200712-055", }, ], trust: 0.6, }, }
var-200108-0064
Vulnerability from variot
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. The telnetd program is a server for the telnet remote virtual terminal protocol. There is a remotely exploitable buffer overflow in telnet daemons derived from BSD source code. This vulnerability can crash the server, or be leveraged to gain root access. The function responsible for processing the options prepares a response within a fixed sized buffer, without performing any bounds checking. This vulnerability is now being actively exploited. A worm is known to be circulating around the Internet. Exposure:
Remote root compromise through buffer handling flaws
Confirmed vulnerable:
Up-to-date Debian 3.0 woody (issue is Debian-specific) Debian netkit-telnet-ssl-0.17.24+0.1 package Debian netkit-telnet-ssl-0.17.17+0.1 package
Mitigating factors:
Telnet service must be running and accessible to the attacker. Nowadays, telnet service presence on newly deployed Linux hosts is relatively low. The service is still used for LAN access from other unix platforms, and to host various non-shell services (such as MUDs).
Problem description:
Netkit telnetd implementation shipped with Debian Linux appears to be lacking the AYT vulnerability patch. This patch was devised by Red Hat (?) and incorporated into Debian packages, but later dropped.
This exposes the platform to a remote root problem discovered by scut of TESO back in 2001 (CVE-2001-0554), as well as to other currently unpublished flaws associated with the old buffer handling code, and elliminated by the Red Hat's overhaul of buffer handling routines.
Based on a review of package changelogs, my best guess is that the patch was accidentally dropped by Christoph Martin in December 2001, but I have not researched the matter any further.
Vendor response:
I have contacted Debian security staff on August 29, and received a confirmation of the problem from Matt Zimmerman shortly thereafter.
Since this is not a new flaw, I did not plan to release my own advisory, hoping they will release a DSA bulletin and fix the problem. Three weeks have passed, however, and Debian did not indicate any clear intent to release the information any time soon. They did release nine other advisories in the meantime, some of which were of lesser importance.
As such, I believe it is a good idea to bring the problem to public attention, particularly since those running telnetd were and are, unbeknownst to them, vulnerable to existing exploits.
Workaround:
Disable telnet service if not needed; manually apply Red Hat netkit patches, or compile the daemon from Red Hat sources.
Note that netkit as such is no longer maintained by the author, and hence obtaining the most recent source tarball (0.17) is NOT sufficient. You may also examine other less popular telnetd implementations, but be advised that almost all are heavily based on the original code, and not always up-to-date with security fixes for that codebase.
PS. Express your outrage: http://eprovisia.coredump.cx
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200108-0064", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "catalyst csx", scope: "eq", trust: 2.4, vendor: "cisco", version: "60005.3", }, { model: "aix", scope: "eq", trust: 2.1, vendor: "ibm", version: "4.3", }, { model: "aix", scope: "eq", trust: 2.1, vendor: "ibm", version: "5.1", }, { model: "netbsd", scope: "eq", trust: 1.9, vendor: "netbsd", version: "1.3.2", }, { model: "netbsd", scope: "eq", trust: 1.9, vendor: "netbsd", version: "1.3.1", }, { model: "netbsd", scope: "eq", trust: 1.9, vendor: "netbsd", version: "1.2", }, { model: "vpn concentrator", scope: "eq", trust: 1.5, vendor: "cisco", version: "30002.5.2", }, { model: "solaris", scope: "eq", trust: 1.3, vendor: "sun", version: "2.6", }, { model: "irix", scope: "eq", trust: 1.3, vendor: "sgi", version: "6.5", }, { model: "openbsd", scope: "eq", trust: 1.3, vendor: "openbsd", version: "2.8", }, { model: "openbsd", scope: "eq", trust: 1.3, vendor: "openbsd", version: "2.7", }, { model: "openbsd", scope: "eq", trust: 1.3, vendor: "openbsd", version: "2.6", }, { model: "openbsd", scope: "eq", trust: 1.3, vendor: "openbsd", version: "2.5", }, { model: "openbsd", scope: "eq", trust: 1.3, vendor: "openbsd", version: "2.4", }, { model: "openbsd", scope: "eq", trust: 1.3, vendor: "openbsd", version: "2.3", }, { model: "openbsd", scope: "eq", trust: 1.3, vendor: "openbsd", version: "2.2", }, { model: "openbsd", scope: "eq", trust: 1.3, vendor: "openbsd", version: "2.1", }, { model: "openbsd", scope: "eq", trust: 1.3, vendor: "openbsd", version: "2.0", }, { model: "linux netkit", scope: "eq", trust: 1.3, vendor: "netkit", version: "0.12", }, { model: "linux netkit", scope: "eq", trust: 1.3, vendor: "netkit", version: "0.11", }, { model: "linux netkit", scope: "eq", trust: 1.3, vendor: "netkit", version: "0.10", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.5.1", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.5", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.4.3", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.4.2", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.4.1", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.4", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.3.3", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.3", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.2.1", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.1", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.0", }, { model: "aix", scope: "eq", trust: 1.3, vendor: "ibm", version: "4.3.3", }, { model: "aix", scope: "eq", trust: 1.3, vendor: "ibm", version: "4.3.2", }, { model: "aix", scope: "eq", trust: 1.3, vendor: "ibm", version: "4.3.1", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "4.3", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.1.0", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.1", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.1.7.1", }, { model: "sunos", scope: "eq", trust: 1, vendor: "sun", version: "5.5", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.2.4", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "3.4", }, { model: "sunos", scope: "eq", trust: 1, vendor: "sun", version: "5.0", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "3.0", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.2", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "2.2", }, { model: "kerberos", scope: "eq", trust: 1, vendor: "mit", version: "1.0", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.2.2", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.2.3", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.2.2", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.2.6", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "4.1.1", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "3.5", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.0.1", }, { model: "sunos", scope: "eq", trust: 1, vendor: "sun", version: "5.8", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.2.5", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "4.2", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "3.1", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.2.1", }, { model: "sunos", scope: "eq", trust: 1, vendor: "sun", version: "5.5.1", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.2.7", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "4.0", }, { model: "sunos", scope: "eq", trust: 1, vendor: "sun", version: "5.7", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.1.1", }, { model: "sunos", scope: "eq", trust: 1, vendor: "sun", version: "5.2", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.1.6.1", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "4.1", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.0", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.2", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "3.3", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.1.6", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "3.5.1", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.1.5", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.0.5", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.2.8", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.1.7", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.1", }, { model: "sunos", scope: "eq", trust: 1, vendor: "sun", version: "5.4", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "3.2", }, { model: "sunos", scope: "eq", trust: 1, vendor: "sun", version: "5.3", }, { model: "sunos", scope: "eq", trust: 1, vendor: "sun", version: "5.1", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.2.1", }, { model: "solaris", scope: "eq", trust: 0.9, vendor: "sun", version: "7.0", }, { model: "catalyst", scope: "eq", trust: 0.9, vendor: "cisco", version: "60006.1", }, { model: "catalyst", scope: "eq", trust: 0.9, vendor: "cisco", version: "60005.5", }, { model: "catalyst", scope: "eq", trust: 0.9, vendor: "cisco", version: "50006.1", }, { model: "catalyst", scope: "eq", trust: 0.9, vendor: "cisco", version: "40006.1", }, { model: "catalyst", scope: "eq", trust: 0.9, vendor: "cisco", version: "40005.1", }, { model: null, scope: null, trust: 0.8, vendor: "apple", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "bsdi", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "caldera", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "conectiva", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "cray", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "debian", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "freebsd", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "hewlett packard", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "ibm", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "mit kerberos team", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "netbsd", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "openbsd", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "redhat", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "sgi", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "suse", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "sun", version: null, }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "2.5.1 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "2.5.1 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "2.6 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "2.6 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "7.0 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "7.0 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "8 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "8 (x86)", }, { model: "hp-ux", scope: "eq", trust: 0.8, vendor: "hewlett packard", version: "10.01", }, { model: "hp-ux", scope: "eq", trust: 0.8, vendor: "hewlett packard", version: "10.10", }, { model: "hp-ux", scope: "eq", trust: 0.8, vendor: "hewlett packard", version: "10.20", }, { model: "hp-ux", scope: "eq", trust: 0.8, vendor: "hewlett packard", version: "10.24", }, { model: "linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "5.2", }, { model: "linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "6.2", }, { model: "linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "7.0", }, { model: "linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "7.1", }, { model: "vpn concentrator", scope: "eq", trust: 0.6, vendor: "cisco", version: "30003.0.3", }, { model: "catalyst", scope: "eq", trust: 0.6, vendor: "cisco", version: "50005.1", }, { model: "catalyst", scope: "eq", trust: 0.6, vendor: "cisco", version: "40005.5", }, { model: "catalyst", scope: "eq", trust: 0.6, vendor: "cisco", version: "40005.2", }, { model: "solaris", scope: "eq", trust: 0.6, vendor: "sun", version: "8.0", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "2.5.1", }, { model: "solaris 8 sparc", scope: null, trust: 0.3, vendor: "sun", version: null, }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "2.5", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "2.4", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "2.3", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "2.2", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "2.1", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "2.0", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.13", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.12", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.11", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.10", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.9", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.8", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.7", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.6", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.5", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.4", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.3", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.2", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.1", }, { model: "open server", scope: "eq", trust: 0.3, vendor: "sco", version: "5.0.6", }, { model: "open server", scope: "eq", trust: 0.3, vendor: "sco", version: "5.0.5", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.17", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.16", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.14", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.1.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0", }, { model: "secure os software for linux", scope: "eq", trust: 0.3, vendor: "hp", version: "1.0", }, { model: "hp-ux", scope: "eq", trust: 0.3, vendor: "hp", version: "10.24", }, { model: "hp-ux sis", scope: "eq", trust: 0.3, vendor: "hp", version: "10.20", }, { model: "hp-ux", scope: "eq", trust: 0.3, vendor: "hp", version: "10.20", }, { model: "hp-ux", scope: "eq", trust: 0.3, vendor: "hp", version: "10.10", }, { model: "hp-ux", scope: "eq", trust: 0.3, vendor: "hp", version: "10.01", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.3", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.3", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.2", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.2", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.1.1", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.1.1", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.0.x", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "3.5.1", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "3.5.1", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "3.x", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "2.x", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux s/390", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux mipsel", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux mips", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux m68k", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux ia-64", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux ia-32", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux hppa", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux arm", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux alpha", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "vpn concentrator", scope: "eq", trust: 0.3, vendor: "cisco", version: "30003.0", }, { model: "vpn concentrator", scope: "eq", trust: 0.3, vendor: "cisco", version: "30002.0", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60007.1", }, { model: "catalyst pan", scope: "eq", trust: 0.3, vendor: "cisco", version: "60006.3", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60006.2(0.111)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60006.2(0.110)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60006.1(2.13)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60006.1(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60005.5(4)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60005.5(3)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60005.5(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60005.5(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60005.4.1", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60005.4(4)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60005.4(3)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60005.4(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60005.4(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60005.4", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50006.1(3)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50006.1(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50006.1(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.5(7)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.5(6)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.5", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.5(4)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.5(3)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.5(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.5(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.4.1", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.4(4)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.4(3)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.4(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.4(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.2(4)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.2(3)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.2(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.2(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.2", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.1(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(9)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(8)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(7)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(6)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(5)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(4)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(3)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(12)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(11)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(10)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40007.1", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40006.1(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.5(4)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.5(3)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.5(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.5(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.4.1", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.4(3)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.4(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.4(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.4", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.2(7)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.2(6)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.2(5)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.2(4)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.2(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.2(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.1(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40004.5(9)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40004.5(8)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40004.5(7)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40004.5(6)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40004.5(5)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40004.5", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40004.5(4)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40004.5(3)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40004.5(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40004.5(10)", }, { model: "bsd/os", scope: "eq", trust: 0.3, vendor: "bsdi", version: "4.2", }, { model: "bsd/os", scope: "eq", trust: 0.3, vendor: "bsdi", version: "4.1", }, { model: "bsd/os", scope: "eq", trust: 0.3, vendor: "bsdi", version: "4.0.1", }, { model: "bsd/os", scope: "eq", trust: 0.3, vendor: "bsdi", version: "4.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0", }, { model: "openbsd", scope: "ne", trust: 0.3, vendor: "openbsd", version: "2.9", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.6.1", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.6", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.5.5", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.5.4", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.5.3", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.5.2", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.5.1", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.5", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.1.4", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.1.2", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.1.1", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.1", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.0.4", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "8500", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "60007.1(2)", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "60006.3(4)", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "60005.5(13)", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "50006.3(4)", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "50005.5(13)", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "50004.5", }, { model: "catalyst 4908g-l3", scope: "ne", trust: 0.3, vendor: "cisco", version: null, }, { model: "catalyst 4840g", scope: "ne", trust: 0.3, vendor: "cisco", version: null, }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "4800", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "4200", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "40007.1(2)", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "40006.3(4)", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "40005.5(13)", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "3900", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "3550", }, { model: "catalyst xl", scope: "ne", trust: 0.3, vendor: "cisco", version: "3500", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "2950", }, { model: "catalyst 2948g-l3", scope: "ne", trust: 0.3, vendor: "cisco", version: null, }, { model: "catalyst xl", scope: "ne", trust: 0.3, vendor: "cisco", version: "2900", }, { model: "catalyst lre xl", scope: "ne", trust: 0.3, vendor: "cisco", version: "2900", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "2820", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "2800", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "1900", }, { model: "mac os", scope: "ne", trust: 0.3, vendor: "apple", version: "x10.1", }, ], sources: [ { db: "CERT/CC", id: "VU#745371", }, { db: "BID", id: "3064", }, { db: "JVNDB", id: "JVNDB-2001-000115", }, { db: "NVD", id: "CVE-2001-0554", }, { db: "CNNVD", id: "CNNVD-200108-082", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:netkit:linux_netkit:0.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netkit:linux_netkit:0.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos:1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netkit:linux_netkit:0.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.0.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.1:stable:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.1.6.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.1.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.2:current:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.2.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.2.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.0:releng:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.5:stable:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.5.1:release:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.5.1:stable:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:4.0:alpha:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:4.0:releng:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:ibm:aix:4.3.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sun:sunos:5.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sun:sunos:5.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sun:sunos:5.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2001-0554", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "TESO Security Advisory", sources: [ { db: "CNNVD", id: "CNNVD-200108-082", }, ], trust: 0.6, }, cve: "CVE-2001-0554", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Complete", baseScore: 10, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2001-0554", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2001-0554", trust: 1.8, value: "HIGH", }, { author: "CARNEGIE MELLON", id: "VU#745371", trust: 0.8, value: "74.81", }, { author: "CNNVD", id: "CNNVD-200108-082", trust: 0.6, value: "CRITICAL", }, { author: "VULMON", id: "CVE-2001-0554", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CERT/CC", id: "VU#745371", }, { db: "VULMON", id: "CVE-2001-0554", }, { db: "JVNDB", id: "JVNDB-2001-000115", }, { db: "NVD", id: "CVE-2001-0554", }, { db: "CNNVD", id: "CNNVD-200108-082", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. The telnetd program is a server for the telnet remote virtual terminal protocol. There is a remotely exploitable buffer overflow in telnet daemons derived from BSD source code. This vulnerability can crash the server, or be leveraged to gain root access. The function responsible for processing the options prepares a response within a fixed sized buffer, without performing any bounds checking. \nThis vulnerability is now being actively exploited. A worm is known to be circulating around the Internet. \nExposure:\n\n Remote root compromise through buffer handling flaws\n\nConfirmed vulnerable:\n\n Up-to-date Debian 3.0 woody (issue is Debian-specific)\n Debian netkit-telnet-ssl-0.17.24+0.1 package\n Debian netkit-telnet-ssl-0.17.17+0.1 package\n\nMitigating factors:\n\n Telnet service must be running and accessible to the attacker. \n Nowadays, telnet service presence on newly deployed Linux hosts is\n relatively low. The service is still used for LAN access from other unix\n platforms, and to host various non-shell services (such as MUDs). \n\nProblem description:\n\n Netkit telnetd implementation shipped with Debian Linux appears to be\n lacking the AYT vulnerability patch. This patch was devised by Red Hat\n (?) and incorporated into Debian packages, but later dropped. \n\n This exposes the platform to a remote root problem discovered by scut of\n TESO back in 2001 (CVE-2001-0554), as well as to other currently\n unpublished flaws associated with the old buffer handling code, and\n elliminated by the Red Hat's overhaul of buffer handling routines. \n\n Based on a review of package changelogs, my best guess is that the patch\n was accidentally dropped by Christoph Martin in December 2001, but I\n have not researched the matter any further. \n\nVendor response:\n\n I have contacted Debian security staff on August 29, and received a\n confirmation of the problem from Matt Zimmerman shortly thereafter. \n\n Since this is not a new flaw, I did not plan to release my own advisory,\n hoping they will release a DSA bulletin and fix the problem. Three weeks\n have passed, however, and Debian did not indicate any clear intent to\n release the information any time soon. They did release nine other\n advisories in the meantime, some of which were of lesser importance. \n\n As such, I believe it is a good idea to bring the problem to public\n attention, particularly since those running telnetd were and are,\n unbeknownst to them, vulnerable to existing exploits. \n\nWorkaround:\n\n Disable telnet service if not needed; manually apply Red Hat\n netkit patches, or compile the daemon from Red Hat sources. \n\n Note that netkit as such is no longer maintained by the author, and\n hence obtaining the most recent source tarball (0.17) is NOT\n sufficient. You may also examine other less popular telnetd\n implementations, but be advised that almost all are heavily based on the\n original code, and not always up-to-date with security fixes for that\n codebase. \n\n\nPS. Express your outrage: http://eprovisia.coredump.cx", sources: [ { db: "NVD", id: "CVE-2001-0554", }, { db: "CERT/CC", id: "VU#745371", }, { db: "JVNDB", id: "JVNDB-2001-000115", }, { db: "BID", id: "3064", }, { db: "VULMON", id: "CVE-2001-0554", }, { db: "PACKETSTORM", id: "34414", }, ], trust: 2.79, }, exploit_availability: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { reference: "https://vulmon.com/exploitdetails?qidtp=exploitdb&qid=21018", trust: 0.1, type: "exploit", }, ], sources: [ { db: "VULMON", id: "CVE-2001-0554", }, ], }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "BID", id: "3064", trust: 2.8, }, { db: "NVD", id: "CVE-2001-0554", trust: 2.6, }, { db: "OSVDB", id: "809", trust: 1.7, }, { db: "CERT/CC", id: "VU#745371", trust: 0.9, }, { db: "JVNDB", id: "JVNDB-2001-000115", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-200108-082", trust: 0.6, }, { db: "EXPLOIT-DB", id: "21018", trust: 0.1, }, { db: "VULMON", id: "CVE-2001-0554", trust: 0.1, }, { db: "PACKETSTORM", id: "34414", trust: 0.1, }, ], sources: [ { db: "CERT/CC", id: "VU#745371", }, { db: "VULMON", id: "CVE-2001-0554", }, { db: "BID", id: "3064", }, { db: "JVNDB", id: "JVNDB-2001-000115", }, { db: "PACKETSTORM", id: "34414", }, { db: "NVD", id: "CVE-2001-0554", }, { db: "CNNVD", id: "CNNVD-200108-082", }, ], }, id: "VAR-200108-0064", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.3056849, }, last_update_date: "2023-12-18T13:21:23.131000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Top Page", trust: 0.8, url: "http://www.ibm.com/jp/", }, { title: "Debian Security Advisories: DSA-075-1 netkit-telnet-ssl -- remote exploit", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=a05118c557d210031007d9bc57bfeb01", }, { title: "Cisco: Cisco VPN 3000 Concentrator Multiple Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20020903-vpn3k-vulnerability", }, { title: "Cisco: Cisco CatOS Telnet Buffer Vulnerability", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20020129-catos-telrcv", }, { title: "git-and-crumpets", trust: 0.1, url: "https://github.com/siddicky/git-and-crumpets ", }, { title: "DC-4-Vulnhub-Walkthrough", trust: 0.1, url: "https://github.com/vshaliii/dc-4-vulnhub-walkthrough ", }, { title: "DC-2-Vulnhub-Walkthrough", trust: 0.1, url: "https://github.com/vshaliii/dc-2-vulnhub-walkthrough ", }, { title: "DC-1-Vulnhub-Walkthrough", trust: 0.1, url: "https://github.com/vshaliii/dc-1-vulnhub-walkthrough ", }, { title: "Basic-Pentesting-2", trust: 0.1, url: "https://github.com/vshaliii/basic-pentesting-2 ", }, ], sources: [ { db: "VULMON", id: "CVE-2001-0554", }, { db: "JVNDB", id: "JVNDB-2001-000115", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-120", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2001-0554", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.8, url: "http://www.cert.org/advisories/ca-2001-21.html", }, { trust: 2.5, url: "http://www.securityfocus.com/bid/3064", }, { trust: 2, url: "http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml", }, { trust: 1.9, url: "ftp://ftp.freebsd.org/pub/freebsd/cert/advisories/freebsd-sa-01:49.telnetd.asc", }, { trust: 1.7, url: "http://www.securityfocus.com/archive/1/197804", }, { trust: 1.7, url: "http://online.securityfocus.com/archive/1/199496", }, { trust: 1.7, url: "http://online.securityfocus.com/archive/1/203000", }, { trust: 1.7, url: "http://online.securityfocus.com/archive/1/199541", }, { trust: 1.7, url: "http://www.ciac.org/ciac/bulletins/l-131.shtml", }, { trust: 1.7, url: "http://www.calderasystems.com/support/security/advisories/cssa-2001-030.0.txt", }, { trust: 1.7, url: "http://ftp.support.compaq.com/patches/.new/html/ssrt0745u.shtml", }, { trust: 1.7, url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413", }, { trust: 1.7, url: "http://www.debian.org/security/2001/dsa-070", }, { trust: 1.7, url: "http://www.debian.org/security/2001/dsa-075", }, { trust: 1.7, url: "http://archives.neohapsis.com/archives/hp/2001-q4/0014.html", }, { trust: 1.7, url: "http://online.securityfocus.com/advisories/3476", }, { trust: 1.7, url: "http://www.linux-mandrake.com/en/security/2001/mdksa-2001-068.php3", }, { trust: 1.7, url: "http://www.redhat.com/support/errata/rhsa-2001-099.html", }, { trust: 1.7, url: "http://www.redhat.com/support/errata/rhsa-2001-100.html", }, { trust: 1.7, url: "http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.html", }, { trust: 1.7, url: "http://www.osvdb.org/809", }, { trust: 1.7, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/6875", }, { trust: 1.1, url: "ftp://stage.caldera.com/pub/security/openserver/cssa-2001-sco.10/cssa-2001-sco.10.txt", }, { trust: 1.1, url: "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2001-012.txt.asc", }, { trust: 1.1, url: "ftp://patches.sgi.com/support/free/security/advisories/20010801-01-p", }, { trust: 0.8, url: "http://www.team-teso.net/advisories/teso-advisory-011.tar.gz", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2001-0554", }, { trust: 0.8, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2001-0554", }, { trust: 0.3, url: "/archive/1/375743", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/.html", }, { trust: 0.1, url: "https://www.debian.org/security/./dsa-075", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://www.exploit-db.com/exploits/21018/", }, { trust: 0.1, url: "https://www.kb.cert.org/vuls/id/745371", }, { trust: 0.1, url: "http://eprovisia.coredump.cx.", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2001-0554", }, ], sources: [ { db: "CERT/CC", id: "VU#745371", }, { db: "VULMON", id: "CVE-2001-0554", }, { db: "BID", id: "3064", }, { db: "JVNDB", id: "JVNDB-2001-000115", }, { db: "PACKETSTORM", id: "34414", }, { db: "NVD", id: "CVE-2001-0554", }, { db: "CNNVD", id: "CNNVD-200108-082", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CERT/CC", id: "VU#745371", }, { db: "VULMON", id: "CVE-2001-0554", }, { db: "BID", id: "3064", }, { db: "JVNDB", id: "JVNDB-2001-000115", }, { db: "PACKETSTORM", id: "34414", }, { db: "NVD", id: "CVE-2001-0554", }, { db: "CNNVD", id: "CNNVD-200108-082", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2001-07-24T00:00:00", db: "CERT/CC", id: "VU#745371", }, { date: "2001-08-14T00:00:00", db: "VULMON", id: "CVE-2001-0554", }, { date: "2001-07-18T00:00:00", db: "BID", id: "3064", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2001-000115", }, { date: "2004-09-21T08:00:52", db: "PACKETSTORM", id: "34414", }, { date: "2001-08-14T04:00:00", db: "NVD", id: "CVE-2001-0554", }, { date: "2001-07-18T00:00:00", db: "CNNVD", id: "CNNVD-200108-082", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2002-04-16T00:00:00", db: "CERT/CC", id: "VU#745371", }, { date: "2020-01-21T00:00:00", db: "VULMON", id: "CVE-2001-0554", }, { date: "2001-07-18T00:00:00", db: "BID", id: "3064", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2001-000115", }, { date: "2022-01-21T14:48:42.473000", db: "NVD", id: "CVE-2001-0554", }, { date: "2022-01-24T00:00:00", db: "CNNVD", id: "CNNVD-200108-082", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "34414", }, { db: "CNNVD", id: "CNNVD-200108-082", }, ], trust: 0.7, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vendor telnet daemons vulnerable to buffer overflow via crafted protocol options", sources: [ { db: "CERT/CC", id: "VU#745371", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-200108-082", }, ], trust: 0.6, }, }
var-200712-0604
Vulnerability from variot
Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. Vulnerabilities in the MIT Kerberos libgssrpc library may allow an attacker to cause a denial of service or potentially execute arbitrary code. Kerberos是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等。MIT Kerberos 5(又名krb5)是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等. Kerberos的实现上存在多个内存破坏漏洞,远程攻击者可能利用这些漏洞导致服务程序崩溃. gssftp的ftpd是Kerberos加密的FTP服务器,可通过Kerberos 5认证。在ftpd.c的reply()函数中存在未初始化的指针: void reply(int n, char fmt, ...) { ... (1) int length, kerror; <---- declared length without initializer if (n) sprintf(in, \"\%d\%c\", n, cont_char); else in[0] = \'\'\0\'\'; strncat(in, buf, sizeof (in) - strlen(in) - 1); #ifdef KRB5_KRB4_COMPAT if (strcmp(auth_type, \"KERBEROS_V4\") == 0) { if (clevel == PROT_P) length = krb_mk_priv((unsigned char )in, (unsigned char )out, strlen(in), schedule, &kdata.session, &ctrl_addr, &his_addr); else length = krb_mk_safe((unsigned char )in, (unsigned char )out, strlen(in), &kdata.session, &ctrl_addr, &his_addr); if (length == -1) { syslog(LOG_ERR, \"krb_mk_\%s failed for KERBEROS_V4\", clevel == PROT_P ? \"priv\" : \"safe\"); fputs(in,stdout); } } else #endif / KRB5_KRB4_COMPAT / #ifdef GSSAPI / reply (based on level) / if (strcmp(auth_type, \"GSSAPI\") == 0) { gss_buffer_desc in_buf, out_buf; OM_uint32 maj_stat, min_stat; int conf_state; in_buf.value = in; in_buf.length = strlen(in); maj_stat = gss_seal(&min_stat, gcontext, clevel == PROT_P, / private / GSS_C_QOP_DEFAULT, &in_buf, &conf_state, &out_buf); if (maj_stat != GSS_S_COMPLETE) { #if 0 / Don\'\'t setup an infinite loop / / generally need to deal / secure_gss_error(maj_stat, min_stat, (clevel==PROT_P)? \"gss_seal ENC didn\'\'t complete\": \"gss_seal MIC didn\'\'t complete\"); #endif / 0 / } else if ((clevel == PROT_P) && !conf_state) { #if 0 / Don\'\'t setup an infinite loop / secure_error(\"GSSAPI didn\'\'t encrypt message\"); #endif / 0 / } else { memcpy(out, out_buf.value, length=out_buf.length); gss_release_buffer(&min_stat, &out_buf); } } #endif / GSSAPI / / Othe. These issues include a use-after-free vulnerability, an integer-overflow vulnerability, and two double-free vulnerabilities. It adopts a client/server structure, and both the client and the server can authenticate each other (that is, double verification), which can prevent eavesdropping and replay attack, etc. ), which can prevent eavesdropping, prevent replay attacks, etc. gssftp's ftpd is a Kerberos-encrypted FTP server that can pass Kerberos 5 authentication.
A flaw was discovered in how the Kerberos krb5kdc handled Kerberos v4 protocol packets.
This issue only affects krb5kdc when it has Kerberos v4 protocol compatibility enabled, which is a compiled-in default in all Kerberos versions that Mandriva Linux ships prior to Mandriva Linux 2008.0.
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt
Updated Packages:
Mandriva Linux 2007.1: 64c3f5c31177dcacc99b021ec6ed1271 2007.1/i586/ftp-client-krb5-1.5.2-6.6mdv2007.1.i586.rpm 11b4194bc9edba8c0951e44660ba9955 2007.1/i586/ftp-server-krb5-1.5.2-6.6mdv2007.1.i586.rpm 23794e6e0cb1d46a329c42a04f672c5f 2007.1/i586/krb5-server-1.5.2-6.6mdv2007.1.i586.rpm 0fbb29bd81c8452d937d30fbbda62242 2007.1/i586/krb5-workstation-1.5.2-6.6mdv2007.1.i586.rpm 8f4eea60bf4ea3bfc776f1c117ceb26d 2007.1/i586/libkrb53-1.5.2-6.6mdv2007.1.i586.rpm fd5b1da0a056d995011d2b1a692e4292 2007.1/i586/libkrb53-devel-1.5.2-6.6mdv2007.1.i586.rpm ca79ccbe3f286b9069f0ae028d9816f7 2007.1/i586/telnet-client-krb5-1.5.2-6.6mdv2007.1.i586.rpm 8a7c84f1fe1bbb5338723f28d12a9f21 2007.1/i586/telnet-server-krb5-1.5.2-6.6mdv2007.1.i586.rpm 22830790ad7715479b7d4fbecc6c1e7f 2007.1/SRPMS/krb5-1.5.2-6.6mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: fc02060b7c1da08c33952e6c14fb5627 2007.1/x86_64/ftp-client-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm 513fca34bdd1f2a5643a8e6adeb62e0e 2007.1/x86_64/ftp-server-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm 4f42d639753a885212e6d62bfe84a121 2007.1/x86_64/krb5-server-1.5.2-6.6mdv2007.1.x86_64.rpm 6b2ca028321fb08199be20a4aedef4a0 2007.1/x86_64/krb5-workstation-1.5.2-6.6mdv2007.1.x86_64.rpm 4d453dc2a579e74e29dfc052197fedc1 2007.1/x86_64/lib64krb53-1.5.2-6.6mdv2007.1.x86_64.rpm b22d9f1b515df1a5270d2d4c373b7dd3 2007.1/x86_64/lib64krb53-devel-1.5.2-6.6mdv2007.1.x86_64.rpm 21b245649de9e38e43782bd1a18922a7 2007.1/x86_64/telnet-client-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm 1322374ab1c15b5c1392ee4ae5f915e7 2007.1/x86_64/telnet-server-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm 22830790ad7715479b7d4fbecc6c1e7f 2007.1/SRPMS/krb5-1.5.2-6.6mdv2007.1.src.rpm
Mandriva Linux 2008.0: 3ee5a309927b830bf8559a872161384b 2008.0/i586/ftp-client-krb5-1.6.2-7.1mdv2008.0.i586.rpm 1835baa43ab27aac2493dc7821bafa8a 2008.0/i586/ftp-server-krb5-1.6.2-7.1mdv2008.0.i586.rpm 5e8369c201ac4678a7bc46590107e45f 2008.0/i586/krb5-1.6.2-7.1mdv2008.0.i586.rpm 94277e76faf2b75553c2e6250e428a43 2008.0/i586/krb5-server-1.6.2-7.1mdv2008.0.i586.rpm 695d5b85347b906401433fa55177be1a 2008.0/i586/krb5-workstation-1.6.2-7.1mdv2008.0.i586.rpm 4696cbae0ce644c265b74ff4ce59a865 2008.0/i586/libkrb53-1.6.2-7.1mdv2008.0.i586.rpm cc8122a1c6a3449fc41d3022bbdffeb2 2008.0/i586/libkrb53-devel-1.6.2-7.1mdv2008.0.i586.rpm d5e75835b35e81a3f7d038e501dabd1c 2008.0/i586/telnet-client-krb5-1.6.2-7.1mdv2008.0.i586.rpm 072b5ba782fbd1659ed8bde15bd11b5a 2008.0/i586/telnet-server-krb5-1.6.2-7.1mdv2008.0.i586.rpm cfd133fde8cc72b038ea61dc94405701 2008.0/SRPMS/krb5-1.6.2-7.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 7a8c1c390b1d1a0b2a8fe28e8fb6a458 2008.0/x86_64/ftp-client-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm 9b312bd49bd858d00d00ec299866a275 2008.0/x86_64/ftp-server-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm 19f7d0590227c4cc636ee5528db8027a 2008.0/x86_64/krb5-1.6.2-7.1mdv2008.0.x86_64.rpm 6a84bc19cb8e32f7331ce4c1ed36dc9d 2008.0/x86_64/krb5-server-1.6.2-7.1mdv2008.0.x86_64.rpm dabaf97b9b36316dc2b69e9edc953793 2008.0/x86_64/krb5-workstation-1.6.2-7.1mdv2008.0.x86_64.rpm 2810bbed78b7480ff48b021a798cb5a1 2008.0/x86_64/lib64krb53-1.6.2-7.1mdv2008.0.x86_64.rpm 734b018e6b05204767d07a7d53ef2c3c 2008.0/x86_64/lib64krb53-devel-1.6.2-7.1mdv2008.0.x86_64.rpm 787fb5ea70eff84b91eea5d68c1e956d 2008.0/x86_64/telnet-client-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm d6224c005bc7c818c117e3fc61643840 2008.0/x86_64/telnet-server-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm cfd133fde8cc72b038ea61dc94405701 2008.0/SRPMS/krb5-1.6.2-7.1mdv2008.0.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (GNU/Linux)
iD8DBQFH4WG/mqjQ0CJFipgRAom/AKDt3NL//QdT6Aw4zm4Ok/TlQjpNLQCeJ2qJ Hsy0RD3h2ilxoUTodKz7J5k= =y37y -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it.
I.
II.
III. Solution
Install updates from your vendor
Check with your vendors for patches or updates. For information about a vendor, please see the systems affected section in vulnerability notes VU#895609 and VU#374121 or contact your vendor directly. Administrators who compile MIT Kerberos from source should refer to MIT Security Advisory 2008-002 for more information.
IV. References
-
US-CERT Vulnerability Note VU#895609 - http://www.kb.cert.org/vuls/id/895609
-
US-CERT Vulnerability Note VU#374121 - http://www.kb.cert.org/vuls/id/374121
-
MIT krb5 Security Advisory 2008-002 - http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt2
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA08-079B.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA08-079B Feedback VU#895609" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2008 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
March 19, 2008: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBR+E+pPRFkHkM87XOAQK1jwf/ZDEomMLCZvsmN7KVXa0Il5PqXlfRvG2Y jdWPUCi92qmgvm8LdqoNgAUxnUGYzCHLQzw8ebmnz37AMigDNsYIzFHStgnoJDVi iK6UGC6gHLnGJFuG+otEC9jZaVeIiUbKddB2+vzvmDWLnvIsyxzmHf6lJe0IrZlH ho/cCgpfRctgZHM5Ke+pPPqMjZZ7u0OUQnM7MIcSsZbKxw8x2CyUpaSiheMDhf8p 8JGyx+nkyvZoja6Ee4WCRq3xtVaUlp/sg8IZYY5nav2VuSh15rJXLJCWDBXUU+oV aAXPa2JEx5Cn3S0CFz8SIJ4NoLUp09usVMFyeNd57FMBKRjTAC/DBw== =4wkz -----END PGP SIGNATURE----- .
Background
MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. kadmind is the MIT Kerberos 5 administration daemon, KDC is the Key Distribution Center.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-crypt/mit-krb5 < 1.6.3-r1 >= 1.6.3-r1
Description
-
Two vulnerabilities were found in the Kerberos 4 support in KDC: A global variable is not set for some incoming message types, leading to a NULL pointer dereference or a double free() (CVE-2008-0062) and unused portions of a buffer are not properly cleared when generating an error message, which results in stack content being contained in a reply (CVE-2008-0063).
-
Jeff Altman (Secure Endpoints) discovered a buffer overflow in the RPC library server code, used in the kadmin server, caused when too many file descriptors are opened (CVE-2008-0947). These bugs can only be triggered when Kerberos 4 support is enabled. This bug can only be triggered in configurations that allow large numbers of open file descriptors in a process.
Workaround
Kerberos 4 support can be disabled via disabling the "krb4" USE flag and recompiling the ebuild, or setting "v4_mode=none" in the [kdcdefaults] section of /etc/krb5/kdc.conf. This will only work around the KDC related vulnerabilities.
Resolution
All MIT Kerberos 5 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-crypt/mit-krb5-1.6.3-r1"
References
[ 1 ] CVE-2007-5901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894 [ 2 ] CVE-2007-5971 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971 [ 3 ] CVE-2008-0062 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062 [ 4 ] CVE-2008-0063 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063 [ 5 ] CVE-2008-0947 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200803-31.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . (Only Ubuntu 6.06 LTS was affected.) (CVE-2007-5902, CVE-2007-5971, CVE-2007-5972)
Joel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos did not correctly verify certain packet structures.
Description
A uninitialized vulnerability (CVE-2007-5894)in function reply() in
ftpd.c. A dereferencing vulnerability(CVE-2007-5901) in gssapi lib in function gss_indicate_mechs(mi norStatus, mechSet) in g_initialize.c and a integer overflow vunerability(CVE-2007-5902) in rpc lib in function svcauth_gss_get_principal in svc_auth_gss.c.
Impact
Reading uninitialized variables can result in unpredictable behavior, crashes, or security holes. Dereferencing,integer overflow and double free may cause instability and potentially crash.
References
[ 1 ] CVE-2007-5894 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894 [ 2 ] CVE-2007-5901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901 [ 3 ] CVE-2007-5902 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5902 [ 4 ] CVE-2007-5971 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971 [ 5 ] CVE-2007-5972 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5972
III.CREDIT:
Venustech AD-LAB discovery this vuln. Thank to all Venustech AD-Lab
guys.
V.DISCLAIMS:
The information in this bulletin is provided "AS IS" without warranty of any kind. In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
Copyright 1996-2007 VENUSTECH. All Rights Reserved. Terms of use.
VENUSTECH Security Lab VENUSTECH INFORMATION TECHNOLOGY CO.,LTD(http://www.venustech.com.cn)
Security Trusted {Solution} Provider Service
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . =========================================================== Ubuntu Security Notice USN-924-1 April 07, 2010 krb5 vulnerabilities CVE-2007-5901, CVE-2007-5902, CVE-2007-5971, CVE-2007-5972, CVE-2010-0629 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 8.04 LTS: krb5-kdc 1.6.dfsg.3~beta1-2ubuntu1.4 libkrb53 1.6.dfsg.3~beta1-2ubuntu1.4
Ubuntu 8.10: krb5-kdc 1.6.dfsg.4~beta1-3ubuntu0.4
Ubuntu 9.04: krb5-kdc 1.6.dfsg.4~beta1-5ubuntu2.3 libkrb53 1.6.dfsg.4~beta1-5ubuntu2.3
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Sol Jerome discovered that the Kerberos kadmind service did not correctly free memory. (CVE-2010-0629)
It was discovered that Kerberos did not correctly free memory in the GSSAPI library. (Ubuntu 8.10 was not affected.) (CVE-2007-5901, CVE-2007-5971)
It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. (Only Ubuntu 8.04 LTS was affected.) (CVE-2007-5902, CVE-2007-5972)
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.diff.gz
Size/MD5: 1747579 857bc90fe202aacef9aa7ec1915912b0
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.dsc
Size/MD5: 1135 4cacf5667996472a34c29f5db3590a0a
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1.orig.tar.gz
Size/MD5: 14672599 7a36c3471aa31ffd01d5a020f9d82dff
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.3~beta1-2ubuntu1.4_all.deb
Size/MD5: 2121560 319ec346ce4f7acfcd3f535276b2e7e9
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 140892 372ce44cc13bfcea71652553d16ab0f6
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 162164 6b37b079fa1b8fd1d512e8d5a268c6e3
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 1337522 23370d40c101659acb54bd203c263e3d
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 89344 02a61de3df97772e9a46ce5f960d392d
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 497374 89e647e9beec851c340774d758f6d68c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 88168 6f6c1a76b5fd3f579c26f5438fb04f69
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 230020 ff26ae7c13bedcd6335b36d335357f79
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 65660 6ad8023f8ec936b19046b04c95c948bc
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 186140 af7b0135284c9bffd16a6a03b2c36703
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 64960 abc799e9e887480fc993bdba504af466
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 91866 cfb606d8378283313f5009faa2dec564
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 73208 6ee86c16449e975666de4454ca001fb4
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 131262 a8beec1ae2763a39f4224e6457d79a68
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 146000 ea7aad15118b9e3df627d9e41f641c25
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 1289340 b3f36e7e2fb3fdba00a5af1153c4f407
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 89352 372324ef9477c4a6f3f9bc31ef297a57
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 460514 62959156fab7500c76d9f11ebae51d52
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 81706 fbbc1993212b37307d15fbac473a1568
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 201704 e920981af86ee031bcf12fdf0d58f044
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 60694 c1e8663d26f5090f64350e56967f1b4b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 173246 532692f310673efbd4329d0661811370
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 61726 78e20ba263aad29b73f92ce156ba12a7
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 84298 fe5eceddccc659692e8c95149da13dd9
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 66892 efb07a08a44037d73c7e98525dcbab56
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 131436 e9a07a3d73999fe64e97ec4f15754f00
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 143896 0885dad9ce7cfb900e80f664256ce3c7
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 1318388 8c5fee9fe04a1d4d5cd50e31066c592d
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 89348 f12babd06a10b951388d6618288b081d
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 455898 ceb7713ec70fe69de2e9e675f34162eb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 82168 603b21fbba3e4092e21e95f7fc79addb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 200914 066a5fa912c9a64a2a4f4de12326ded2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 60786 d11c67185932d0b746584e0406294a3e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 172640 2de487fc075709f917b2396a053d8bde
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 61574 394a1d2ee087fb9ed2d8bbdd6b54c1c2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 84204 1c7cccecf78f77db4073669da9f82ef7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 67206 ce64e680e6c213afea88440bb1d944b6
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 158748 c5daffac1ce8e89ee9002325f63ed078
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 159344 9fb7e6c72d4e07e06e704b127582204a
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 1335326 2e5bf6c9daec4169d467583f70b2652f
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 89362 edd451d9c7efb36480bd396347d33b47
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 482430 c4f6f3ee75b56c4fb436e0a55f008097
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 95278 554caab935dc3d35ed2297dff4b9cd21
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 245012 0a16b0e350544021fd2a3a8879d1372f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 68806 ea6d4ae9080e63be328418af216cf7fd
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 199412 9063aec6b15eab435032ac249f516a44
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 64060 a367b9c7a4afee60fe4b8e7e98eac1a4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 100238 e253160984af0fd0f914b453bf604b1d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 75518 7bfda8e39e560cb747ad8b78ceee7fa8
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 134486 d031b1b700640b4e254e9ba9950c0a9c
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 142010 d0fd459614fb1e4bb411b5ff1220e6a9
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 1213582 cd49f178b2202d58d3eb471a3c791e49
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 89356 8e603c181d789500185720f8e35da971
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 428108 356af6cc775d8bafe2a028c43a33b89c
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 83266 e87d03878c6db3b236edbe0616e1c839
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 211652 121558486b173d309bccbe304b8ec550
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 64092 69c588ea021fc09582f299ec80ce5ebf
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 173032 01fd0f15a60c39f2180c0290b8b4f015
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 58806 e21d86723683a97d0f9812d820b39da7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 87886 eef2eaa5c992cd9849f865c5b88de7aa
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 69614 8f28b615e8a75bb0a6e04da3131c39bb
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.diff.gz
Size/MD5: 858566 abe6f3bf8714b16dd084cd583b5aa350
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.dsc
Size/MD5: 1671 e03526558ccf9a954c92a3e257e66351
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz
Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-3ubuntu0.4_all.deb
Size/MD5: 2148728 a0785e0f46d4268e3906483b821241bb
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 146234 7c1e6b679b00982416953a085acb5f39
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 165978 0415c29a760df4dbf38e3b82e93aaf54
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 1474040 289fcb9189903998fe6adb217d111257
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 92554 db275139f0715242c7f339b0005f7f65
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 510612 ad1d674ce1ffc4f39dfc6d75d8c80282
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 92862 99ee34c7a17ce0cb980ba620cbc97e67
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 237266 eb87e828f93d628e7dab9de7a657566d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 68946 43644b68a2aa3219a07dcb85f7a45371
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 107696 5be51db685dc9d9536765a0771e52223
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 196660 e36a1e5bc9fd0b173bbd0fca05b79d0b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 67914 098fd941dbdb7c32ce12f983dbbd6ed9
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 94504 4bbe57034a98573f623870361380055d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 76670 6759a5aad2f5ba13b5b0354dc025aa0c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 136816 71232407545e52025735e7e630496f84
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 150618 e413fd35cb127f765870211bc25a47ec
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 1413034 f1f3fb8a55ee8ba77c9b6aac5ad9aff4
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 92570 98ed6b6053fff58ac3a600f4b51b7cd0
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 472690 7cf30b9521b99808b48879295b579d07
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 86424 76aefeea8bbaecc66933de53158503fe
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 213602 a6d796c92390bc1b9ff794ae4204f974
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 63886 8a7affbe90bd3c31e1bb360f4f93ce90
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 102054 15234247c475c7ac05549b3e0ac04e8a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 183124 34b361091e4883adf77658c04f431edb
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 64676 72cd11a2060ebd4524dfb4345d6ac3b0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 87766 bd091590f2ebf42a256b00c00ca08704
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 70558 37b76c195ee928457ddb7f859ee19b80
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 136772 173deb07bb07502e6d16adc880d27209
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 148130 beebf3d09c4c0f5b605a1719d87d3f62
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 1443468 4236ad375d51fe23404e21b1979103cf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 92538 c696e177873d8255183b7cc50576eb48
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 463248 680eff30a2fd36ab52900ad3b7d58192
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 86530 2d5c2d44148bcc30b1fc0862c26bbc88
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 206758 d08cdf41d7ee2bacd847639b5f5b8676
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 63948 c42df041a5ed4079b03fad6d1fd16a5d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 101826 1bfed64995fab3d278fd7e382be0f207
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 182666 c40bbef2b97460a08eb18a64767c9f8f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 64188 1421cd4073a447d334eea471a2dd548f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 86954 b9b8f522b5881cc111124d368dcc0d6f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 70346 f77d255277ff6ea8964c3992dded5118
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 157076 4501c9b76ba4cd09cce27ef2ce1a74ad
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 161396 9f6134a5f7e29859b46f41fa1f6c23a8
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 1472026 4f1e6fbc7c474bd9ddedce81c307e52f
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 92578 3b7a1d729048d6c66629e03a8230cb8b
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 492848 c791a13ad685af0293c3b8b0397adb25
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 96700 4980c34839066b9866eacb06fb385d23
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 245612 c4f47729971c422bdf47cbc86669999b
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 70360 4904070348252bd4bdd692d85af4249a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 110768 2c18038848b99c2f90b87a0c8af7a2e5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 202494 7c9671f7bdb178be8f1bbc8445ab00a9
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 66680 36a33a9765740aa2eab16419017562b0
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 98830 bfafb479fdc24c38cda9ab334c7c059e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 77096 ffc6213bd7623df1b396d14a72d4e830
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 140360 97dcf304de4a27ebac536e0092b7fc1b
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 144848 64545260134ceba4c1fa36bbb5dbb3e7
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 1332818 cfbeb843bc41b29bc39c9f472cc6f388
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 92562 18978f9e7ff1ce581359bffaa3183cae
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 433500 135cfb8e8a08c6086ee81a2401f5caea
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 87970 205855c848f241acd5262a11ca7bbc7a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 221618 1475ec81f68851111b85bb0bb0ab6fbf
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 67506 5742f0bd5b8775f8aa948f8fda02456b
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 100974 b9c4cb0e343eb63dbda925b29888186d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 182710 be662df46e52c604f0ef9aee39287bd4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 60936 d39a4e432ed22e23cc7342986b59cad2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 91922 62f5f68fe447a9e1367457ba4ac1033e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 72734 e3a771cb836f6fc6b40402befbdfdf20
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.diff.gz
Size/MD5: 884759 6834e06b9b7420e013639e5f0177dde7
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.dsc
Size/MD5: 1671 2df8fc05d522a39465b516106eb1c720
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz
Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5ubuntu2.3_all.deb
Size/MD5: 2149012 143718b601a3a99b8ebd05937ecaed25
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 146656 2d86ade2be3e079d940e8919217802e7
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 166316 faec7da08e9aa386f72e349c7408bf10
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 1479408 de4a5e28107e556683c959c1a0cfa819
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 93046 a88830b71b66d9071ecf9e43422c1d3e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 512336 6623911d29c86d0da61a57ac3f5443fa
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 93766 c1fe58d664c3021eb0f3b39a21f292f6
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 237514 15434edb948a81df6827c54e7cfc493a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 69208 f38a09c9ce73b663053b0c16e562d53e
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 108010 397c0979124621bde63b49d55df1951b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 198894 971764b78a61757018f675faaf8d13c2
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 68258 7abb3d320bbaac22e6d91c8ddf808ced
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 94832 c3b98b57230bdd7b7f6ebb83418b398f
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 76946 85b0519be431be8228d1b8930ca82032
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 137258 6722093f41aea33c126c60594e91aa89
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 150922 b01712adff6c2dd19bbb578691b55a82
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 1417102 87153ec02650a379e068d91412027243
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 93044 d29e99de8b3cd37a2f66411cb62f69e6
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 473744 d7f752135e4a924139b89e5873901aa1
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 87338 441b4cbdfcf76a714c81f88fc78d45f0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 213942 12b948c395cf70a2fea94cc8fc195228
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 64306 bab53b895c90f98f7964e66768e8e020
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 102364 0892484a20867e24c567a57fa9bdabbe
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 185436 c7716a56e5e00c6b34c37d619c3e2fd3
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 65034 673f5afa510e0b6c9718ca2b0b1d8634
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 88118 4d16b24b0c8de073394fcd16efbd471b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 70886 7c57638b2967e79f0b35ed27baca2c5c
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 137092 88eac351aa4c04cabeb5004ba0488a89
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 148518 5c4bcb387e8ceae4642e955c9073b936
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 1448176 04dc34d8d656fdd5cabfd522a2862fcb
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 93040 696bfd471bba2b1f3cb7d5c0538068d0
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 464142 11481d506c939a4595c5d235768692e5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 87422 41b6c7fb1aed7ddfd0732af69c393ee5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 207106 86e5df0b876d7a0fc53ff75dffcced9e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 64392 783c9e473eb37ca0368c9a52aa92d343
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 102218 548d6f447c103522fa6616dbea42e75a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 184990 325f5322d631683068bc6ddc6af35940
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 64550 b6b3f9ad2c07f8f7597c484fc14315be
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 87292 bcdb18ceb438927ab77150be9c4176f9
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 70680 eb8483a9164d278a76774413d9660ddb
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 157362 3603a529157befb84af0edad2c3bb7dc
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 161722 7ba5b2cd8023ffb44230d435aad75f4c
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 1476674 1db714f8b53e25bdc2301cdfa99551bf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 93054 82c6e84e63e5c5a561dfc55a5bbee018
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 494652 9251f6d55d90fbf9bb28ee930cef7aed
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 97626 05a2eef51dafed34f8689bde6d025d51
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 245924 2e85a1edc5ea735861525a91a37bcca6
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 70818 aa62de270b7d513cd8bd5831c63e4d20
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 111146 d4464357b86e371914cc23251c2c1780
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 204756 dd5364842f6604199e2d7698334771ff
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 67072 5144031c10eebd19c85b9bed8186b5a7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 99180 54eca3303b1097ee902e2ef84f0220e7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 77438 a18355513e1155b4dc997881878ce816
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 140558 5c0e1c57333b16f654ed94502e54d354
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 145012 bc16c76d7e202efb7f392185f9a34ecf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 1337686 00ce5bdd2e53fd6059205375458ba917
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 93054 29490c704727e89faf1079f1b517606e
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 434466 9047f19cc6730c592a0f9ac99abd31e4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 88702 55bf696f05f0d9b72b630d35422ed905
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 221790 bf2fb8e80cf389bee1a7b9edbcacb3d0
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 67822 4c2219ff77a59d8bcc8c78fb07e5b0e7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 101378 d7720e20362e7870e6d205a924b7e486
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 184808 7d8827058a213b3216c16cfe15d26bf1
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 61274 1b5b021b7e019641010877555e99058d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 92206 8baa9bba468967c26e6a2c87ffa8dfbb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 73024 607a1edca12d6130393158fc82b86b28
Show details on source website
{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200712-0604", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: null, scope: null, trust: 1.6, vendor: "mit kerberos team", version: null, }, { model: null, scope: null, trust: 1.6, vendor: "ubuntu", version: null, }, { model: "kerberos 5", scope: "lte", trust: 1, vendor: "mit", version: "1.6.3_kdc", }, { model: null, scope: null, trust: 0.8, vendor: "apple computer", version: null, }, { model: "kerberos", scope: "lte", trust: 0.8, vendor: "mit kerberos", version: "5 version 1.6.3 kdc", }, { model: "mac os x", scope: "eq", trust: 0.8, vendor: "apple", version: "v10.4.11", }, { model: "mac os x", scope: "eq", trust: 0.8, vendor: "apple", version: "v10.5.2", }, { model: "mac os x server", scope: "eq", trust: 0.8, vendor: "apple", version: "v10.4.11", }, { model: "mac os x server", scope: "eq", trust: 0.8, vendor: "apple", version: "v10.5.2", }, { model: "asianux server", scope: "eq", trust: 0.8, vendor: "cybertrust", version: "3 (x86)", }, { model: "asianux server", scope: "eq", trust: 0.8, vendor: "cybertrust", version: "3 (x86-64)", }, { model: "asianux server", scope: "eq", trust: 0.8, vendor: "cybertrust", version: "3.0", }, { model: "asianux server", scope: "eq", trust: 0.8, vendor: "cybertrust", version: "3.0 (x86-64)", }, { model: "asianux server", scope: "eq", trust: 0.8, vendor: "cybertrust", version: "4.0", }, { model: "asianux server", scope: "eq", trust: 0.8, vendor: "cybertrust", version: "4.0 (x86-64)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "4 (as)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "4 (es)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "4 (ws)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "5 (server)", }, { model: "enterprise linux desktop", scope: "eq", trust: 0.8, vendor: "red hat", version: "4.0", }, { model: "enterprise linux desktop", scope: "eq", trust: 0.8, vendor: "red hat", version: "5.0 (client)", }, { model: "rhel desktop workstation", scope: "eq", trust: 0.8, vendor: "red hat", version: "5 (client)", }, { model: "mac os x", scope: "eq", trust: 0.6, vendor: "apple", version: "10.4.11", }, { model: "mac os x server", scope: "eq", trust: 0.6, vendor: "apple", version: "10.5.2", }, { model: "mac os x", scope: "eq", trust: 0.6, vendor: "apple", version: "10.5.2", }, { model: "mac os x server", scope: "eq", trust: 0.6, vendor: "apple", version: "10.4.11", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux lts sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "6.06", }, { model: "linux lts powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "6.06", }, { model: "linux lts i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "6.06", }, { model: "linux lts amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "6.06", }, { model: "linux enterprise server sp1", scope: "eq", trust: 0.3, vendor: "suse", version: "10", }, { model: "linux enterprise server", scope: "eq", trust: 0.3, vendor: "suse", version: "10", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "10.1x86-64", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "10.1x86", }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "10.1", }, { model: "opensuse", scope: "eq", trust: 0.3, vendor: "s u s e", version: "10.3", }, { model: "opensuse", scope: "eq", trust: 0.3, vendor: "s u s e", version: "10.2", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "rpath", version: "1", }, { model: "appliance platform linux service", scope: "eq", trust: 0.3, vendor: "rpath", version: "1", }, { model: "fedora", scope: "eq", trust: 0.3, vendor: "redhat", version: "7", }, { model: "enterprise linux ws", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux es", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux desktop workstation client", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "enterprise linux desktop client", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "enterprise linux as", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux server", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "desktop", scope: "eq", trust: 0.3, vendor: "redhat", version: "4.0", }, { model: "application server es", scope: "eq", trust: 0.3, vendor: "redhat", version: "3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.1", }, { model: "kerberos -alpha1", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.8", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.7", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.3", }, { model: "kerberos -beta1", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.1.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0.8", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0", }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2008.0", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2008.0", }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2007.1", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2007.1", }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2007.0", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2007.0", }, { model: "corporate server x86 64", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "4.0", }, { model: "corporate server", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "4.0", }, { model: "linux", scope: null, trust: 0.3, vendor: "gentoo", version: null, }, { model: "directory pro", scope: "eq", trust: 0.3, vendor: "cosmicperl", version: "10.0.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.11", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.10", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.9", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.8", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.7", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.9", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.8", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.7", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.8", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.7", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.11", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.10", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.9", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.8", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.6", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.9", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.8", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.6", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.8", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.6", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5", }, ], sources: [ { db: "CERT/CC", id: "VU#895609", }, { db: "CERT/CC", id: "VU#374121", }, { db: "BID", id: "26750", }, { db: "JVNDB", id: "JVNDB-2007-001142", }, { db: "CNNVD", id: "CNNVD-200712-052", }, { db: "NVD", id: "CVE-2007-5971", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.6.3_kdc", vulnerable: true, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2007-5971", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Venustech AD-LAB", sources: [ { db: "PACKETSTORM", id: "61598", }, { db: "CNNVD", id: "CNNVD-200712-052", }, ], trust: 0.7, }, cve: "CVE-2007-5971", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.4, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Local", authentication: "None", author: "NVD", availabilityImpact: "Complete", baseScore: 6.9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2007-5971", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.4, id: "VHN-29333", impactScore: 10, integrityImpact: "COMPLETE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:L/AC:M/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2007-5971", trust: 1.8, value: "MEDIUM", }, { author: "CARNEGIE MELLON", id: "VU#895609", trust: 0.8, value: "10.10", }, { author: "CARNEGIE MELLON", id: "VU#374121", trust: 0.8, value: "2.87", }, { author: "CNNVD", id: "CNNVD-200712-052", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-29333", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CERT/CC", id: "VU#895609", }, { db: "CERT/CC", id: "VU#374121", }, { db: "VULHUB", id: "VHN-29333", }, { db: "JVNDB", id: "JVNDB-2007-001142", }, { db: "CNNVD", id: "CNNVD-200712-052", }, { db: "NVD", id: "CVE-2007-5971", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. Vulnerabilities in the MIT Kerberos libgssrpc library may allow an attacker to cause a denial of service or potentially execute arbitrary code. Kerberos是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等。MIT Kerberos 5(又名krb5)是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等. \nKerberos的实现上存在多个内存破坏漏洞,远程攻击者可能利用这些漏洞导致服务程序崩溃. \ngssftp的ftpd是Kerberos加密的FTP服务器,可通过Kerberos 5认证。在ftpd.c的reply()函数中存在未初始化的指针:\nvoid reply(int n, char *fmt, ...)\n{\n... \n(1) int length, kerror; <---- declared length without initializer\nif (n) sprintf(in, \\\"\\\\%d\\\\%c\\\", n, cont_char);\nelse in[0] = \\'\\'\0\\'\\';\nstrncat(in, buf, sizeof (in) - strlen(in) - 1);\n#ifdef KRB5_KRB4_COMPAT\nif (strcmp(auth_type, \\\"KERBEROS_V4\\\") == 0) {\nif (clevel == PROT_P)\nlength = krb_mk_priv((unsigned char\n*)in,\n(unsigned char\n*)out,\nstrlen(in),\nschedule,\n&kdata.session,\n&ctrl_addr,\n&his_addr);\nelse\nlength = krb_mk_safe((unsigned char\n*)in,\n(unsigned char\n*)out,\nstrlen(in),\n&kdata.session,\n&ctrl_addr,\n&his_addr);\nif (length == -1) {\nsyslog(LOG_ERR,\n\\\"krb_mk_\\\\%s failed for\nKERBEROS_V4\\\",\nclevel == PROT_P ? \\\"priv\\\" :\n\\\"safe\\\");\nfputs(in,stdout);\n}\n} else\n#endif /* KRB5_KRB4_COMPAT */\n#ifdef GSSAPI\n/* reply (based on level) */\nif (strcmp(auth_type, \\\"GSSAPI\\\") == 0) {\ngss_buffer_desc in_buf, out_buf;\nOM_uint32 maj_stat, min_stat;\nint conf_state;\nin_buf.value = in;\nin_buf.length = strlen(in);\nmaj_stat = gss_seal(&min_stat, gcontext,\nclevel == PROT_P, /*\nprivate */\nGSS_C_QOP_DEFAULT,\n&in_buf, &conf_state,\n&out_buf);\nif (maj_stat != GSS_S_COMPLETE) {\n#if 0\n/* Don\\'\\'t setup an infinite loop */\n/* generally need to deal */\nsecure_gss_error(maj_stat, min_stat,\n(clevel==PROT_P)?\n\\\"gss_seal ENC didn\\'\\'t\ncomplete\\\":\n\\\"gss_seal MIC didn\\'\\'t\ncomplete\\\");\n#endif /* 0 */\n} else if ((clevel == PROT_P) && !conf_state) {\n#if 0\n/* Don\\'\\'t setup an infinite loop */\nsecure_error(\\\"GSSAPI didn\\'\\'t encrypt\nmessage\\\");\n#endif /* 0 */\n} else {\nmemcpy(out, out_buf.value,\nlength=out_buf.length);\ngss_release_buffer(&min_stat,\n&out_buf);\n}\n}\n#endif /* GSSAPI */\n/* Othe. These issues include a use-after-free vulnerability, an integer-overflow vulnerability, and two double-free vulnerabilities. It adopts a client/server structure, and both the client and the server can authenticate each other (that is, double verification), which can prevent eavesdropping and replay attack, etc. ), which can prevent eavesdropping, prevent replay attacks, etc. gssftp's ftpd is a Kerberos-encrypted FTP server that can pass Kerberos 5 authentication. \n \n A flaw was discovered in how the Kerberos krb5kdc handled Kerberos v4\n protocol packets. \n \n This issue only affects krb5kdc when it has Kerberos v4 protocol\n compatibility enabled, which is a compiled-in default in all\n Kerberos versions that Mandriva Linux ships prior to Mandriva\n Linux 2008.0. \n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947\n http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt\n http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.1:\n 64c3f5c31177dcacc99b021ec6ed1271 2007.1/i586/ftp-client-krb5-1.5.2-6.6mdv2007.1.i586.rpm\n 11b4194bc9edba8c0951e44660ba9955 2007.1/i586/ftp-server-krb5-1.5.2-6.6mdv2007.1.i586.rpm\n 23794e6e0cb1d46a329c42a04f672c5f 2007.1/i586/krb5-server-1.5.2-6.6mdv2007.1.i586.rpm\n 0fbb29bd81c8452d937d30fbbda62242 2007.1/i586/krb5-workstation-1.5.2-6.6mdv2007.1.i586.rpm\n 8f4eea60bf4ea3bfc776f1c117ceb26d 2007.1/i586/libkrb53-1.5.2-6.6mdv2007.1.i586.rpm\n fd5b1da0a056d995011d2b1a692e4292 2007.1/i586/libkrb53-devel-1.5.2-6.6mdv2007.1.i586.rpm\n ca79ccbe3f286b9069f0ae028d9816f7 2007.1/i586/telnet-client-krb5-1.5.2-6.6mdv2007.1.i586.rpm\n 8a7c84f1fe1bbb5338723f28d12a9f21 2007.1/i586/telnet-server-krb5-1.5.2-6.6mdv2007.1.i586.rpm \n 22830790ad7715479b7d4fbecc6c1e7f 2007.1/SRPMS/krb5-1.5.2-6.6mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n fc02060b7c1da08c33952e6c14fb5627 2007.1/x86_64/ftp-client-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm\n 513fca34bdd1f2a5643a8e6adeb62e0e 2007.1/x86_64/ftp-server-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm\n 4f42d639753a885212e6d62bfe84a121 2007.1/x86_64/krb5-server-1.5.2-6.6mdv2007.1.x86_64.rpm\n 6b2ca028321fb08199be20a4aedef4a0 2007.1/x86_64/krb5-workstation-1.5.2-6.6mdv2007.1.x86_64.rpm\n 4d453dc2a579e74e29dfc052197fedc1 2007.1/x86_64/lib64krb53-1.5.2-6.6mdv2007.1.x86_64.rpm\n b22d9f1b515df1a5270d2d4c373b7dd3 2007.1/x86_64/lib64krb53-devel-1.5.2-6.6mdv2007.1.x86_64.rpm\n 21b245649de9e38e43782bd1a18922a7 2007.1/x86_64/telnet-client-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm\n 1322374ab1c15b5c1392ee4ae5f915e7 2007.1/x86_64/telnet-server-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm \n 22830790ad7715479b7d4fbecc6c1e7f 2007.1/SRPMS/krb5-1.5.2-6.6mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n 3ee5a309927b830bf8559a872161384b 2008.0/i586/ftp-client-krb5-1.6.2-7.1mdv2008.0.i586.rpm\n 1835baa43ab27aac2493dc7821bafa8a 2008.0/i586/ftp-server-krb5-1.6.2-7.1mdv2008.0.i586.rpm\n 5e8369c201ac4678a7bc46590107e45f 2008.0/i586/krb5-1.6.2-7.1mdv2008.0.i586.rpm\n 94277e76faf2b75553c2e6250e428a43 2008.0/i586/krb5-server-1.6.2-7.1mdv2008.0.i586.rpm\n 695d5b85347b906401433fa55177be1a 2008.0/i586/krb5-workstation-1.6.2-7.1mdv2008.0.i586.rpm\n 4696cbae0ce644c265b74ff4ce59a865 2008.0/i586/libkrb53-1.6.2-7.1mdv2008.0.i586.rpm\n cc8122a1c6a3449fc41d3022bbdffeb2 2008.0/i586/libkrb53-devel-1.6.2-7.1mdv2008.0.i586.rpm\n d5e75835b35e81a3f7d038e501dabd1c 2008.0/i586/telnet-client-krb5-1.6.2-7.1mdv2008.0.i586.rpm\n 072b5ba782fbd1659ed8bde15bd11b5a 2008.0/i586/telnet-server-krb5-1.6.2-7.1mdv2008.0.i586.rpm \n cfd133fde8cc72b038ea61dc94405701 2008.0/SRPMS/krb5-1.6.2-7.1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 7a8c1c390b1d1a0b2a8fe28e8fb6a458 2008.0/x86_64/ftp-client-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm\n 9b312bd49bd858d00d00ec299866a275 2008.0/x86_64/ftp-server-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm\n 19f7d0590227c4cc636ee5528db8027a 2008.0/x86_64/krb5-1.6.2-7.1mdv2008.0.x86_64.rpm\n 6a84bc19cb8e32f7331ce4c1ed36dc9d 2008.0/x86_64/krb5-server-1.6.2-7.1mdv2008.0.x86_64.rpm\n dabaf97b9b36316dc2b69e9edc953793 2008.0/x86_64/krb5-workstation-1.6.2-7.1mdv2008.0.x86_64.rpm\n 2810bbed78b7480ff48b021a798cb5a1 2008.0/x86_64/lib64krb53-1.6.2-7.1mdv2008.0.x86_64.rpm\n 734b018e6b05204767d07a7d53ef2c3c 2008.0/x86_64/lib64krb53-devel-1.6.2-7.1mdv2008.0.x86_64.rpm\n 787fb5ea70eff84b91eea5d68c1e956d 2008.0/x86_64/telnet-client-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm\n d6224c005bc7c818c117e3fc61643840 2008.0/x86_64/telnet-server-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm \n cfd133fde8cc72b038ea61dc94405701 2008.0/SRPMS/krb5-1.6.2-7.1mdv2008.0.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n <security*mandriva.com>\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.8 (GNU/Linux)\n\niD8DBQFH4WG/mqjQ0CJFipgRAom/AKDt3NL//QdT6Aw4zm4Ok/TlQjpNLQCeJ2qJ\nHsy0RD3h2ilxoUTodKz7J5k=\n=y37y\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \n\nI. \n\nII. \n\nIII. Solution\n\nInstall updates from your vendor\n\n Check with your vendors for patches or updates. For information about\n a vendor, please see the systems affected section in vulnerability\n notes VU#895609 and VU#374121 or contact your vendor directly. \n Administrators who compile MIT Kerberos from source should refer to\n MIT Security Advisory 2008-002 for more information. \n\nIV. References\n\n * US-CERT Vulnerability Note VU#895609 -\n <http://www.kb.cert.org/vuls/id/895609>\n \n * US-CERT Vulnerability Note VU#374121 -\n <http://www.kb.cert.org/vuls/id/374121>\n \n * MIT krb5 Security Advisory 2008-002 -\n <http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt2>\n\n _________________________________________________________________\n\n The most recent version of this document can be found at:\n\n <http://www.us-cert.gov/cas/techalerts/TA08-079B.html>\n _________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to <cert@cert.org> with \"TA08-079B Feedback VU#895609\" in the\n subject. \n _________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit <http://www.us-cert.gov/cas/signup.html>. \n _________________________________________________________________\n\n Produced 2008 by US-CERT, a government organization. \n\n Terms of use:\n\n <http://www.us-cert.gov/legal.html>\n ____________________________________________________________________\n\n Revision History\n\n March 19, 2008: Initial release\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBR+E+pPRFkHkM87XOAQK1jwf/ZDEomMLCZvsmN7KVXa0Il5PqXlfRvG2Y\njdWPUCi92qmgvm8LdqoNgAUxnUGYzCHLQzw8ebmnz37AMigDNsYIzFHStgnoJDVi\niK6UGC6gHLnGJFuG+otEC9jZaVeIiUbKddB2+vzvmDWLnvIsyxzmHf6lJe0IrZlH\nho/cCgpfRctgZHM5Ke+pPPqMjZZ7u0OUQnM7MIcSsZbKxw8x2CyUpaSiheMDhf8p\n8JGyx+nkyvZoja6Ee4WCRq3xtVaUlp/sg8IZYY5nav2VuSh15rJXLJCWDBXUU+oV\naAXPa2JEx5Cn3S0CFz8SIJ4NoLUp09usVMFyeNd57FMBKRjTAC/DBw==\n=4wkz\n-----END PGP SIGNATURE-----\n. \n\nBackground\n==========\n\nMIT Kerberos 5 is a suite of applications that implement the Kerberos\nnetwork protocol. kadmind is the MIT Kerberos 5 administration daemon,\nKDC is the Key Distribution Center. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-crypt/mit-krb5 < 1.6.3-r1 >= 1.6.3-r1\n\nDescription\n===========\n\n* Two vulnerabilities were found in the Kerberos 4 support in KDC: A\n global variable is not set for some incoming message types, leading\n to a NULL pointer dereference or a double free() (CVE-2008-0062) and\n unused portions of a buffer are not properly cleared when generating\n an error message, which results in stack content being contained in a\n reply (CVE-2008-0063). \n\n* Jeff Altman (Secure Endpoints) discovered a buffer overflow in the\n RPC library server code, used in the kadmin server, caused when too\n many file descriptors are opened (CVE-2008-0947). These bugs can only be triggered when Kerberos 4 support is\nenabled. This\nbug can only be triggered in configurations that allow large numbers of\nopen file descriptors in a process. \n\nWorkaround\n==========\n\nKerberos 4 support can be disabled via disabling the \"krb4\" USE flag\nand recompiling the ebuild, or setting \"v4_mode=none\" in the\n[kdcdefaults] section of /etc/krb5/kdc.conf. This will only work around\nthe KDC related vulnerabilities. \n\nResolution\n==========\n\nAll MIT Kerberos 5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-crypt/mit-krb5-1.6.3-r1\"\n\nReferences\n==========\n\n [ 1 ] CVE-2007-5901\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894\n [ 2 ] CVE-2007-5971\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971\n [ 3 ] CVE-2008-0062\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062\n [ 4 ] CVE-2008-0063\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063\n [ 5 ] CVE-2008-0947\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200803-31.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2008 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. (Only Ubuntu 6.06 LTS was\naffected.) (CVE-2007-5902, CVE-2007-5971, CVE-2007-5972)\n\nJoel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos\ndid not correctly verify certain packet structures. \n\nDescription\n\n\tA uninitialized vulnerability (CVE-2007-5894)in function reply() in\nftpd.c. \n A dereferencing vulnerability(CVE-2007-5901) in gssapi lib in function\ngss_indicate_mechs(mi\nnorStatus, mechSet) in g_initialize.c and a integer overflow\nvunerability(CVE-2007-5902)\nin rpc lib in function svcauth_gss_get_principal in svc_auth_gss.c. \n\nImpact\n\nReading uninitialized variables can result in unpredictable behavior,\ncrashes, or security holes. \nDereferencing,integer overflow and double free may cause instability and\npotentially crash. \n\nReferences\n==========\n\n [ 1 ] CVE-2007-5894\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894\n [ 2 ] CVE-2007-5901\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901\n [ 3 ] CVE-2007-5902\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5902\n [ 4 ] CVE-2007-5971\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971\n [ 5 ] CVE-2007-5972\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5972\n\n\nIII.CREDIT:\n----------\n Venustech AD-LAB discovery this vuln. Thank to all Venustech AD-Lab\nguys. \n\nV.DISCLAIMS:\n-----------\n\nThe information in this bulletin is provided \"AS IS\" without warranty of\nany\nkind. In no event shall we be liable for any damages whatsoever\nincluding direct,\nindirect, incidental, consequential, loss of business profits or special\ndamages. \n\nCopyright 1996-2007 VENUSTECH. All Rights Reserved. Terms of use. \n\nVENUSTECH Security Lab\nVENUSTECH INFORMATION TECHNOLOGY CO.,LTD(http://www.venustech.com.cn)\n\nSecurity\nTrusted {Solution} Provider\nService\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ===========================================================\nUbuntu Security Notice USN-924-1 April 07, 2010\nkrb5 vulnerabilities\nCVE-2007-5901, CVE-2007-5902, CVE-2007-5971, CVE-2007-5972,\nCVE-2010-0629\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 8.04 LTS\nUbuntu 8.10\nUbuntu 9.04\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 8.04 LTS:\n krb5-kdc 1.6.dfsg.3~beta1-2ubuntu1.4\n libkrb53 1.6.dfsg.3~beta1-2ubuntu1.4\n\nUbuntu 8.10:\n krb5-kdc 1.6.dfsg.4~beta1-3ubuntu0.4\n\nUbuntu 9.04:\n krb5-kdc 1.6.dfsg.4~beta1-5ubuntu2.3\n libkrb53 1.6.dfsg.4~beta1-5ubuntu2.3\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nSol Jerome discovered that the Kerberos kadmind service did not correctly\nfree memory. (CVE-2010-0629)\n\nIt was discovered that Kerberos did not correctly free memory in\nthe GSSAPI library. (Ubuntu 8.10 was not affected.) (CVE-2007-5901,\nCVE-2007-5971)\n\nIt was discovered that Kerberos did not correctly free memory in the\nGSSAPI and kdb libraries. (Only Ubuntu 8.04 LTS was affected.)\n(CVE-2007-5902, CVE-2007-5972)\n\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.diff.gz\n Size/MD5: 1747579 857bc90fe202aacef9aa7ec1915912b0\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.dsc\n Size/MD5: 1135 4cacf5667996472a34c29f5db3590a0a\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1.orig.tar.gz\n Size/MD5: 14672599 7a36c3471aa31ffd01d5a020f9d82dff\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.3~beta1-2ubuntu1.4_all.deb\n Size/MD5: 2121560 319ec346ce4f7acfcd3f535276b2e7e9\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 140892 372ce44cc13bfcea71652553d16ab0f6\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 162164 6b37b079fa1b8fd1d512e8d5a268c6e3\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 1337522 23370d40c101659acb54bd203c263e3d\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 89344 02a61de3df97772e9a46ce5f960d392d\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 497374 89e647e9beec851c340774d758f6d68c\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 88168 6f6c1a76b5fd3f579c26f5438fb04f69\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 230020 ff26ae7c13bedcd6335b36d335357f79\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 65660 6ad8023f8ec936b19046b04c95c948bc\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 186140 af7b0135284c9bffd16a6a03b2c36703\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 64960 abc799e9e887480fc993bdba504af466\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 91866 cfb606d8378283313f5009faa2dec564\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 73208 6ee86c16449e975666de4454ca001fb4\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 131262 a8beec1ae2763a39f4224e6457d79a68\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 146000 ea7aad15118b9e3df627d9e41f641c25\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 1289340 b3f36e7e2fb3fdba00a5af1153c4f407\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 89352 372324ef9477c4a6f3f9bc31ef297a57\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 460514 62959156fab7500c76d9f11ebae51d52\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 81706 fbbc1993212b37307d15fbac473a1568\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 201704 e920981af86ee031bcf12fdf0d58f044\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 60694 c1e8663d26f5090f64350e56967f1b4b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 173246 532692f310673efbd4329d0661811370\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 61726 78e20ba263aad29b73f92ce156ba12a7\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 84298 fe5eceddccc659692e8c95149da13dd9\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 66892 efb07a08a44037d73c7e98525dcbab56\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 131436 e9a07a3d73999fe64e97ec4f15754f00\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 143896 0885dad9ce7cfb900e80f664256ce3c7\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 1318388 8c5fee9fe04a1d4d5cd50e31066c592d\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 89348 f12babd06a10b951388d6618288b081d\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 455898 ceb7713ec70fe69de2e9e675f34162eb\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 82168 603b21fbba3e4092e21e95f7fc79addb\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 200914 066a5fa912c9a64a2a4f4de12326ded2\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 60786 d11c67185932d0b746584e0406294a3e\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 172640 2de487fc075709f917b2396a053d8bde\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 61574 394a1d2ee087fb9ed2d8bbdd6b54c1c2\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 84204 1c7cccecf78f77db4073669da9f82ef7\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 67206 ce64e680e6c213afea88440bb1d944b6\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 158748 c5daffac1ce8e89ee9002325f63ed078\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 159344 9fb7e6c72d4e07e06e704b127582204a\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 1335326 2e5bf6c9daec4169d467583f70b2652f\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 89362 edd451d9c7efb36480bd396347d33b47\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 482430 c4f6f3ee75b56c4fb436e0a55f008097\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 95278 554caab935dc3d35ed2297dff4b9cd21\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 245012 0a16b0e350544021fd2a3a8879d1372f\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 68806 ea6d4ae9080e63be328418af216cf7fd\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 199412 9063aec6b15eab435032ac249f516a44\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 64060 a367b9c7a4afee60fe4b8e7e98eac1a4\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 100238 e253160984af0fd0f914b453bf604b1d\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 75518 7bfda8e39e560cb747ad8b78ceee7fa8\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 134486 d031b1b700640b4e254e9ba9950c0a9c\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 142010 d0fd459614fb1e4bb411b5ff1220e6a9\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 1213582 cd49f178b2202d58d3eb471a3c791e49\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 89356 8e603c181d789500185720f8e35da971\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 428108 356af6cc775d8bafe2a028c43a33b89c\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 83266 e87d03878c6db3b236edbe0616e1c839\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 211652 121558486b173d309bccbe304b8ec550\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 64092 69c588ea021fc09582f299ec80ce5ebf\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 173032 01fd0f15a60c39f2180c0290b8b4f015\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 58806 e21d86723683a97d0f9812d820b39da7\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 87886 eef2eaa5c992cd9849f865c5b88de7aa\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 69614 8f28b615e8a75bb0a6e04da3131c39bb\n\nUpdated packages for Ubuntu 8.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.diff.gz\n Size/MD5: 858566 abe6f3bf8714b16dd084cd583b5aa350\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.dsc\n Size/MD5: 1671 e03526558ccf9a954c92a3e257e66351\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz\n Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-3ubuntu0.4_all.deb\n Size/MD5: 2148728 a0785e0f46d4268e3906483b821241bb\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 146234 7c1e6b679b00982416953a085acb5f39\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 165978 0415c29a760df4dbf38e3b82e93aaf54\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 1474040 289fcb9189903998fe6adb217d111257\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 92554 db275139f0715242c7f339b0005f7f65\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 510612 ad1d674ce1ffc4f39dfc6d75d8c80282\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 92862 99ee34c7a17ce0cb980ba620cbc97e67\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 237266 eb87e828f93d628e7dab9de7a657566d\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 68946 43644b68a2aa3219a07dcb85f7a45371\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 107696 5be51db685dc9d9536765a0771e52223\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 196660 e36a1e5bc9fd0b173bbd0fca05b79d0b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 67914 098fd941dbdb7c32ce12f983dbbd6ed9\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 94504 4bbe57034a98573f623870361380055d\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 76670 6759a5aad2f5ba13b5b0354dc025aa0c\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 136816 71232407545e52025735e7e630496f84\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 150618 e413fd35cb127f765870211bc25a47ec\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 1413034 f1f3fb8a55ee8ba77c9b6aac5ad9aff4\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 92570 98ed6b6053fff58ac3a600f4b51b7cd0\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 472690 7cf30b9521b99808b48879295b579d07\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 86424 76aefeea8bbaecc66933de53158503fe\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 213602 a6d796c92390bc1b9ff794ae4204f974\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 63886 8a7affbe90bd3c31e1bb360f4f93ce90\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 102054 15234247c475c7ac05549b3e0ac04e8a\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 183124 34b361091e4883adf77658c04f431edb\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 64676 72cd11a2060ebd4524dfb4345d6ac3b0\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 87766 bd091590f2ebf42a256b00c00ca08704\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 70558 37b76c195ee928457ddb7f859ee19b80\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 136772 173deb07bb07502e6d16adc880d27209\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 148130 beebf3d09c4c0f5b605a1719d87d3f62\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 1443468 4236ad375d51fe23404e21b1979103cf\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 92538 c696e177873d8255183b7cc50576eb48\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 463248 680eff30a2fd36ab52900ad3b7d58192\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 86530 2d5c2d44148bcc30b1fc0862c26bbc88\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 206758 d08cdf41d7ee2bacd847639b5f5b8676\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 63948 c42df041a5ed4079b03fad6d1fd16a5d\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 101826 1bfed64995fab3d278fd7e382be0f207\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 182666 c40bbef2b97460a08eb18a64767c9f8f\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 64188 1421cd4073a447d334eea471a2dd548f\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 86954 b9b8f522b5881cc111124d368dcc0d6f\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 70346 f77d255277ff6ea8964c3992dded5118\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 157076 4501c9b76ba4cd09cce27ef2ce1a74ad\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 161396 9f6134a5f7e29859b46f41fa1f6c23a8\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 1472026 4f1e6fbc7c474bd9ddedce81c307e52f\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 92578 3b7a1d729048d6c66629e03a8230cb8b\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 492848 c791a13ad685af0293c3b8b0397adb25\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 96700 4980c34839066b9866eacb06fb385d23\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 245612 c4f47729971c422bdf47cbc86669999b\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 70360 4904070348252bd4bdd692d85af4249a\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 110768 2c18038848b99c2f90b87a0c8af7a2e5\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 202494 7c9671f7bdb178be8f1bbc8445ab00a9\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 66680 36a33a9765740aa2eab16419017562b0\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 98830 bfafb479fdc24c38cda9ab334c7c059e\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 77096 ffc6213bd7623df1b396d14a72d4e830\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 140360 97dcf304de4a27ebac536e0092b7fc1b\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 144848 64545260134ceba4c1fa36bbb5dbb3e7\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 1332818 cfbeb843bc41b29bc39c9f472cc6f388\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 92562 18978f9e7ff1ce581359bffaa3183cae\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 433500 135cfb8e8a08c6086ee81a2401f5caea\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 87970 205855c848f241acd5262a11ca7bbc7a\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 221618 1475ec81f68851111b85bb0bb0ab6fbf\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 67506 5742f0bd5b8775f8aa948f8fda02456b\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 100974 b9c4cb0e343eb63dbda925b29888186d\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 182710 be662df46e52c604f0ef9aee39287bd4\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 60936 d39a4e432ed22e23cc7342986b59cad2\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 91922 62f5f68fe447a9e1367457ba4ac1033e\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 72734 e3a771cb836f6fc6b40402befbdfdf20\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.diff.gz\n Size/MD5: 884759 6834e06b9b7420e013639e5f0177dde7\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.dsc\n Size/MD5: 1671 2df8fc05d522a39465b516106eb1c720\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz\n Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5ubuntu2.3_all.deb\n Size/MD5: 2149012 143718b601a3a99b8ebd05937ecaed25\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 146656 2d86ade2be3e079d940e8919217802e7\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 166316 faec7da08e9aa386f72e349c7408bf10\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 1479408 de4a5e28107e556683c959c1a0cfa819\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 93046 a88830b71b66d9071ecf9e43422c1d3e\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 512336 6623911d29c86d0da61a57ac3f5443fa\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 93766 c1fe58d664c3021eb0f3b39a21f292f6\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 237514 15434edb948a81df6827c54e7cfc493a\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 69208 f38a09c9ce73b663053b0c16e562d53e\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 108010 397c0979124621bde63b49d55df1951b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 198894 971764b78a61757018f675faaf8d13c2\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 68258 7abb3d320bbaac22e6d91c8ddf808ced\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 94832 c3b98b57230bdd7b7f6ebb83418b398f\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 76946 85b0519be431be8228d1b8930ca82032\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 137258 6722093f41aea33c126c60594e91aa89\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 150922 b01712adff6c2dd19bbb578691b55a82\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 1417102 87153ec02650a379e068d91412027243\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 93044 d29e99de8b3cd37a2f66411cb62f69e6\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 473744 d7f752135e4a924139b89e5873901aa1\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 87338 441b4cbdfcf76a714c81f88fc78d45f0\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 213942 12b948c395cf70a2fea94cc8fc195228\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 64306 bab53b895c90f98f7964e66768e8e020\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 102364 0892484a20867e24c567a57fa9bdabbe\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 185436 c7716a56e5e00c6b34c37d619c3e2fd3\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 65034 673f5afa510e0b6c9718ca2b0b1d8634\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 88118 4d16b24b0c8de073394fcd16efbd471b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 70886 7c57638b2967e79f0b35ed27baca2c5c\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 137092 88eac351aa4c04cabeb5004ba0488a89\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 148518 5c4bcb387e8ceae4642e955c9073b936\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 1448176 04dc34d8d656fdd5cabfd522a2862fcb\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 93040 696bfd471bba2b1f3cb7d5c0538068d0\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 464142 11481d506c939a4595c5d235768692e5\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 87422 41b6c7fb1aed7ddfd0732af69c393ee5\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 207106 86e5df0b876d7a0fc53ff75dffcced9e\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 64392 783c9e473eb37ca0368c9a52aa92d343\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 102218 548d6f447c103522fa6616dbea42e75a\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 184990 325f5322d631683068bc6ddc6af35940\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 64550 b6b3f9ad2c07f8f7597c484fc14315be\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 87292 bcdb18ceb438927ab77150be9c4176f9\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 70680 eb8483a9164d278a76774413d9660ddb\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 157362 3603a529157befb84af0edad2c3bb7dc\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 161722 7ba5b2cd8023ffb44230d435aad75f4c\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 1476674 1db714f8b53e25bdc2301cdfa99551bf\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 93054 82c6e84e63e5c5a561dfc55a5bbee018\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 494652 9251f6d55d90fbf9bb28ee930cef7aed\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 97626 05a2eef51dafed34f8689bde6d025d51\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 245924 2e85a1edc5ea735861525a91a37bcca6\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 70818 aa62de270b7d513cd8bd5831c63e4d20\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 111146 d4464357b86e371914cc23251c2c1780\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 204756 dd5364842f6604199e2d7698334771ff\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 67072 5144031c10eebd19c85b9bed8186b5a7\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 99180 54eca3303b1097ee902e2ef84f0220e7\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 77438 a18355513e1155b4dc997881878ce816\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 140558 5c0e1c57333b16f654ed94502e54d354\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 145012 bc16c76d7e202efb7f392185f9a34ecf\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 1337686 00ce5bdd2e53fd6059205375458ba917\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 93054 29490c704727e89faf1079f1b517606e\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 434466 9047f19cc6730c592a0f9ac99abd31e4\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 88702 55bf696f05f0d9b72b630d35422ed905\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 221790 bf2fb8e80cf389bee1a7b9edbcacb3d0\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 67822 4c2219ff77a59d8bcc8c78fb07e5b0e7\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 101378 d7720e20362e7870e6d205a924b7e486\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 184808 7d8827058a213b3216c16cfe15d26bf1\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 61274 1b5b021b7e019641010877555e99058d\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 92206 8baa9bba468967c26e6a2c87ffa8dfbb\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 73024 607a1edca12d6130393158fc82b86b28\n\n", sources: [ { db: "NVD", id: "CVE-2007-5971", }, { db: "CERT/CC", id: "VU#895609", }, { db: "CERT/CC", id: "VU#374121", }, { db: "JVNDB", id: "JVNDB-2007-001142", }, { db: "CNNVD", id: "CNNVD-200712-052", }, { db: "BID", id: "26750", }, { db: "VULHUB", id: "VHN-29333", }, { db: "PACKETSTORM", id: "64730", }, { db: "PACKETSTORM", id: "64729", }, { db: "PACKETSTORM", id: "64715", }, { db: "PACKETSTORM", id: "64848", }, { db: "PACKETSTORM", id: "89725", }, { db: "PACKETSTORM", id: "61598", }, { db: "PACKETSTORM", id: "88174", }, ], trust: 4.59, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2007-5971", trust: 3.4, }, { db: "BID", id: "26750", trust: 2.8, }, { db: "SECUNIA", id: "28636", trust: 1.7, }, { db: "SECUNIA", id: "29420", trust: 1.7, }, { db: "SECUNIA", id: "29462", trust: 1.7, }, { db: "SECUNIA", id: "29457", trust: 1.7, }, { db: "SECUNIA", id: "29451", trust: 1.7, }, { db: "SECUNIA", id: "29516", trust: 1.7, }, { db: "SECUNIA", id: "29450", trust: 1.7, }, { db: "SECUNIA", id: "29464", trust: 1.7, }, { db: "OSVDB", id: "43345", trust: 1.7, }, { db: "VUPEN", id: "ADV-2008-0924", trust: 1.7, }, { db: "SECUNIA", id: "39290", trust: 1.1, }, { db: "SECUNIA", id: "39784", trust: 1.1, }, { db: "VUPEN", id: "ADV-2010-1192", trust: 1.1, }, { db: "CERT/CC", id: "VU#895609", trust: 0.9, }, { db: "CERT/CC", id: "VU#374121", trust: 0.9, }, { db: "USCERT", id: "TA08-079B", trust: 0.9, }, { db: "USCERT", id: "TA08-079A", trust: 0.8, }, { db: "USCERT", id: "SA08-079A", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2007-001142", trust: 0.8, }, { db: "REDHAT", id: "RHSA-2008:0164", trust: 0.6, }, { db: "REDHAT", id: "RHSA-2008:0180", trust: 0.6, }, { db: "MANDRIVA", id: "MDVSA-2008:069", trust: 0.6, }, { db: "MANDRIVA", id: "MDVSA-2008:070", trust: 0.6, }, { db: "FEDORA", id: "FEDORA-2008-2637", trust: 0.6, }, { db: "FEDORA", id: "FEDORA-2008-2647", trust: 0.6, }, { db: "NSFOCUS", id: "11249", trust: 0.6, }, { db: "FULLDISC", id: "20071208 MIT KERBEROS 5: MULTIPLE VULNERABILITIES", trust: 0.6, }, { db: "FULLDISC", id: "20071208 VENUSTECH REPORTS OF MIT KRB5 VULNS [CVE-2007-5894 CVE-2007-5901 CVE-2007-5902 CVE-2007-5971 CVE-2007-5972]", trust: 0.6, }, { db: "SUSE", id: "SUSE-SR:2008:002", trust: 0.6, }, { db: "GENTOO", id: "GLSA-200803-31", trust: 0.6, }, { db: "BUGTRAQ", id: "20080319 RPSA-2008-0112-1 KRB5 KRB5-SERVER KRB5-SERVICES KRB5-TEST KRB5-WORKSTATION", trust: 0.6, }, { db: "APPLE", id: "APPLE-SA-2008-03-18", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-200712-052", trust: 0.6, }, { db: "PACKETSTORM", id: "64730", trust: 0.2, }, { db: "VULHUB", id: "VHN-29333", trust: 0.1, }, { db: "PACKETSTORM", id: "64729", trust: 0.1, }, { db: "PACKETSTORM", id: "64715", trust: 0.1, }, { db: "PACKETSTORM", id: "64848", trust: 0.1, }, { db: "PACKETSTORM", id: "89725", trust: 0.1, }, { db: "PACKETSTORM", id: "61598", trust: 0.1, }, { db: "PACKETSTORM", id: "88174", trust: 0.1, }, ], sources: [ { db: "CERT/CC", id: "VU#895609", }, { db: "CERT/CC", id: "VU#374121", }, { db: "VULHUB", id: "VHN-29333", }, { db: "BID", id: "26750", }, { db: "JVNDB", id: "JVNDB-2007-001142", }, { db: "PACKETSTORM", id: "64730", }, { db: "PACKETSTORM", id: "64729", }, { db: "PACKETSTORM", id: "64715", }, { db: "PACKETSTORM", id: "64848", }, { db: "PACKETSTORM", id: "89725", }, { db: "PACKETSTORM", id: "61598", }, { db: "PACKETSTORM", id: "88174", }, { db: "CNNVD", id: "CNNVD-200712-052", }, { db: "NVD", id: "CVE-2007-5971", }, ], }, id: "VAR-200712-0604", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-29333", }, ], trust: 0.01, }, last_update_date: "2024-07-23T21:14:23.335000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Update 2008-002", trust: 0.8, url: "http://support.apple.com/kb/ht1249", }, { title: "Security Update 2008-002", trust: 0.8, url: "http://docs.info.apple.com/article.html?artnum=307562-ja", }, { title: "krb5-1.5-29.1AX", trust: 0.8, url: "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=121", }, { title: "krb5-1.6.1-17AXS3.1", trust: 0.8, url: "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=218", }, { title: "1265", trust: 0.8, url: "http://www.miraclelinux.com/update/linux/list.php?errata_id=1265", }, { title: "1269", trust: 0.8, url: "http://www.miraclelinux.com/update/linux/list.php?errata_id=1269", }, { title: "Top Page", trust: 0.8, url: "http://web.mit.edu/kerberos/", }, { title: "RHSA-2008:0164", trust: 0.8, url: "https://rhn.redhat.com/errata/rhsa-2008-0164.html", }, { title: "RHSA-2008:0180", trust: 0.8, url: "https://rhn.redhat.com/errata/rhsa-2008-0180.html", }, { title: "RHSA-2008:0180", trust: 0.8, url: "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2008-0180j.html", }, { title: "RHSA-2008:0164", trust: 0.8, url: "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2008-0164j.html", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2007-001142", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-399", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-29333", }, { db: "JVNDB", id: "JVNDB-2007-001142", }, { db: "NVD", id: "CVE-2007-5971", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.5, url: "http://www.securityfocus.com/bid/26750", }, { trust: 2, url: "http://seclists.org/fulldisclosure/2007/dec/0321.html", }, { trust: 2, url: "http://bugs.gentoo.org/show_bug.cgi?id=199212", }, { trust: 1.8, url: "http://security.gentoo.org/glsa/glsa-200803-31.xml", }, { trust: 1.7, url: "http://lists.apple.com/archives/security-announce/2008/mar/msg00001.html", }, { trust: 1.7, url: "http://docs.info.apple.com/article.html?artnum=307562", }, { trust: 1.7, url: "http://wiki.rpath.com/advisories:rpsa-2008-0112", }, { trust: 1.7, url: "http://wiki.rpath.com/wiki/advisories:rpsa-2008-0112", }, { trust: 1.7, url: "https://issues.rpath.com/browse/rpl-2012", }, { trust: 1.7, url: "https://www.redhat.com/archives/fedora-package-announce/2008-march/msg00537.html", }, { trust: 1.7, url: "https://www.redhat.com/archives/fedora-package-announce/2008-march/msg00544.html", }, { trust: 1.7, url: "http://seclists.org/fulldisclosure/2007/dec/0176.html", }, { trust: 1.7, url: "http://www.mandriva.com/security/advisories?name=mdvsa-2008:069", }, { trust: 1.7, url: "http://www.mandriva.com/security/advisories?name=mdvsa-2008:070", }, { trust: 1.7, url: "http://osvdb.org/43345", }, { trust: 1.7, url: "http://www.redhat.com/support/errata/rhsa-2008-0164.html", }, { trust: 1.7, url: "http://www.redhat.com/support/errata/rhsa-2008-0180.html", }, { trust: 1.7, url: "http://secunia.com/advisories/28636", }, { trust: 1.7, url: "http://secunia.com/advisories/29420", }, { trust: 1.7, url: "http://secunia.com/advisories/29450", }, { trust: 1.7, url: "http://secunia.com/advisories/29451", }, { trust: 1.7, url: "http://secunia.com/advisories/29457", }, { trust: 1.7, url: "http://secunia.com/advisories/29462", }, { trust: 1.7, url: "http://secunia.com/advisories/29464", }, { trust: 1.7, url: "http://secunia.com/advisories/29516", }, { trust: 1.7, url: "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html", }, { trust: 1.6, url: "about vulnerability notes", }, { trust: 1.6, url: "contact us about this vulnerability", }, { trust: 1.6, url: "provide a vendor statement", }, { trust: 1.2, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5971", }, { trust: 1.1, url: "http://www.securityfocus.com/archive/1/489883/100/0/threaded", }, { trust: 1.1, url: "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10296", }, { trust: 1.1, url: "http://secunia.com/advisories/39290", }, { trust: 1.1, url: "http://secunia.com/advisories/39784", }, { trust: 1.1, url: "http://ubuntu.com/usn/usn-924-1", }, { trust: 1.1, url: "http://www.ubuntu.com/usn/usn-940-1", }, { trust: 1.1, url: "http://www.vupen.com/english/advisories/2008/0924/references", }, { trust: 1.1, url: "http://www.vupen.com/english/advisories/2010/1192", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnta08-079b/index.html", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnta08-079a/index.html", }, { trust: 0.8, url: "http://jvn.jp/tr/trta08-079b/index.html", }, { trust: 0.8, url: "http://jvn.jp/tr/trta08-079a/index.html", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-5971", }, { trust: 0.8, url: "http://www.us-cert.gov/cas/alerts/sa08-079a.html", }, { trust: 0.8, url: "http://www.us-cert.gov/cas/techalerts/ta08-079b.html", }, { trust: 0.8, url: "http://www.us-cert.gov/cas/techalerts/ta08-079a.html", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5971", }, { trust: 0.6, url: "http://www.securityfocus.com/archive/1/archive/1/489883/100/0/threaded", }, { trust: 0.6, url: "http://www.frsirt.com/english/advisories/2008/0924/references", }, { trust: 0.6, url: "http://www.nsfocus.net/vulndb/11249", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5901", }, { trust: 0.3, url: "http://bugs.gentoo.org/show_bug.cgi?id=199205", }, { trust: 0.3, url: "http://bugs.gentoo.org/show_bug.cgi?id=199211", }, { trust: 0.3, url: "http://bugs.gentoo.org/show_bug.cgi?id=199214", }, { trust: 0.3, url: "http://web.mit.edu/kerberos/", }, { trust: 0.3, url: "http://rhn.redhat.com/errata/rhsa-2008-0164.html", }, { trust: 0.3, url: "http://rhn.redhat.com/errata/rhsa-2008-0180.html", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0947", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0062", }, { trust: 0.3, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0947", }, { trust: 0.3, url: "http://secunia.com/", }, { trust: 0.3, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0062", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0063", }, { trust: 0.3, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0063", }, { trust: 0.3, url: "http://lists.grok.org.uk/full-disclosure-charter.html", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5972", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5902", }, { trust: 0.2, url: "http://www.mandriva.com/security/", }, { trust: 0.2, url: "http://web.mit.edu/kerberos/advisories/mitkrb5-sa-2008-002.txt", }, { trust: 0.2, url: "http://www.mandriva.com/security/advisories", }, { trust: 0.2, url: "http://web.mit.edu/kerberos/advisories/mitkrb5-sa-2008-001.txt", }, { trust: 0.2, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5901", }, { trust: 0.2, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5894", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1.orig.tar.gz", }, { trust: 0.1, url: "http://www.us-cert.gov/cas/signup.html>.", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/id/374121>", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/id/895609>", }, { trust: 0.1, url: "http://www.us-cert.gov/cas/techalerts/ta08-079b.html>", }, { trust: 0.1, url: "http://web.mit.edu/kerberos/advisories/mitkrb5-sa-2008-002.txt2>", }, { trust: 0.1, url: "http://www.us-cert.gov/legal.html>", }, { trust: 0.1, url: "http://bugs.gentoo.org.", }, { trust: 0.1, url: "http://creativecommons.org/licenses/by-sa/2.5", }, { trust: 0.1, url: "http://security.gentoo.org/", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.5.dsc", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.11.diff.gz", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.7dfsg~beta3-1ubuntu0.6.dsc", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.7dfsg~beta3-1ubuntu0.6_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-1321", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.7dfsg~beta3.orig.tar.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.4.diff.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.3~beta1-2ubuntu1.5_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.4.dsc", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-1320", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.5.diff.gz", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5ubuntu2.4_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-5ubuntu0.11_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.11.dsc", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.7dfsg~beta3-1ubuntu0.6.diff.gz", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3.orig.tar.gz", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5972", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5894", }, { trust: 0.1, url: "http://www.venustech.com.cn)", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5902", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.dsc", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-3ubuntu0.4_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.dsc", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-0629", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.diff.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.diff.gz", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.diff.gz", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.dsc", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.3~beta1-2ubuntu1.4_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5ubuntu2.3_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, ], sources: [ { db: "CERT/CC", id: "VU#895609", }, { db: "CERT/CC", id: "VU#374121", }, { db: "VULHUB", id: "VHN-29333", }, { db: "BID", id: "26750", }, { db: "JVNDB", id: "JVNDB-2007-001142", }, { db: "PACKETSTORM", id: "64730", }, { db: "PACKETSTORM", id: "64729", }, { db: "PACKETSTORM", id: "64715", }, { db: "PACKETSTORM", id: "64848", }, { db: "PACKETSTORM", id: "89725", }, { db: "PACKETSTORM", id: "61598", }, { db: "PACKETSTORM", id: "88174", }, { db: "CNNVD", id: "CNNVD-200712-052", }, { db: "NVD", id: "CVE-2007-5971", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CERT/CC", id: "VU#895609", }, { db: "CERT/CC", id: "VU#374121", }, { db: "VULHUB", id: "VHN-29333", }, { db: "BID", id: "26750", }, { db: "JVNDB", id: "JVNDB-2007-001142", }, { db: "PACKETSTORM", id: "64730", }, { db: "PACKETSTORM", id: "64729", }, { db: "PACKETSTORM", id: "64715", }, { db: "PACKETSTORM", id: "64848", }, { db: "PACKETSTORM", id: "89725", }, { db: "PACKETSTORM", id: "61598", }, { db: "PACKETSTORM", id: "88174", }, { db: "CNNVD", id: "CNNVD-200712-052", }, { db: "NVD", id: "CVE-2007-5971", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2008-03-19T00:00:00", db: "CERT/CC", id: "VU#895609", }, { date: "2008-03-18T00:00:00", db: "CERT/CC", id: "VU#374121", }, { date: "2007-12-06T00:00:00", db: "VULHUB", id: "VHN-29333", }, { date: "2007-12-06T00:00:00", db: "BID", id: "26750", }, { date: "2008-04-03T00:00:00", db: "JVNDB", id: "JVNDB-2007-001142", }, { date: "2008-03-19T23:37:11", db: "PACKETSTORM", id: "64730", }, { date: "2008-03-19T23:35:04", db: "PACKETSTORM", id: "64729", }, { date: "2008-03-19T22:59:32", db: "PACKETSTORM", id: "64715", }, { date: "2008-03-24T22:48:28", db: "PACKETSTORM", id: "64848", }, { date: "2010-05-20T02:48:24", db: "PACKETSTORM", id: "89725", }, { date: "2007-12-08T01:06:55", db: "PACKETSTORM", id: "61598", }, { date: "2010-04-07T22:25:37", db: "PACKETSTORM", id: "88174", }, { date: "2007-12-05T00:00:00", db: "CNNVD", id: "CNNVD-200712-052", }, { date: "2007-12-06T02:46:00", db: "NVD", id: "CVE-2007-5971", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2011-07-22T00:00:00", db: "CERT/CC", id: "VU#895609", }, { date: "2011-07-22T00:00:00", db: "CERT/CC", id: "VU#374121", }, { date: "2018-10-15T00:00:00", db: "VULHUB", id: "VHN-29333", }, { date: "2015-04-13T21:56:00", db: "BID", id: "26750", }, { date: "2008-10-29T00:00:00", db: "JVNDB", id: "JVNDB-2007-001142", }, { date: "2007-12-06T00:00:00", db: "CNNVD", id: "CNNVD-200712-052", }, { date: "2018-10-15T21:48:40.977000", db: "NVD", id: "CVE-2007-5971", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-200712-052", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "MIT Kerberos Multiple Memory Corruption Vulnerabilities", sources: [ { db: "BID", id: "26750", }, { db: "CNNVD", id: "CNNVD-200712-052", }, ], trust: 0.9, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "resource management error", sources: [ { db: "CNNVD", id: "CNNVD-200712-052", }, ], trust: 0.6, }, }
var-201408-0298
Vulnerability from variot
Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via network traffic that appears to come from an intended acceptor, but specifies a security mechanism different from the one proposed by the initiator. MIT Kerberos 5 is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause a program to crash, resulting in denial-of-service conditions. Versions prior to Kerberos 5 1.12.2 are vulnerable.
CVE-2014-4343
An unauthenticated remote attacker with the ability to spoof packets
appearing to be from a GSSAPI acceptor can cause a double-free
condition in GSSAPI initiators (clients) which are using the SPNEGO
mechanism, by returning a different underlying mechanism than was
proposed by the initiator.
CVE-2014-4344
An unauthenticated or partially authenticated remote attacker can
cause a NULL dereference and application crash during a SPNEGO
negotiation by sending an empty token as the second or later context
token from initiator to acceptor.
For the stable distribution (wheezy), these problems have been fixed in version 1.10.1+dfsg-5+deb7u2.
For the unstable distribution (sid), these problems have been fixed in version 1.12.1+dfsg-7. ========================================================================== Ubuntu Security Notice USN-2310-1 August 11, 2014
krb5 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in Kerberos. This issue only affected Ubuntu 12.04 LTS. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2014-4344)
Tomas Kuthan and Greg Hudson discovered that the Kerberos kadmind daemon incorrectly handled buffers when used with the LDAP backend. (CVE-2014-4345)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: krb5-admin-server 1.12+dfsg-2ubuntu4.2 krb5-kdc 1.12+dfsg-2ubuntu4.2 krb5-kdc-ldap 1.12+dfsg-2ubuntu4.2 krb5-otp 1.12+dfsg-2ubuntu4.2 krb5-pkinit 1.12+dfsg-2ubuntu4.2 krb5-user 1.12+dfsg-2ubuntu4.2 libgssapi-krb5-2 1.12+dfsg-2ubuntu4.2 libgssrpc4 1.12+dfsg-2ubuntu4.2 libk5crypto3 1.12+dfsg-2ubuntu4.2 libkadm5clnt-mit9 1.12+dfsg-2ubuntu4.2 libkadm5srv-mit9 1.12+dfsg-2ubuntu4.2 libkdb5-7 1.12+dfsg-2ubuntu4.2 libkrad0 1.12+dfsg-2ubuntu4.2 libkrb5-3 1.12+dfsg-2ubuntu4.2 libkrb5support0 1.12+dfsg-2ubuntu4.2
Ubuntu 12.04 LTS: krb5-admin-server 1.10+dfsg~beta1-2ubuntu0.5 krb5-kdc 1.10+dfsg~beta1-2ubuntu0.5 krb5-kdc-ldap 1.10+dfsg~beta1-2ubuntu0.5 krb5-pkinit 1.10+dfsg~beta1-2ubuntu0.5 krb5-user 1.10+dfsg~beta1-2ubuntu0.5 libgssapi-krb5-2 1.10+dfsg~beta1-2ubuntu0.5 libgssrpc4 1.10+dfsg~beta1-2ubuntu0.5 libk5crypto3 1.10+dfsg~beta1-2ubuntu0.5 libkadm5clnt-mit8 1.10+dfsg~beta1-2ubuntu0.5 libkadm5srv-mit8 1.10+dfsg~beta1-2ubuntu0.5 libkdb5-6 1.10+dfsg~beta1-2ubuntu0.5 libkrb5-3 1.10+dfsg~beta1-2ubuntu0.5 libkrb5support0 1.10+dfsg~beta1-2ubuntu0.5
Ubuntu 10.04 LTS: krb5-admin-server 1.8.1+dfsg-2ubuntu0.13 krb5-kdc 1.8.1+dfsg-2ubuntu0.13 krb5-kdc-ldap 1.8.1+dfsg-2ubuntu0.13 krb5-pkinit 1.8.1+dfsg-2ubuntu0.13 krb5-user 1.8.1+dfsg-2ubuntu0.13 libgssapi-krb5-2 1.8.1+dfsg-2ubuntu0.13 libgssrpc4 1.8.1+dfsg-2ubuntu0.13 libk5crypto3 1.8.1+dfsg-2ubuntu0.13 libkadm5clnt-mit7 1.8.1+dfsg-2ubuntu0.13 libkadm5srv-mit7 1.8.1+dfsg-2ubuntu0.13 libkdb5-4 1.8.1+dfsg-2ubuntu0.13 libkrb5-3 1.8.1+dfsg-2ubuntu0.13 libkrb5support0 1.8.1+dfsg-2ubuntu0.13
In general, a standard system update will make all the necessary changes.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-crypt/mit-krb5 < 1.13 >= 1.13
Description
Multiple vulnerabilities have been discovered in MIT Kerberos 5. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All MIT Kerberos 5 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-crypt/mit-krb5-1.13"
References
[ 1 ] CVE-2014-4341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4341 [ 2 ] CVE-2014-4343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4343 [ 3 ] CVE-2014-4345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4345 [ 4 ] CVE-2014-5351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5351
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201412-53.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: krb5 security, bug fix and enhancement update Advisory ID: RHSA-2015:0439-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0439.html Issue date: 2015-03-05 CVE Names: CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345 CVE-2014-5352 CVE-2014-5353 CVE-2014-9421 CVE-2014-9422 CVE-2014-9423 =====================================================================
- Summary:
Updated krb5 packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
Kerberos is a networked authentication system which allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos KDC.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO acceptor for continuation tokens. A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application. (CVE-2014-4344)
A buffer overflow was found in the KADM5 administration server (kadmind) when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind. (CVE-2014-4345)
A use-after-free flaw was found in the way the MIT Kerberos libgssapi_krb5 library processed valid context deletion tokens. An attacker able to make an application using the GSS-API library (libgssapi) call the gss_process_context_token() function could use this flaw to crash that application. (CVE-2014-5352)
If kadmind were used with an LDAP back end for the KDC database, a remote, authenticated attacker with the permissions to set the password policy could crash kadmind by attempting to use a named ticket policy object as a password policy for a principal. (CVE-2014-5353)
A double-free flaw was found in the way MIT Kerberos handled invalid External Data Representation (XDR) data. An authenticated user could use this flaw to crash the MIT Kerberos administration server (kadmind), or other applications using Kerberos libraries, using specially crafted XDR packets. (CVE-2014-9421)
It was found that the MIT Kerberos administration server (kadmind) incorrectly accepted certain authentication requests for two-component server principal names. A remote attacker able to acquire a key with a particularly named principal (such as "kad/x") could use this flaw to impersonate any user to kadmind, and perform administrative actions as that user. (CVE-2014-9422)
An information disclosure flaw was found in the way MIT Kerberos RPCSEC_GSS implementation (libgssrpc) handled certain requests. An attacker could send a specially crafted request to an application using libgssrpc to disclose a limited portion of uninitialized memory used by that application. (CVE-2014-9423)
Two buffer over-read flaws were found in the way MIT Kerberos handled certain requests. A remote, unauthenticated attacker able to inject packets into a client or server application's GSSAPI session could use either of these flaws to crash the application. An attacker able to spoof packets to appear as though they are from an GSSAPI acceptor could use this flaw to crash a client application that uses MIT Kerberos. (CVE-2014-4343)
Red Hat would like to thank the MIT Kerberos project for reporting the CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, and CVE-2014-9423 issues. MIT Kerberos project acknowledges Nico Williams for helping with the analysis of CVE-2014-5352.
The krb5 packages have been upgraded to upstream version 1.12, which provides a number of bug fixes and enhancements, including:
-
Added plug-in interfaces for principal-to-username mapping and verifying authorization to user accounts.
-
When communicating with a KDC over a connected TCP or HTTPS socket, the client gives the KDC more time to reply before it transmits the request to another server. (BZ#1049709, BZ#1127995)
This update also fixes multiple bugs, for example:
- The Kerberos client library did not recognize certain exit statuses that the resolver libraries could return when looking up the addresses of servers configured in the /etc/krb5.conf file or locating Kerberos servers using DNS service location. The library could treat non-fatal return codes as fatal errors. Now, the library interprets the specific return codes correctly. (BZ#1084068, BZ#1109102)
In addition, this update adds various enhancements. Among others:
-
Added support for contacting KDCs and kpasswd servers through HTTPS proxies implementing the Kerberos KDC Proxy (KKDCP) protocol. (BZ#1109919)
-
Solution:
All krb5 users are advised to upgrade to these updated packages, which correct these issues and add these enhancements.
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1084068 - ipv6 address handling in krb5.conf 1102837 - Please backport improved GSSAPI mech configuration 1109102 - Kerberos does not handle incorrect Active Directory DNS SRV entries correctly 1109919 - Backport https support into libkrb5 1116180 - CVE-2014-4341 krb5: denial of service flaws when handling padding length longer than the plaintext 1118347 - ksu non-functional, gets invalid argument copying cred cache 1120581 - CVE-2014-4342 krb5: denial of service flaws when handling RFC 1964 tokens 1121789 - CVE-2014-4343: use-after-free crash in SPNEGO 1121876 - CVE-2014-4343 krb5: double-free flaw in SPNEGO initiators 1121877 - CVE-2014-4344 krb5: NULL pointer dereference flaw in SPNEGO acceptor for continuation tokens 1127995 - aggressive kinit timeout causes AS_REQ resent and subsequent OTP auth failure 1128157 - CVE-2014-4345 krb5: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001) 1166012 - libkadmclnt SONAME change (8 to 9) in krb5 1.12 update 1174543 - CVE-2014-5353 krb5: NULL pointer dereference when using a ticket policy name as a password policy name 1179856 - CVE-2014-5352 krb5: gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001) 1179857 - CVE-2014-9421 krb5: kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001) 1179861 - CVE-2014-9422 krb5: kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001) 1179863 - CVE-2014-9423 krb5: libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001) 1184629 - kinit loops on principals on unknown error
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: krb5-1.12.2-14.el7.src.rpm
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: krb5-1.12.2-14.el7.src.rpm
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: krb5-1.12.2-14.el7.src.rpm
ppc64: krb5-debuginfo-1.12.2-14.el7.ppc.rpm krb5-debuginfo-1.12.2-14.el7.ppc64.rpm krb5-devel-1.12.2-14.el7.ppc.rpm krb5-devel-1.12.2-14.el7.ppc64.rpm krb5-libs-1.12.2-14.el7.ppc.rpm krb5-libs-1.12.2-14.el7.ppc64.rpm krb5-pkinit-1.12.2-14.el7.ppc64.rpm krb5-server-1.12.2-14.el7.ppc64.rpm krb5-server-ldap-1.12.2-14.el7.ppc64.rpm krb5-workstation-1.12.2-14.el7.ppc64.rpm
s390x: krb5-debuginfo-1.12.2-14.el7.s390.rpm krb5-debuginfo-1.12.2-14.el7.s390x.rpm krb5-devel-1.12.2-14.el7.s390.rpm krb5-devel-1.12.2-14.el7.s390x.rpm krb5-libs-1.12.2-14.el7.s390.rpm krb5-libs-1.12.2-14.el7.s390x.rpm krb5-pkinit-1.12.2-14.el7.s390x.rpm krb5-server-1.12.2-14.el7.s390x.rpm krb5-server-ldap-1.12.2-14.el7.s390x.rpm krb5-workstation-1.12.2-14.el7.s390x.rpm
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: krb5-1.12.2-14.el7.src.rpm
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-4341 https://access.redhat.com/security/cve/CVE-2014-4342 https://access.redhat.com/security/cve/CVE-2014-4343 https://access.redhat.com/security/cve/CVE-2014-4344 https://access.redhat.com/security/cve/CVE-2014-4345 https://access.redhat.com/security/cve/CVE-2014-5352 https://access.redhat.com/security/cve/CVE-2014-5353 https://access.redhat.com/security/cve/CVE-2014-9421 https://access.redhat.com/security/cve/CVE-2014-9422 https://access.redhat.com/security/cve/CVE-2014-9423 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFU+GoxXlSAg2UNWIIRAtkZAJ9PYyHLsR1t+YWgqw4jb4XTtX8iuACgkxfi gZD8EL2lSaLXnIQxca8zLTg= =aK0y -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 6) - i386, x86_64
It was found that if a KDC served multiple realms, certain requests could cause the setup_server_realm() function to dereference a NULL pointer. (CVE-2014-4343)
These updated krb5 packages also include several bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.6 Technical Notes, linked to in the References section, for information on the most significant of these changes
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201408-0298", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.10.1", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11.3", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.10", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11.4", }, { model: "enterprise linux server", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "7.0", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11.1", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.10.2", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.12", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.12.1", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11.2", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.10.3", }, { model: "enterprise linux hpc node", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "enterprise linux workstation", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11.5", }, { model: "enterprise linux desktop", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.10.4", }, { model: "kerberos", scope: "eq", trust: 0.8, vendor: "mit kerberos", version: "5 1.12.2", }, { model: "kerberos", scope: "lt", trust: 0.8, vendor: "mit kerberos", version: "1.10.x from 1.12.x", }, { model: "kerberos", scope: "eq", trust: 0.6, vendor: "mit", version: "5-1.11.4", }, { model: "linux lts", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "14.04", }, { model: "linux lts", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "12.04", }, { model: "linux 10.04.lts", scope: null, trust: 0.3, vendor: "ubuntu", version: null, }, { model: "enterprise linux workstation", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "enterprise linux server", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "enterprise linux hpc node optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "enterprise linux hpc node", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "enterprise linux desktop optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "enterprise linux desktop", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "7", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "6.2", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.12.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.11.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.12", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.11.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.11.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.11.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10.7", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.3", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.14", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.3.4", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.3.3", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.3.2", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.3.0", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.2.5", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.2.4", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.2.0", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.1.9", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.1.8", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.1.3", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.1.1", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.1.0", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.0.13", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.0.12", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.0.11", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.0.10", }, { model: "power hmc", scope: "eq", trust: 0.3, vendor: "ibm", version: "8.8.2.0", }, { model: "power hmc", scope: "eq", trust: 0.3, vendor: "ibm", version: "8.8.1.0", }, { model: "aix", scope: "eq", trust: 0.3, vendor: "ibm", version: "7.1", }, { model: "aix", scope: "eq", trust: 0.3, vendor: "ibm", version: "6.1", }, { model: "aix", scope: "eq", trust: 0.3, vendor: "ibm", version: "5.3", }, { model: "linux", scope: null, trust: 0.3, vendor: "gentoo", version: null, }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.6", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.4", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.2", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.0", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux s/390", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux mips", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux ia-64", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux ia-32", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux arm", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "one-x client enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "ip office server edition", scope: "eq", trust: 0.3, vendor: "avaya", version: "9.0", }, { model: "ip office server edition", scope: "eq", trust: 0.3, vendor: "avaya", version: "8.1", }, { model: "ip office application server", scope: "eq", trust: 0.3, vendor: "avaya", version: "9.0", }, { model: "cms r17", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3.1", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3.3", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.2", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.1", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.0", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "aura conferencing", scope: "eq", trust: 0.3, vendor: "avaya", version: "8.0", }, { model: "aura collaboration environment", scope: "eq", trust: 0.3, vendor: "avaya", version: "3.0", }, { model: "aura collaboration environment", scope: "eq", trust: 0.3, vendor: "avaya", version: "2.0", }, { model: "kerberos", scope: "ne", trust: 0.3, vendor: "mit", version: "51.12.2", }, ], sources: [ { db: "BID", id: "69159", }, { db: "JVNDB", id: "JVNDB-2014-003818", }, { db: "NVD", id: "CVE-2014-4343", }, { db: "CNNVD", id: "CNNVD-201408-251", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2014-4343", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The vendor reported this issue.", sources: [ { db: "BID", id: "69159", }, ], trust: 0.3, }, cve: "CVE-2014-4343", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 7.6, confidentialityImpact: "COMPLETE", exploitabilityScore: 4.9, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:H/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "High", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Complete", baseScore: 7.6, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2014-4343", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:H/Au:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2014-4343", trust: 1.8, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201408-251", trust: 0.6, value: "HIGH", }, { author: "VULMON", id: "CVE-2014-4343", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "VULMON", id: "CVE-2014-4343", }, { db: "JVNDB", id: "JVNDB-2014-003818", }, { db: "NVD", id: "CVE-2014-4343", }, { db: "CNNVD", id: "CNNVD-201408-251", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via network traffic that appears to come from an intended acceptor, but specifies a security mechanism different from the one proposed by the initiator. MIT Kerberos 5 is prone to a remote denial-of-service vulnerability. \nAttackers can exploit this issue to cause a program to crash, resulting in denial-of-service conditions. \nVersions prior to Kerberos 5 1.12.2 are vulnerable. \n\nCVE-2014-4343\n\n An unauthenticated remote attacker with the ability to spoof packets\n appearing to be from a GSSAPI acceptor can cause a double-free\n condition in GSSAPI initiators (clients) which are using the SPNEGO\n mechanism, by returning a different underlying mechanism than was\n proposed by the initiator. \n\nCVE-2014-4344\n\n An unauthenticated or partially authenticated remote attacker can\n cause a NULL dereference and application crash during a SPNEGO\n negotiation by sending an empty token as the second or later context\n token from initiator to acceptor. \n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 1.10.1+dfsg-5+deb7u2. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.12.1+dfsg-7. ==========================================================================\nUbuntu Security Notice USN-2310-1\nAugust 11, 2014\n\nkrb5 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Kerberos. This issue only affected Ubuntu\n12.04 LTS. This\nissue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. This issue only affected\nUbuntu 10.04 LTS and Ubuntu 12.04 LTS. \nThis issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. \n(CVE-2014-4344)\n\nTomas Kuthan and Greg Hudson discovered that the Kerberos kadmind daemon\nincorrectly handled buffers when used with the LDAP backend. (CVE-2014-4345)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n krb5-admin-server 1.12+dfsg-2ubuntu4.2\n krb5-kdc 1.12+dfsg-2ubuntu4.2\n krb5-kdc-ldap 1.12+dfsg-2ubuntu4.2\n krb5-otp 1.12+dfsg-2ubuntu4.2\n krb5-pkinit 1.12+dfsg-2ubuntu4.2\n krb5-user 1.12+dfsg-2ubuntu4.2\n libgssapi-krb5-2 1.12+dfsg-2ubuntu4.2\n libgssrpc4 1.12+dfsg-2ubuntu4.2\n libk5crypto3 1.12+dfsg-2ubuntu4.2\n libkadm5clnt-mit9 1.12+dfsg-2ubuntu4.2\n libkadm5srv-mit9 1.12+dfsg-2ubuntu4.2\n libkdb5-7 1.12+dfsg-2ubuntu4.2\n libkrad0 1.12+dfsg-2ubuntu4.2\n libkrb5-3 1.12+dfsg-2ubuntu4.2\n libkrb5support0 1.12+dfsg-2ubuntu4.2\n\nUbuntu 12.04 LTS:\n krb5-admin-server 1.10+dfsg~beta1-2ubuntu0.5\n krb5-kdc 1.10+dfsg~beta1-2ubuntu0.5\n krb5-kdc-ldap 1.10+dfsg~beta1-2ubuntu0.5\n krb5-pkinit 1.10+dfsg~beta1-2ubuntu0.5\n krb5-user 1.10+dfsg~beta1-2ubuntu0.5\n libgssapi-krb5-2 1.10+dfsg~beta1-2ubuntu0.5\n libgssrpc4 1.10+dfsg~beta1-2ubuntu0.5\n libk5crypto3 1.10+dfsg~beta1-2ubuntu0.5\n libkadm5clnt-mit8 1.10+dfsg~beta1-2ubuntu0.5\n libkadm5srv-mit8 1.10+dfsg~beta1-2ubuntu0.5\n libkdb5-6 1.10+dfsg~beta1-2ubuntu0.5\n libkrb5-3 1.10+dfsg~beta1-2ubuntu0.5\n libkrb5support0 1.10+dfsg~beta1-2ubuntu0.5\n\nUbuntu 10.04 LTS:\n krb5-admin-server 1.8.1+dfsg-2ubuntu0.13\n krb5-kdc 1.8.1+dfsg-2ubuntu0.13\n krb5-kdc-ldap 1.8.1+dfsg-2ubuntu0.13\n krb5-pkinit 1.8.1+dfsg-2ubuntu0.13\n krb5-user 1.8.1+dfsg-2ubuntu0.13\n libgssapi-krb5-2 1.8.1+dfsg-2ubuntu0.13\n libgssrpc4 1.8.1+dfsg-2ubuntu0.13\n libk5crypto3 1.8.1+dfsg-2ubuntu0.13\n libkadm5clnt-mit7 1.8.1+dfsg-2ubuntu0.13\n libkadm5srv-mit7 1.8.1+dfsg-2ubuntu0.13\n libkdb5-4 1.8.1+dfsg-2ubuntu0.13\n libkrb5-3 1.8.1+dfsg-2ubuntu0.13\n libkrb5support0 1.8.1+dfsg-2ubuntu0.13\n\nIn general, a standard system update will make all the necessary changes. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-crypt/mit-krb5 < 1.13 >= 1.13 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in MIT Kerberos 5. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll MIT Kerberos 5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-crypt/mit-krb5-1.13\"\n\nReferences\n==========\n\n[ 1 ] CVE-2014-4341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4341\n[ 2 ] CVE-2014-4343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4343\n[ 3 ] CVE-2014-4345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4345\n[ 4 ] CVE-2014-5351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5351\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201412-53.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users' machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: krb5 security, bug fix and enhancement update\nAdvisory ID: RHSA-2015:0439-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-0439.html\nIssue date: 2015-03-05\nCVE Names: CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 \n CVE-2014-4344 CVE-2014-4345 CVE-2014-5352 \n CVE-2014-5353 CVE-2014-9421 CVE-2014-9422 \n CVE-2014-9423 \n=====================================================================\n\n1. Summary:\n\nUpdated krb5 packages that fix multiple security issues, several bugs, and\nadd various enhancements are now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\nKerberos is a networked authentication system which allows clients and\nservers to authenticate to each other with the help of a trusted third\nparty, the Kerberos KDC. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nA NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO\nacceptor for continuation tokens. A remote, unauthenticated attacker could\nuse this flaw to crash a GSSAPI-enabled server application. (CVE-2014-4344)\n\nA buffer overflow was found in the KADM5 administration server (kadmind)\nwhen it was used with an LDAP back end for the KDC database. A remote,\nauthenticated attacker could potentially use this flaw to execute arbitrary\ncode on the system running kadmind. (CVE-2014-4345)\n\nA use-after-free flaw was found in the way the MIT Kerberos libgssapi_krb5\nlibrary processed valid context deletion tokens. An attacker able to make\nan application using the GSS-API library (libgssapi) call the\ngss_process_context_token() function could use this flaw to crash that\napplication. (CVE-2014-5352)\n\nIf kadmind were used with an LDAP back end for the KDC database, a remote,\nauthenticated attacker with the permissions to set the password policy\ncould crash kadmind by attempting to use a named ticket policy object as a\npassword policy for a principal. (CVE-2014-5353)\n\nA double-free flaw was found in the way MIT Kerberos handled invalid\nExternal Data Representation (XDR) data. An authenticated user could use\nthis flaw to crash the MIT Kerberos administration server (kadmind), or\nother applications using Kerberos libraries, using specially crafted XDR\npackets. (CVE-2014-9421)\n\nIt was found that the MIT Kerberos administration server (kadmind)\nincorrectly accepted certain authentication requests for two-component\nserver principal names. A remote attacker able to acquire a key with a\nparticularly named principal (such as \"kad/x\") could use this flaw to\nimpersonate any user to kadmind, and perform administrative actions as that\nuser. (CVE-2014-9422)\n\nAn information disclosure flaw was found in the way MIT Kerberos RPCSEC_GSS\nimplementation (libgssrpc) handled certain requests. An attacker could send\na specially crafted request to an application using libgssrpc to disclose a\nlimited portion of uninitialized memory used by that application. \n(CVE-2014-9423)\n\nTwo buffer over-read flaws were found in the way MIT Kerberos handled\ncertain requests. A remote, unauthenticated attacker able to inject packets\ninto a client or server application's GSSAPI session could use either of\nthese flaws to crash the application. An\nattacker able to spoof packets to appear as though they are from an GSSAPI\nacceptor could use this flaw to crash a client application that uses MIT\nKerberos. (CVE-2014-4343)\n\nRed Hat would like to thank the MIT Kerberos project for reporting the\nCVE-2014-5352, CVE-2014-9421, CVE-2014-9422, and CVE-2014-9423 issues. MIT\nKerberos project acknowledges Nico Williams for helping with the analysis\nof CVE-2014-5352. \n\nThe krb5 packages have been upgraded to upstream version 1.12, which\nprovides a number of bug fixes and enhancements, including:\n\n* Added plug-in interfaces for principal-to-username mapping and verifying\nauthorization to user accounts. \n\n* When communicating with a KDC over a connected TCP or HTTPS socket, the\nclient gives the KDC more time to reply before it transmits the request to\nanother server. (BZ#1049709, BZ#1127995)\n\nThis update also fixes multiple bugs, for example:\n\n* The Kerberos client library did not recognize certain exit statuses that\nthe resolver libraries could return when looking up the addresses of\nservers configured in the /etc/krb5.conf file or locating Kerberos servers\nusing DNS service location. The library could treat non-fatal return codes\nas fatal errors. Now, the library interprets the specific return codes\ncorrectly. (BZ#1084068, BZ#1109102)\n\nIn addition, this update adds various enhancements. Among others:\n\n* Added support for contacting KDCs and kpasswd servers through HTTPS\nproxies implementing the Kerberos KDC Proxy (KKDCP) protocol. (BZ#1109919)\n\n4. Solution:\n\nAll krb5 users are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements. \n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1084068 - ipv6 address handling in krb5.conf\n1102837 - Please backport improved GSSAPI mech configuration\n1109102 - Kerberos does not handle incorrect Active Directory DNS SRV entries correctly\n1109919 - Backport https support into libkrb5\n1116180 - CVE-2014-4341 krb5: denial of service flaws when handling padding length longer than the plaintext\n1118347 - ksu non-functional, gets invalid argument copying cred cache\n1120581 - CVE-2014-4342 krb5: denial of service flaws when handling RFC 1964 tokens\n1121789 - CVE-2014-4343: use-after-free crash in SPNEGO\n1121876 - CVE-2014-4343 krb5: double-free flaw in SPNEGO initiators\n1121877 - CVE-2014-4344 krb5: NULL pointer dereference flaw in SPNEGO acceptor for continuation tokens\n1127995 - aggressive kinit timeout causes AS_REQ resent and subsequent OTP auth failure\n1128157 - CVE-2014-4345 krb5: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001)\n1166012 - libkadmclnt SONAME change (8 to 9) in krb5 1.12 update\n1174543 - CVE-2014-5353 krb5: NULL pointer dereference when using a ticket policy name as a password policy name\n1179856 - CVE-2014-5352 krb5: gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)\n1179857 - CVE-2014-9421 krb5: kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)\n1179861 - CVE-2014-9422 krb5: kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)\n1179863 - CVE-2014-9423 krb5: libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)\n1184629 - kinit loops on principals on unknown error\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nkrb5-1.12.2-14.el7.src.rpm\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-libs-1.12.2-14.el7.i686.rpm\nkrb5-libs-1.12.2-14.el7.x86_64.rpm\nkrb5-pkinit-1.12.2-14.el7.x86_64.rpm\nkrb5-workstation-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-devel-1.12.2-14.el7.i686.rpm\nkrb5-devel-1.12.2-14.el7.x86_64.rpm\nkrb5-server-1.12.2-14.el7.x86_64.rpm\nkrb5-server-ldap-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nkrb5-1.12.2-14.el7.src.rpm\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-libs-1.12.2-14.el7.i686.rpm\nkrb5-libs-1.12.2-14.el7.x86_64.rpm\nkrb5-pkinit-1.12.2-14.el7.x86_64.rpm\nkrb5-workstation-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-devel-1.12.2-14.el7.i686.rpm\nkrb5-devel-1.12.2-14.el7.x86_64.rpm\nkrb5-server-1.12.2-14.el7.x86_64.rpm\nkrb5-server-ldap-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nkrb5-1.12.2-14.el7.src.rpm\n\nppc64:\nkrb5-debuginfo-1.12.2-14.el7.ppc.rpm\nkrb5-debuginfo-1.12.2-14.el7.ppc64.rpm\nkrb5-devel-1.12.2-14.el7.ppc.rpm\nkrb5-devel-1.12.2-14.el7.ppc64.rpm\nkrb5-libs-1.12.2-14.el7.ppc.rpm\nkrb5-libs-1.12.2-14.el7.ppc64.rpm\nkrb5-pkinit-1.12.2-14.el7.ppc64.rpm\nkrb5-server-1.12.2-14.el7.ppc64.rpm\nkrb5-server-ldap-1.12.2-14.el7.ppc64.rpm\nkrb5-workstation-1.12.2-14.el7.ppc64.rpm\n\ns390x:\nkrb5-debuginfo-1.12.2-14.el7.s390.rpm\nkrb5-debuginfo-1.12.2-14.el7.s390x.rpm\nkrb5-devel-1.12.2-14.el7.s390.rpm\nkrb5-devel-1.12.2-14.el7.s390x.rpm\nkrb5-libs-1.12.2-14.el7.s390.rpm\nkrb5-libs-1.12.2-14.el7.s390x.rpm\nkrb5-pkinit-1.12.2-14.el7.s390x.rpm\nkrb5-server-1.12.2-14.el7.s390x.rpm\nkrb5-server-ldap-1.12.2-14.el7.s390x.rpm\nkrb5-workstation-1.12.2-14.el7.s390x.rpm\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-devel-1.12.2-14.el7.i686.rpm\nkrb5-devel-1.12.2-14.el7.x86_64.rpm\nkrb5-libs-1.12.2-14.el7.i686.rpm\nkrb5-libs-1.12.2-14.el7.x86_64.rpm\nkrb5-pkinit-1.12.2-14.el7.x86_64.rpm\nkrb5-server-1.12.2-14.el7.x86_64.rpm\nkrb5-server-ldap-1.12.2-14.el7.x86_64.rpm\nkrb5-workstation-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nkrb5-1.12.2-14.el7.src.rpm\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-devel-1.12.2-14.el7.i686.rpm\nkrb5-devel-1.12.2-14.el7.x86_64.rpm\nkrb5-libs-1.12.2-14.el7.i686.rpm\nkrb5-libs-1.12.2-14.el7.x86_64.rpm\nkrb5-pkinit-1.12.2-14.el7.x86_64.rpm\nkrb5-server-1.12.2-14.el7.x86_64.rpm\nkrb5-server-ldap-1.12.2-14.el7.x86_64.rpm\nkrb5-workstation-1.12.2-14.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-4341\nhttps://access.redhat.com/security/cve/CVE-2014-4342\nhttps://access.redhat.com/security/cve/CVE-2014-4343\nhttps://access.redhat.com/security/cve/CVE-2014-4344\nhttps://access.redhat.com/security/cve/CVE-2014-4345\nhttps://access.redhat.com/security/cve/CVE-2014-5352\nhttps://access.redhat.com/security/cve/CVE-2014-5353\nhttps://access.redhat.com/security/cve/CVE-2014-9421\nhttps://access.redhat.com/security/cve/CVE-2014-9422\nhttps://access.redhat.com/security/cve/CVE-2014-9423\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFU+GoxXlSAg2UNWIIRAtkZAJ9PYyHLsR1t+YWgqw4jb4XTtX8iuACgkxfi\ngZD8EL2lSaLXnIQxca8zLTg=\n=aK0y\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 6) - i386, x86_64\n\n3. \n\nIt was found that if a KDC served multiple realms, certain requests could\ncause the setup_server_realm() function to dereference a NULL pointer. (CVE-2014-4343)\n\nThese updated krb5 packages also include several bug fixes. Space precludes\ndocumenting all of these changes in this advisory. Users are directed to\nthe Red Hat Enterprise Linux 6.6 Technical Notes, linked to in the\nReferences section, for information on the most significant of these\nchanges", sources: [ { db: "NVD", id: "CVE-2014-4343", }, { db: "JVNDB", id: "JVNDB-2014-003818", }, { db: "BID", id: "69159", }, { db: "VULMON", id: "CVE-2014-4343", }, { db: "PACKETSTORM", id: "127813", }, { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "129774", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, ], trust: 2.43, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2014-4343", trust: 3.3, }, { db: "SECUNIA", id: "60082", trust: 1.7, }, { db: "SECUNIA", id: "59102", trust: 1.7, }, { db: "BID", id: "69159", trust: 1.4, }, { db: "SECUNIA", id: "61052", trust: 1.1, }, { db: "SECUNIA", id: "60448", trust: 1.1, }, { db: "SECTRACK", id: "1030706", trust: 1.1, }, { db: "OSVDB", id: "109390", trust: 1.1, }, { db: "JVNDB", id: "JVNDB-2014-003818", trust: 0.8, }, { db: "SECUNIA", id: "59499", trust: 0.6, }, { db: "SECUNIA", id: "60645", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-201408-251", trust: 0.6, }, { db: "VULMON", id: "CVE-2014-4343", trust: 0.1, }, { db: "PACKETSTORM", id: "127813", trust: 0.1, }, { db: "PACKETSTORM", id: "127825", trust: 0.1, }, { db: "PACKETSTORM", id: "129774", trust: 0.1, }, { db: "PACKETSTORM", id: "130669", trust: 0.1, }, { db: "PACKETSTORM", id: "128660", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2014-4343", }, { db: "BID", id: "69159", }, { db: "JVNDB", id: "JVNDB-2014-003818", }, { db: "PACKETSTORM", id: "127813", }, { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "129774", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, { db: "NVD", id: "CVE-2014-4343", }, { db: "CNNVD", id: "CNNVD-201408-251", }, ], }, id: "VAR-201408-0298", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.44448256, }, last_update_date: "2023-12-18T10:48:55.827000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Fix double-free in SPNEGO [CVE-2014-4343]", trust: 0.8, url: "https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f", }, { title: "RHSA-2015:0439", trust: 0.8, url: "https://rhn.redhat.com/errata/rhsa-2015-0439.html", }, { title: "Ticket #7969 Double-free in initiator during SPNEGO renegotiation [CVE-2014-4343]", trust: 0.8, url: "http://krbdev.mit.edu/rt/ticket/display.html?id=7969", }, { title: "krb5-krb5-1.12.2-final", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51700", }, { title: "krb5-krb5-1.12.2-final", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51699", }, { title: "Red Hat: CVE-2014-4343", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=cve-2014-4343", }, { title: "Debian CVElist Bug Report Logs: CVE-2014-4344 in krb5: NULL dereference in GSSAPI servers", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=35d4f3ce5652ab755f81ed48de881600", }, { title: "Debian Security Advisories: DSA-3000-1 krb5 -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=4185a1f803abcb8297ba9b981d24413f", }, { title: "Debian CVElist Bug Report Logs: CVE-2014-4342 in krb5: insufficient validation processing rfc 1964 tokens", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=289247c77758756a143eb9a839abfd1d", }, { title: "Debian CVElist Bug Report Logs: CVE-2014-4341 in krb5: insufficient validation processing rfc 1964 tokens", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=4d39c93e60e14a46f4d47ceeb92df9f3", }, { title: "Debian CVElist Bug Report Logs: CVE-2014-4343 in krb5: double-free in SPNEGO initiators", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=9c2c9693f1995e06458de00ef1a741ea", }, { title: "Debian CVElist Bug Report Logs: CVE-2014-4345 in krb5-kdc-ldap: buffer overrun in kadmind", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=5b462e2e6415f47bd0fd28d7421f6993", }, { title: "Ubuntu Security Notice: krb5 vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=usn-2310-1", }, { title: "Amazon Linux AMI: ALAS-2014-443", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=alas-2014-443", }, ], sources: [ { db: "VULMON", id: "CVE-2014-4343", }, { db: "JVNDB", id: "JVNDB-2014-003818", }, { db: "CNNVD", id: "CNNVD-201408-251", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-415", trust: 1, }, { problemtype: "CWE-Other", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2014-003818", }, { db: "NVD", id: "CVE-2014-4343", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f", }, { trust: 1.7, url: "http://krbdev.mit.edu/rt/ticket/display.html?id=7969", }, { trust: 1.7, url: "http://secunia.com/advisories/60082", }, { trust: 1.7, url: "http://secunia.com/advisories/59102", }, { trust: 1.4, url: "https://bugzilla.redhat.com/show_bug.cgi?id=1121876", }, { trust: 1.4, url: "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", }, { trust: 1.2, url: "http://security.gentoo.org/glsa/glsa-201412-53.xml", }, { trust: 1.2, url: "http://rhn.redhat.com/errata/rhsa-2015-0439.html", }, { trust: 1.1, url: "http://www.debian.org/security/2014/dsa-3000", }, { trust: 1.1, url: "http://www.securitytracker.com/id/1030706", }, { trust: 1.1, url: "http://www.securityfocus.com/bid/69159", }, { trust: 1.1, url: "http://www.osvdb.org/109390", }, { trust: 1.1, url: "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15553.html", }, { trust: 1.1, url: "http://secunia.com/advisories/61052", }, { trust: 1.1, url: "http://secunia.com/advisories/60448", }, { trust: 1.1, url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136360.html", }, { trust: 1.1, url: "http://advisories.mageia.org/mgasa-2014-0345.html", }, { trust: 1.1, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95211", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4343", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4343", }, { trust: 0.6, url: "http://secunia.com/advisories/59499", }, { trust: 0.6, url: "http://secunia.com/advisories/60645", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4345", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4343", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4341", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4344", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4342", }, { trust: 0.3, url: "http://web.mit.edu/kerberos/", }, { trust: 0.3, url: "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15553.html?%20ref=rss", }, { trust: 0.3, url: "https://downloads.avaya.com/css/p8/documents/101004185", }, { trust: 0.3, url: "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020664", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2014-4343", }, { trust: 0.2, url: "http://www.debian.org/security/", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2013-1418", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2013-6800", }, { trust: 0.2, url: "https://access.redhat.com/articles/11258", }, { trust: 0.2, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.2, url: "https://www.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.2, url: "https://bugzilla.redhat.com/):", }, { trust: 0.2, url: "https://access.redhat.com/security/updates/classification/#moderate", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/415.html", }, { trust: 0.1, url: "http://tools.cisco.com/security/center/viewalert.x?alertid=35474", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://usn.ubuntu.com/2310-1/", }, { trust: 0.1, url: "http://www.debian.org/security/faq", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/krb5/1.8.1+dfsg-2ubuntu0.13", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/krb5/1.12+dfsg-2ubuntu4.2", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-1416", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/krb5/1.10+dfsg~beta1-2ubuntu0.5", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2012-1016", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-1415", }, { trust: 0.1, url: "http://www.ubuntu.com/usn/usn-2310-1", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-4343", }, { trust: 0.1, url: "http://creativecommons.org/licenses/by-sa/2.5", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-5351", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-4345", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-4341", }, { trust: 0.1, url: "http://security.gentoo.org/", }, { trust: 0.1, url: "https://bugs.gentoo.org.", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-5351", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4342", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-9421", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-5353", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-9423", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4341", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-5353", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-9422", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-9421", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4345", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-9423", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-5352", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-5352", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-9422", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4344", }, { trust: 0.1, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2013-6800.html", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4345.html", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4344.html", }, { trust: 0.1, url: "https://rhn.redhat.com/errata/rhsa-2014-1389.html", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4343.html", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2013-1418.html", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/6.6_technical_notes/krb5.html#rhsa-2014-1389", }, { trust: 0.1, url: "https://access.redhat.com/security/team/key/#package", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4342.html", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4341.html", }, ], sources: [ { db: "VULMON", id: "CVE-2014-4343", }, { db: "BID", id: "69159", }, { db: "JVNDB", id: "JVNDB-2014-003818", }, { db: "PACKETSTORM", id: "127813", }, { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "129774", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, { db: "NVD", id: "CVE-2014-4343", }, { db: "CNNVD", id: "CNNVD-201408-251", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2014-4343", }, { db: "BID", id: "69159", }, { db: "JVNDB", id: "JVNDB-2014-003818", }, { db: "PACKETSTORM", id: "127813", }, { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "129774", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, { db: "NVD", id: "CVE-2014-4343", }, { db: "CNNVD", id: "CNNVD-201408-251", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2014-08-14T00:00:00", db: "VULMON", id: "CVE-2014-4343", }, { date: "2014-07-22T00:00:00", db: "BID", id: "69159", }, { date: "2014-08-15T00:00:00", db: "JVNDB", id: "JVNDB-2014-003818", }, { date: "2014-08-11T13:33:00", db: "PACKETSTORM", id: "127813", }, { date: "2014-08-11T18:24:00", db: "PACKETSTORM", id: "127825", }, { date: "2014-12-31T12:12:00", db: "PACKETSTORM", id: "129774", }, { date: "2015-03-05T21:51:51", db: "PACKETSTORM", id: "130669", }, { date: "2014-10-14T23:04:48", db: "PACKETSTORM", id: "128660", }, { date: "2014-08-14T05:01:49.897000", db: "NVD", id: "CVE-2014-4343", }, { date: "2014-08-15T00:00:00", db: "CNNVD", id: "CNNVD-201408-251", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-01-21T00:00:00", db: "VULMON", id: "CVE-2014-4343", }, { date: "2015-05-07T17:32:00", db: "BID", id: "69159", }, { date: "2015-06-08T00:00:00", db: "JVNDB", id: "JVNDB-2014-003818", }, { date: "2020-01-21T15:46:47.197000", db: "NVD", id: "CVE-2014-4343", }, { date: "2014-08-20T00:00:00", db: "CNNVD", id: "CNNVD-201408-251", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, { db: "CNNVD", id: "CNNVD-201408-251", }, ], trust: 0.9, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "MIT Kerberos 5 of lib/gssapi/spnego/spnego_mech.c of SPNEGO Initiator init_ctx_reselect Function double memory vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2014-003818", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-201408-251", }, ], trust: 0.6, }, }
var-200803-0027
Vulnerability from variot
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer dereference or double-free. Vulnerabilities in the MIT Kerberos Key Distribution Center server could allow a remote attacker to compromise the key database, gain access to sensitive information, or cause a denial of service. It adopts a client/server structure, and both the client and the server can authenticate each other (that is, double verification), which can prevent eavesdropping and replay attack, etc. MIT Kerberos 5 (also known as krb5) is a set of network authentication protocols developed by the Massachusetts Institute of Technology (MIT). ), which can prevent eavesdropping, prevent replay attacks, etc. If the KDC receives a malformed Kerberos 4 message, and there was no previous Kerberos 4 communication, a null pointer dereference will be triggered, causing the KDC to crash. If there is valid Kerberos 4 communication, messages sent to the client are locked using a null pointer; the pointer may resend a previously generated response, send some arbitrary block of process memory (which may contain key data), or due to an attempt to Accessing an invalid address crashes the process. If the process does not crash, a random address is passed to free(), which may corrupt the release pool, causing a crash, data corruption, or a jump to an arbitrary address in process memory. =========================================================== Ubuntu Security Notice USN-587-1 March 19, 2008 krb5 vulnerabilities CVE-2008-0062, CVE-2008-0063, CVE-2008-0947 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: libkadm55 1.4.3-5ubuntu0.7 libkrb53 1.4.3-5ubuntu0.7
Ubuntu 6.10: libkadm55 1.4.3-9ubuntu1.6 libkrb53 1.4.3-9ubuntu1.6
Ubuntu 7.04: libkadm55 1.4.4-5ubuntu3.4 libkrb53 1.4.4-5ubuntu3.4
Ubuntu 7.10: libkadm55 1.6.dfsg.1-7ubuntu0.1 libkrb53 1.6.dfsg.1-7ubuntu0.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
It was discovered that krb5 did not correctly handle certain krb4 requests. (CVE-2008-0947)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.7.diff.gz
Size/MD5: 1460317 0090e30287f3448ed9babac78c39d5ca
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.7.dsc
Size/MD5: 848 237125b6b35a1a059e5573d10fd7c18e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3.orig.tar.gz
Size/MD5: 7279788 43fe621ecb849a83ee014dfb856c54af
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-5ubuntu0.7_all.deb
Size/MD5: 853222 dfd657a08b13ce0f3916e49ab8e3ce28
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_amd64.deb
Size/MD5: 190904 e9e05267f551177f3c7cae46fdda9565
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_amd64.deb
Size/MD5: 768706 79270ab27ac164fc4c76822e1dc0be2c
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_amd64.deb
Size/MD5: 425714 d8467d288bf46cdfa35ba74e6aa0ff02
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_amd64.deb
Size/MD5: 80378 b2d795bc82f8f962ceff0afdd11060da
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_amd64.deb
Size/MD5: 223230 73161771034af58dc6d0cd0c4be72fa8
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_amd64.deb
Size/MD5: 60376 f0712ab86caf1d9d9e52ff3750afeddd
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_amd64.deb
Size/MD5: 135158 34b51b738a69c2aeb9df20e0af93e9bc
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_amd64.deb
Size/MD5: 85274 265b8ad9968001e5c984743650d635ac
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_amd64.deb
Size/MD5: 67600 bd5c7020310f1bd70f8dc98864c2961c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_amd64.deb
Size/MD5: 129906 0f0383de4d51d8581a260021c3332f72
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_i386.deb
Size/MD5: 165730 8128a78d17cd98c4ccfa086b390af167
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_i386.deb
Size/MD5: 647222 96672590753337d39b1aadc24dac0531
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_i386.deb
Size/MD5: 381120 af9c45400c55b68778f3b769c238548d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_i386.deb
Size/MD5: 72298 754b91046e7e47bb0f2aa58cd2ca3797
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_i386.deb
Size/MD5: 187240 d7e5a8b1a077776309282bc328aab885
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_i386.deb
Size/MD5: 54326 1137dd0e4209cf7edb38ff327feb342d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_i386.deb
Size/MD5: 121564 9e36fe3a9567176b2e224a45e55017a0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_i386.deb
Size/MD5: 75920 cd8854a9ae911eaa1c82eaa945b3d175
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_i386.deb
Size/MD5: 58720 eaf05e05f40183c066e294bec431bc61
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_i386.deb
Size/MD5: 119078 67a73b248bf33afee23ffb885f5d2e18
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_powerpc.deb
Size/MD5: 177716 b834ad9d37a2e3dfa44d086c6dcbfbc9
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_powerpc.deb
Size/MD5: 752002 22dd063609b942c4996c56a3f74b266c
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_powerpc.deb
Size/MD5: 395914 b4fde9f81a08aa112f48b38f1d7faf9c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_powerpc.deb
Size/MD5: 80530 7e55073ee6b67ba12f0ed48d0137e73c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_powerpc.deb
Size/MD5: 220582 482d21e5007a1876bf6af64e434b4942
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_powerpc.deb
Size/MD5: 59574 4f47514f7992a292c162f40f8a174ee6
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_powerpc.deb
Size/MD5: 135962 0e23ea255a84c3a580e0d7e6b0da9546
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_powerpc.deb
Size/MD5: 85120 e07cf29268ba053833122cca9ed79d8d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_powerpc.deb
Size/MD5: 65990 3c4f25017e0760f4dd10404e604087a8
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_powerpc.deb
Size/MD5: 134952 7096226ce8ce15dd20c6ed933888d56e
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_sparc.deb
Size/MD5: 165278 5c8580725c8a200f24173d38dfce388e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_sparc.deb
Size/MD5: 678538 4002d8655a43f5784d5e9c95bc5b4f76
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_sparc.deb
Size/MD5: 368726 5ee45e24f0ac54d79a55c20674b2887f
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_sparc.deb
Size/MD5: 73042 672530bb7218c04a67e23d1053757050
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_sparc.deb
Size/MD5: 197404 ea257178102f6b7732ef12538ead3e24
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_sparc.deb
Size/MD5: 56304 855c59021874c714bd4e2605de10d5a6
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_sparc.deb
Size/MD5: 124374 7d8f7f84b2c1648b63129ba342389d75
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_sparc.deb
Size/MD5: 76922 142ed0e2c119d596c5437ac8f9042064
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_sparc.deb
Size/MD5: 62350 db681a03624a21a34425fea9f6fa9ade
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_sparc.deb
Size/MD5: 120620 ebe2ddf8dc131cf6e3322e1cb125f2f3
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-9ubuntu1.6.diff.gz
Size/MD5: 1481707 dc6dd5cd6d4a125e2fa70b9ebc3f8b12
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-9ubuntu1.6.dsc
Size/MD5: 883 8fdcf0af1cc631c882a44ae0214e0b6f
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3.orig.tar.gz
Size/MD5: 7279788 43fe621ecb849a83ee014dfb856c54af
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-9ubuntu1.6_all.deb
Size/MD5: 853934 f3a7a044bedb974b32a46708774ec894
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 190826 7772b734a889ea97cf052de39072cead
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 1073390 bedf0987fe159bc38c30663ad966d0ac
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 772708 5cc8e489a0f6fcca17c3e0d8b9588879
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 428050 11b4c2211b18453bd2a662a297569f49
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 81790 06f349106755cc19cfb3f29fcc7228f8
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 224408 59491e595a544a84463a6deec8305f66
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 61620 f58dcb4c09e4c96f3db5bfc8172fdffa
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 139116 31943a9766f657fd47ac1aded48d49d6
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 87426 1033408d2692b38926947f8ae85e1515
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 68116 291db335b868748c933a7c67e6add6a7
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 130628 a2cb3cd3ee9ede8c3c10e695fd8148af
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 173062 e15aa9368fc4e4ef4562a23cc1780484
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 1024998 798f81a00c59842cbc2c8ea8cd4b9a5e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 673152 671e72c1eb7645dfda924c77949610dd
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 404172 445f952e23f810f6de10773a01fd68ae
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 75380 0b3cd4b087f56ebdd527d61194cf7fc0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 196506 bff3435e0da9aecff7a26d73e712937f
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 57136 3fafa3cd2cd2792e740c4d6976a881de
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 129352 7e190df154981717bf711697c5042cd4
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 80102 94a76cc7807e9d6598b4a452a7fbb738
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 61928 b7fdd344e683ce45be88f8fa43290175
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 122208 eb1ec6653d6d790e23dbcc14cd98f5f7
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 180126 f8e5d077ee06234bbb9881beb9d49f36
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 1076974 4752e5e87fdcd67fcb0f1ee2c35ddf80
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 758400 73ed6c35fbdcf1866a65a6198df8ca82
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 399112 1fdd3a0a2a45bd410a1f4e72713a0e1e
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 82420 446cda40d1590c088e2fc83118a58e13
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 223182 8e6f5f3062fe3cfb113db73bc8a1a89e
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 61826 b4ad931a1a1d48b668a972893502cd67
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 141210 8892626a667e0010a0cba8fe19df958f
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 87318 c7306114bbb195c221962abc469a1d42
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 67222 b99ea3def960bdc849376c508e263f0d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 136888 1c651e27011fa9c25ea87960b40ffe1b
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 167176 0f2f57754f3e012257a6fef890a23767
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 957816 2ef6010c70801e7b0dd5e633a08e3fac
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 685238 a68016ffc9abcd0eab3f7f1ae323e83e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 374074 d5ff62adb392f5be8b29c2e1056f6f92
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 75210 9611a07b489b518605a9550b27b3dd7c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 203684 89d989c5db437eba6e9e56fc9bf7dc93
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 58980 b9d7f11d5c491595c90006ae7c039935
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 129664 acf15ad70331066092154952cbd7754a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 80428 8409c34ee32612d48e8936618118bab7
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 63612 64b2987c2aee57159bc092c5fe37a25b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 122730 95db549e03f3bc30995d566f8ea7edac
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.4-5ubuntu3.4.diff.gz
Size/MD5: 1589880 e20eef948656a29a255b557af6e7817b
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.4-5ubuntu3.4.dsc
Size/MD5: 968 971223b33ae8631f013c20a3c8867805
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.4.orig.tar.gz
Size/MD5: 11017910 a675e5953bb8a29b5c6eb6f4ab0bb32a
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.4-5ubuntu3.4_all.deb
Size/MD5: 1806176 c34d13b6877a21c426a85719a6ecf6a0
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 194368 2b6345b614c38e353a3ec4abd2957e6d
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 1076886 d4e2d9d77afd78df99d96a6541730527
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 772608 c3f93d5b94e84df6faac86b701f9836c
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 436580 f7e6430bf6f628592596b44e7341af30
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 83772 ad232225b5bbc88f1e0f5bd55916de24
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 226770 34e47342c392be9006254e15fc0258e3
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 62258 c71fecc4d7bd6e3191c08a19cbf07aa5
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 141840 33ec180078e9b8e1f80fca5f26c1d558
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 88380 64572d633f1a84999b2205bd6958206c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 68890 dcabc2bcaac75b7e226c9090a82207a0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 132614 f129069e4dd68ccf7801c717603713ef
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 176870 9e0e200bdff3119ef8488f9a5bf62e7c
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 1031008 8a80209f195b2eb787236e0dcd8aaa23
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 672020 7b5b4e1643b5802b2bbfab006d0e6d7a
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 412036 213c308bef9eaa6762ab755da6e7442a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 77328 295e5ed2c0c2366fc6b3d343607ae431
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 199040 1b0a50f1bf8e421d9838acea254c6c26
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 57780 96ae66401532d513b4333c3429f6e2eb
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 131900 fc29493488e6311a94cfa5ec2c5ac7a8
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 81008 0c2bd14ee6534cad097d5d80200cc94a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 62650 8d1f1316f52fe066626f0fde07f8b990
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 124088 de985ccf04486e2043c2324affbb18af
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 194590 f63db5ccc5825220d5014b1d7eda0ebe
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 1082008 3501eca4bc0d14b39fbc662ee20ab7cb
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 757006 169816425e730c69266d39518fb718f8
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 429982 24a79674c75e6f9731d34468ad86e27c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 90254 936f19b572498c2de200fd3e323657de
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 240274 eb844e20839937a3ccad330429ba1840
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 65452 dffc482a088d83a0100e78e69f332bb8
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 153794 308fc25b452cb374f7b45a472784761b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 96692 9566a692d6f8a6d47e9f60e25d13927d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 70680 4949b60728fc08134113f744738a293c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 150262 dbf317c0added0c3faae6710b8026fc8
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 170940 967a1344994914065dc904da571a2aef
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 965784 bd503df54b8c9afcb4e5a6a375ce7fa8
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 683396 939cb2731116dc8718ea4ebc996b5c7e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 380910 5b46d8169ecc2409caad5dd4feacdc2b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 79084 e3da961bcea67ff2c217008d141075cf
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 210904 688aeb4162f4dcf86768ddd299cf6625
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 60996 e20fcf5e2b4bab548fe8e0836aff86eb
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 135846 55612458a19bd82331991bbb672f74e9
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 84546 f1fc527ed376549516113ae94ca7d0fb
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 65282 7726043628cc103faccb839be0def042
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 127130 edddba0066c5bab862847c750a231a51
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.1-7ubuntu0.1.diff.gz
Size/MD5: 1674637 40fa0c4bdf307c7e5d9509be9870434e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.1-7ubuntu0.1.dsc
Size/MD5: 1044 2c6766c8721cf2e3caa259cdb5badf10
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.1.orig.tar.gz
Size/MD5: 14474321 8f8d6a494380f01a7a0a9236162afa52
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.1-7ubuntu0.1_all.deb
Size/MD5: 2076606 1c021446b5f479717a4998df0f87f205
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 165034 78f040deebe1683f8966347e9896fce8
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 1308970 04db0004a99e7e0d01b37d922f47df1e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 88606 6509d222135bfaa05ebf79db1f63c2a7
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 493016 54a329e5f8464d5f519ac225f4d5d778
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 87824 cac8d5d1297bb71c52a877cf0b85c393
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 228534 d6c15467cf49d74831ac0ea494eec6f9
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 65864 563aaa90bffe6ff07ff8db56cff826f8
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 185182 e1f4910f7b6fca6655696a0bb7169d7b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 91334 c1c20f704f98f19212cfa70ac9edf193
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 72950 de7748ddb5f7cd3f0744eb77770fa3e0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 137592 99c3b6d671ae7f0439f379d5b2688659
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 148364 a3e27e81c7e81f627d05c708faae402d
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 1266912 2696e89ea8cf6e857e36ee740fb65ea0
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 88624 9970f2076c76427dd0cbf217b6a6bba0
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 462068 bd3623332d7737858d0fe5918ef8838d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 81192 d4a4e0e7358f626abc0dbb81575071f6
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 199624 5a24164123aaea818f2d40c41186fdf7
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 61098 8cc21c42ff5dd534f7158c4c750a498e
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 172178 319f2ba5ea41bb97a125049f17154ac4
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 83634 049a305ea62a45ec23b65dbcd04e85fb
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 66538 a0c51897ca2c55ee7ec2447465121f5e
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 128624 df48b843cf7ab20fc4696d36bba2fe6e
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 162676 0c11613a3d49190eb92074c27833f4c6
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 1320150 c2a537a9acf0ebf7b08764506136d37e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 88634 eedc4522ba18dfed6fd2483cf8dd0379
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 482868 4d015493346726e61cd0cf9525e2b1e5
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 94492 50526cbb8952316a7b9195edcf148fd3
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 241802 99608692096cfa0e88372013a1b41517
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 68960 fc1d60376ba03106488b098f4b5ea624
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 198522 24b5f7bb74e3d978888dd1cdd065f881
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 99412 ca441f559a1e11b55c3ef52c54ede8ca
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 74666 0657bf76d80f969330c5391d65291baa
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 155750 967a3ce3bc4fe5383a2a4f6a54ac686a
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 145672 b78635a0dbdb4d4d76c7e6d7ee4cb2fa
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 1200060 c280c5257a62a657ba79ac09ed62e4ff
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 88620 9b75ff80509a5b3435f7d6f30b19ac9b
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 431168 3c7606d6ced441110ab47b16de3542fc
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 83030 cc47e0b9c435c5802a2352cb203c435c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 211104 bed40b53469b42c5a65a1f0640ae4d2f
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 64404 13877024ad747d0ce0a696210217f170
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 172948 8fd8903c9b1caa12ebe73c7c6f86de98
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 87474 c3f94c62f987a7a6d50f9d5344e59cff
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 69196 97040973c460c004ee83b7ba19ddfc88
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 131692 c12abe7485457bcd0ebe5cf3ecfcc850
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA-1524-1 security@debian.org http://www.debian.org/security/ Noah Meyerhans March 18, 2008 http://www.debian.org/security/faq
Package : krb5 Vulnerability : several Problem type : remote Debian-specific: no CVE Id(s) : CVE-2008-0062 CVE-2008-0063 CVE-2008-0947
Several remote vulnerabilities have been discovered in the kdc component of the krb5, a system for authenticating users and services on a network. It is theoretically possible for the exposed information to include secret key data on some platforms.
For the stable distribution (etch), these problems have been fixed in version 1.4.4-7etch5.
For the old stable distribution (sarge), these problems have been fixed in version krb5 1.3.6-2sarge6.
We recommend that you upgrade your krb5 packages.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian 3.1 (oldstable)
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6.orig.tar.gz Size/MD5 checksum: 6526510 7974d0fc413802712998d5fc5eec2919 http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge6.diff.gz Size/MD5 checksum: 673705 93382126a3c73ac44ed7daa7d85f166d http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge6.dsc Size/MD5 checksum: 782 0391aaf485ef1636ef18c6ba183c3fbe
Architecture independent packages:
http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.3.6-2sarge6_all.deb Size/MD5 checksum: 718916 ca2fb37b53a19207f1e1f1de90c4c1f3
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_amd64.deb Size/MD5 checksum: 137834 d43e9d3f3ef65fe8c8cbbb7b5dcbd144 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_amd64.deb Size/MD5 checksum: 177730 947fb82dd795f9272935ea4cb027e543 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_amd64.deb Size/MD5 checksum: 124864 4f1d0aa9d18013023f4a9f2b9a10db65 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_amd64.deb Size/MD5 checksum: 104886 15037693de0d9dc27460d713b547872a http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_amd64.deb Size/MD5 checksum: 63606 c4cfe2b01bfe0b579b216210817c4fa3 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_amd64.deb Size/MD5 checksum: 369420 c8d1eaf98400880ff82f727fe20f90cd http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_amd64.deb Size/MD5 checksum: 82806 30230dfe2605b88fdeac8811d408acdb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_amd64.deb Size/MD5 checksum: 57048 741292984684fddae11e130dcd388161 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_amd64.deb Size/MD5 checksum: 652378 d8f3493f4354e0b3717ffc72d6592b88 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_amd64.deb Size/MD5 checksum: 216990 0df13c59411cf57b86bd94e250cf458e
arm architecture (ARM)
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_arm.deb Size/MD5 checksum: 115684 ef39b71c5ecf4187e24d27c1111c9a54 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_arm.deb Size/MD5 checksum: 633330 08566aa29ab8d56e26070137a16731a4 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_arm.deb Size/MD5 checksum: 158874 4f60129aa092ea3d750deb168299abe7 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_arm.deb Size/MD5 checksum: 54134 e23173f4ad3a59af03fbab0369a714a9 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_arm.deb Size/MD5 checksum: 58252 255394fcc06d13b6dabc2e87c91dac02 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_arm.deb Size/MD5 checksum: 198848 aaba0529c817ff11728515f5a116f71b http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_arm.deb Size/MD5 checksum: 126814 85d31333aa01c4ab1f7b14ffaaa4c08b http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_arm.deb Size/MD5 checksum: 74940 706b7cbfb01d66cbdb371a9019b3f725 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_arm.deb Size/MD5 checksum: 329190 a661364db9bd2d5c5340a0c6a5c939f4 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_arm.deb Size/MD5 checksum: 93938 04dc96993c79d0113a0626a4439c8cbf
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_hppa.deb Size/MD5 checksum: 125154 afd4a9608fff5b1b3e793881bb2c9c2c http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_hppa.deb Size/MD5 checksum: 64286 b85cf8b5680c12c093ff34150623a3a0 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_hppa.deb Size/MD5 checksum: 59368 3df43bbb40e060d0522495ff3e78412d http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_hppa.deb Size/MD5 checksum: 669644 50027bd1d314e911c4a91647989fad1e http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_hppa.deb Size/MD5 checksum: 104948 a013d1818ed8d6dd7d75a8ac11e795f9 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_hppa.deb Size/MD5 checksum: 187304 401a8e21722c104f3d3aae86cf3640e9 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_hppa.deb Size/MD5 checksum: 383876 d50afad26c9a0416fe47dfdf5ff649f4 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_hppa.deb Size/MD5 checksum: 81992 b6c84f121f66616f578b13a3f0c654ca http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_hppa.deb Size/MD5 checksum: 139202 4972377b638f980ad757128f14132874 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_hppa.deb Size/MD5 checksum: 224154 8a8436e210dd8892487ea482a1de6522
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_i386.deb Size/MD5 checksum: 116324 445bced4eb764a78e51b68e4d7558363 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_i386.deb Size/MD5 checksum: 574784 40fa136876b3219e55de089340c0c85e http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_i386.deb Size/MD5 checksum: 52890 a6ae74be5b338ab7f215d0846353833e http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_i386.deb Size/MD5 checksum: 165726 4b2485d3b8a50cd61ffcd2e0748d70fe http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_i386.deb Size/MD5 checksum: 349416 2f33d4592484a2adf276fd29cfe9d728 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_i386.deb Size/MD5 checksum: 127878 7232e14b8bc1d78fa4346b4ed393a3b9 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_i386.deb Size/MD5 checksum: 95656 00f7666dac13adf2a7bfc81c9d801f2f http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_i386.deb Size/MD5 checksum: 191526 d8613e5a3d87838ee7155f54c1c12f3d http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_i386.deb Size/MD5 checksum: 57762 2baa509aad5f6b837753e5a3e65e63f1 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_i386.deb Size/MD5 checksum: 75890 5e52830c36794bb8ed2cdd14611ec690
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_ia64.deb Size/MD5 checksum: 134332 473be671406f747295c4a94d3f2ca3c5 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_ia64.deb Size/MD5 checksum: 289396 c95c79f18a2a8cb78131a35073c09ebe http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_ia64.deb Size/MD5 checksum: 890018 a9ca82650f5f96ac66d2b4436b0d1345 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_ia64.deb Size/MD5 checksum: 167350 f448dced91316668c1d33d6a0776eb2c http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_ia64.deb Size/MD5 checksum: 240384 5dc95c9ea35a7b052041e177114c5acf http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_ia64.deb Size/MD5 checksum: 79982 8980a39a06eeca5ef5adb623786742a2 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_ia64.deb Size/MD5 checksum: 73692 039a88dc8793fa4de6e461408cde62bd http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_ia64.deb Size/MD5 checksum: 105008 273a9dbaf7a4882f39ebd9de527f76fb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_ia64.deb Size/MD5 checksum: 502382 97f1d32991c1778752bad887f4029990 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_ia64.deb Size/MD5 checksum: 165288 7d2e3c354cc50db22fc34a396902690f
m68k architecture (Motorola Mc680x0)
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_m68k.deb Size/MD5 checksum: 71116 2f35c57d9f24856b013e27b0eef24a25 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_m68k.deb Size/MD5 checksum: 516020 203205bb2e6f66161c2aa98746687190 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_m68k.deb Size/MD5 checksum: 49768 39d4529ec4e27e2fdc75de762c5643fa http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_m68k.deb Size/MD5 checksum: 107660 0659ab018fbf062504348fc63ef97cc6 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_m68k.deb Size/MD5 checksum: 147864 b86ebef3ec1541aeabc20be31e503049 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_m68k.deb Size/MD5 checksum: 305872 1fc4f6385b5196c1c892731eac06f5b3 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_m68k.deb Size/MD5 checksum: 122106 c60b71edc9196adda91d40c4b84a908e http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_m68k.deb Size/MD5 checksum: 174180 6d750c072a8d641bd661ea5c688199f3 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_m68k.deb Size/MD5 checksum: 53478 74055ea66e27e24d79c824691da8fe0f http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_m68k.deb Size/MD5 checksum: 88692 074a5c747c652e7ce8d911077ca5586c
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_mips.deb Size/MD5 checksum: 145108 f432457761497dcfd8e1ba6fe7ac43fa http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_mips.deb Size/MD5 checksum: 164386 512e3b183ffc5f121f82981f32235377 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_mips.deb Size/MD5 checksum: 57750 d827cf9980ed4eba196dedf93e7d9b5d http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_mips.deb Size/MD5 checksum: 680860 b4718176172f14d54d2a4662ae28e534 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_mips.deb Size/MD5 checksum: 128738 a9592a522e7cc0f6db4c121ac04db438 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_mips.deb Size/MD5 checksum: 65060 9b5613121aff8f341cb2dc3786b28d78 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_mips.deb Size/MD5 checksum: 103404 eb3ca8cddb900bd4dfdb10b67ca9622c http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_mips.deb Size/MD5 checksum: 225708 d09d386a5705b48584ffd51b0127883d http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_mips.deb Size/MD5 checksum: 355178 359ca6a220b6a9e7af7b949e7a64fb5d http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_mips.deb Size/MD5 checksum: 80956 407fec89580608afebb4ff89d95bdf72
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_mipsel.deb Size/MD5 checksum: 146678 76f8820a81a1c068ab60348f1302d087 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_mipsel.deb Size/MD5 checksum: 103808 db8b0c06f58646093ca80554061cc0d1 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_mipsel.deb Size/MD5 checksum: 65266 c27b18832cafb60109ba97e529706a53 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_mipsel.deb Size/MD5 checksum: 226540 0ddfa3be4f63eeb0066682928c193996 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_mipsel.deb Size/MD5 checksum: 82060 2479f67cadc3533fb499507fc1977b5d http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_mipsel.deb Size/MD5 checksum: 355120 d1644230bb4cc0788a04f5f0c8eb961c http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_mipsel.deb Size/MD5 checksum: 58164 5dcd7db602701983272b2fbb0db88864 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_mipsel.deb Size/MD5 checksum: 130098 472042e34a7ac48352205df510767ddd http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_mipsel.deb Size/MD5 checksum: 165632 3074194d27a16bd4e737a9462d6a217a http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_mipsel.deb Size/MD5 checksum: 682776 b0046283d8860fc6c8fe968b335ff463
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_powerpc.deb Size/MD5 checksum: 61758 9496fefe85772ad549b84ae523c56e77 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_powerpc.deb Size/MD5 checksum: 217812 c5aa73b8513a3698002cc3cedfeff012 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_powerpc.deb Size/MD5 checksum: 105320 3677c003bd4c271bbe3daef5cf8f52df http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_powerpc.deb Size/MD5 checksum: 143838 61244dbf640bd19ee1cc738ee7b44b34 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_powerpc.deb Size/MD5 checksum: 57018 9afa2ba534be545b9d76d1f69c8e5468 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_powerpc.deb Size/MD5 checksum: 165746 74c29add119101782727226dc9200db0 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_powerpc.deb Size/MD5 checksum: 634906 93dd67378ead6cb763cc304516cbf632 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_powerpc.deb Size/MD5 checksum: 353104 c5b16a1f26d01435b2bcb540b5b97730 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_powerpc.deb Size/MD5 checksum: 82702 f728717a6a25b233526ad69934e376f4 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_powerpc.deb Size/MD5 checksum: 126246 da0e3adca803929ae44fad884949cbe2
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_s390.deb Size/MD5 checksum: 214176 9c4b2684ce790d6544d078efde32f5d3 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_s390.deb Size/MD5 checksum: 132996 1ed627f09d5b25bb3eaaaa4148207d7f http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_s390.deb Size/MD5 checksum: 63428 332d6f0c94eabdca1df666a3ec0c6184 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_s390.deb Size/MD5 checksum: 57214 f518a8dd4336c3916bb8c533bd8b6301 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_s390.deb Size/MD5 checksum: 624898 27ed5f1406b97c3a429ed6cc41a5421a http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_s390.deb Size/MD5 checksum: 99652 0e49258823390960faaf06522ab8f1cc http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_s390.deb Size/MD5 checksum: 376188 ec0fdc218fbe9c53fa5aaec87667b5a7 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_s390.deb Size/MD5 checksum: 82370 3a26a1e22c24add8b16498a641444a77 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_s390.deb Size/MD5 checksum: 180336 34967e4eb80a75b18a23a9f3bf05bb5f http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_s390.deb Size/MD5 checksum: 121318 883136f99bce1a8f9f413dc3d68f5762
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_sparc.deb Size/MD5 checksum: 576786 3c142ce93bd9b408ea9a6d6046e3d067 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_sparc.deb Size/MD5 checksum: 58950 91be8dfc1160f334f0ed514eaeddb3c4 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_sparc.deb Size/MD5 checksum: 53520 89ceeef920ad596b129365a1f6876818 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_sparc.deb Size/MD5 checksum: 73596 cca4a24557097c3be9dc611d686d0688 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_sparc.deb Size/MD5 checksum: 93348 0a954f5b7f637eeaea3b656699314b99 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_sparc.deb Size/MD5 checksum: 114068 e7a1986874465f458987516f27a705d1 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_sparc.deb Size/MD5 checksum: 157712 2c8a0b75fc4982ee9265d2dd8cab2cc4 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_sparc.deb Size/MD5 checksum: 126780 d6faa238b06d1ff65c6b20b54c7b4fac http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_sparc.deb Size/MD5 checksum: 194584 39322280b333988d5cce973c7c00cdad http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_sparc.deb Size/MD5 checksum: 330436 27d8b24e5a2bbb57d8078c7b1d391d53
Debian 4.0 (stable)
Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch5.dsc Size/MD5 checksum: 876 e8f30ac6b710091985a2b669632ca174 http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4.orig.tar.gz Size/MD5 checksum: 11017910 a675e5953bb8a29b5c6eb6f4ab0bb32a http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch5.diff.gz Size/MD5 checksum: 1590551 c7d7bfb6aa34876ec8b5d0767ed65c2d
Architecture independent packages:
http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.4.4-7etch5_all.deb Size/MD5 checksum: 1806352 0e3b03d93b1a62a41f9d004d3f6a69eb
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 76136 61c8f8b99cd2c5e08fe20121d5a33119 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 461032 12fe64d352941f674f01b875532ec91f http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 91648 ee8cf04beb8687f4afc0684fbed232e9 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 1087614 dc627be2679028513f541ab0db184758 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 245650 57d128cab47e74d75ad56da8b81866fe http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 154868 4cac528d66a64df26a385bb15552061c http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 136110 a0d904994baba8064c640014e238020c http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 216328 7e96a8117e5397282f9027dc99fee308 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 89690 a14489d539fc5274175e92b8c1f99cc4 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 65866 c153e17e3514e566d1b719bd4941c3f2 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 1017046 543b2403aee468ad0a1692708de9a587
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 83852 4e7e51683f130dfdbaaaa2b6bbdfd70b http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 61474 5ed45d3180ad5cda0839f53d8d9fc716 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 768634 4f227f866f481d0a11a90b1a41d14bbb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 141926 5944b339ff70c630a2d04026dc8a436c http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 68170 d5b5cc9a99c26889dcf685f88cc92a9a http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 129822 8f01b6b85827382fcb2ac54b561a1ec0 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 222262 b16ea5bddeb302c73844a465d5b27020 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 1072208 5458abcef1aa9174a703a51d9910bf42 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 190378 b663d232374d5d8ea6a1aeb6596e1e66 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 426424 39665f5600ac062e43d78823f79016a6 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 86108 786e35f5915b137445eb034ef1f53eee
arm architecture (ARM)
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_arm.deb Size/MD5 checksum: 1013602 3087dae461053141fd9099ba1bf1f520 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_arm.deb Size/MD5 checksum: 63418 6d76005bc5336972fff07aa9961bcbca http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_arm.deb Size/MD5 checksum: 682712 20f548e7e7fe59ffc450c46c58b73fd1 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_arm.deb Size/MD5 checksum: 136110 b1774fea7cea371790dc1d7b9a293395 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_arm.deb Size/MD5 checksum: 173154 785af0fd07d78658edb4a4c25082ca22 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_arm.deb Size/MD5 checksum: 59834 e369f2b68c8090e91191718d207da76d http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_arm.deb Size/MD5 checksum: 206238 c69f58637e68a2d455750e32b5b770c0 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_arm.deb Size/MD5 checksum: 390054 b972d264ad97b69120ee4e4d898f3055 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_arm.deb Size/MD5 checksum: 81426 82979ab1f34edf407dc1a32f4be2a911 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_arm.deb Size/MD5 checksum: 123540 f9534a82bfa054018029c9a3934fc121 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_arm.deb Size/MD5 checksum: 78826 62163e751d27902012a16758fbbf67e0
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 1050680 8ea8f26032837464c794e615623ac59e http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 87564 ec92090e89dc2c03500c52cbd188e4c3 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 441724 6cc26ce6c3e4fa233222786b15bc08ac http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 64206 fa4e68946117f10d2dbbcea75fabe5d0 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 132802 23e6e453b5943c8df76fd87a18fe2182 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 85370 9011819683422a091d363e0d0064e82e http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 815220 652f24a16193c3d8bf9f128000888850 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 145028 88cb8fd42c037cca495bb200a8d5bacd http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 69692 0ce8e82456cc62420ba31f7ce0aa3a39 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 201216 b7aa6c970117a632b2e60d14829ba7b7 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 232082 7a823371e31f4b3e937a4e9d7a83d09b
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_i386.deb Size/MD5 checksum: 80306 8c8461beb8bd866080134bf1a25ef557 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_i386.deb Size/MD5 checksum: 62446 22a83f7567df841b9f34ffc133534a64 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_i386.deb Size/MD5 checksum: 133360 5e72e490c20ac03f49b7fd6921047048 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_i386.deb Size/MD5 checksum: 680166 991c24aa3b8e2d82f07e49865d70119b http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_i386.deb Size/MD5 checksum: 408376 f375a2157e2b1de2eadecbb2f03c8637 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_i386.deb Size/MD5 checksum: 174112 f9efe4ee2c52dba6806f548d778e0f53 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_i386.deb Size/MD5 checksum: 58050 b99734e1b92043a8cc816c588b04fce5 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_i386.deb Size/MD5 checksum: 196558 0b03b5d3920efa1c5efbf8cbe3901f15 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_i386.deb Size/MD5 checksum: 124206 21cc6d63e1eeaeb9deb70e227d61d84b http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_i386.deb Size/MD5 checksum: 1037936 a1a2470171c5403563ed285be9caaa9a http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_i386.deb Size/MD5 checksum: 78598 80b9f57c39a90e17b67480271ec8cc2a
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 305920 940370e13598d9c00b123f97aa3f09ad http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 164602 6dd81cf1a5487ad63e2ab3cf1ce342f1 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 112994 4ccb79847d301064e5e6496f2577b5e5 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 80324 88cc01f93ed8fe3b9c9861176050f004 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 105592 8745ddb42d7cb7afb95ef4f946a26c60 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 1088562 0d2cdc97965b7827a78bca972aed38fd http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 91338 40c9d44d05f3262c1a5d6950c4255e16 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 269600 4acf36a3831bd4d2bb0af4d9130d0f27 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 1043576 6e487c186d462bc98b8ccdfbb5891324 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 190500 4cc37a9cd6bb13da4ca73f87b60738d3 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 592208 ac3bd63fc244d99757d33c8b8fa8f745
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_mips.deb Size/MD5 checksum: 71184 99f78076e71ddc74b7809de695945048 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_mips.deb Size/MD5 checksum: 128534 d08156f659ccfaa953e612ab0f1be1e0 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_mips.deb Size/MD5 checksum: 86416 a0ccc69288f43974099646a0b4df2702 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_mips.deb Size/MD5 checksum: 807408 caa736a161edf63d4b7b0200642293cc http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_mips.deb Size/MD5 checksum: 81794 820abd7cda885cfbcd651eeb819b6ea2 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_mips.deb Size/MD5 checksum: 176908 eb82211002e6f5fa451b8c6fc72cd8c5 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_mips.deb Size/MD5 checksum: 230468 6498dab212c73d4c618a77b105d40302 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_mips.deb Size/MD5 checksum: 389766 cb2be7e8aa8890f3011c7721474048cb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_mips.deb Size/MD5 checksum: 145004 1d8436cb03bf8df56127ab37a1787096 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_mips.deb Size/MD5 checksum: 62920 610d234fcd0e209b0d2e6c0f3be39f6b http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_mips.deb Size/MD5 checksum: 1112710 5b98f43fa267c04b32bc96927ad868a2
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 87478 dce62567d27548de56ad38615fd5a8fe http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 71596 8cfffdf23386228753133a6d675a75dc http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 131106 22011c6b9dfeaf6318baffbb40b4b005 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 63834 9a2e78369d8fa1d0d8688eb48e443518 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 810348 c36eb2099ac9fd31e57d5693ec8eb92b http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 82652 3699856d5fe3d28c74e0e66469d05859 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 1087382 a5cac22f1da48cbb4c80f7f736b70b2f http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 179494 4a1d3e8cc558c330b9f4a6bded87913b http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 145716 1f45bb37dd7e13ea4c6b21f52c43c657 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 232788 88bc4c67b09b541769a7a00abc5d2688 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 391848 05272bb8eb78e5e3fa374c9cb6597403
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 222776 d87408739c95de5b207a88550278a0d0 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 1083104 a5a89067cd381199a75e9751be977884 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 143844 488e4411a9d507c14961e8c1a867a18b http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 84364 fd1d52f855615c98fc8d207dcea36d2f http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 137308 16ac4ae9b3a4eec6e584d4b9902771ed http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 399370 2c4951062f1fa124af1a36a8b0c1e761 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 86864 33e72918f1ae2f968537d4e3328237b8 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 67384 3547b618672d7e775018128fa421551d http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 753506 cdc2c41be06d280160c3f7ee8b7f3417 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 61930 dad1ac368a357004137a4beaf0a4f8ba http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 179574 499b4b287b5726f7a8afea620d5606c5
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_s390.deb Size/MD5 checksum: 63392 7e446e33886543cc1432026dbde49ea8 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_s390.deb Size/MD5 checksum: 87886 02735411cb4acaa71b8aa72bf7d9683d http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_s390.deb Size/MD5 checksum: 438990 5aacff7c6ec54f708cb98fa0718bfcc0 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_s390.deb Size/MD5 checksum: 129266 31c153db1328ee93b97e64bdb01a3cc3 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_s390.deb Size/MD5 checksum: 195506 d3175c75393ac80363919b170e1446e0 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_s390.deb Size/MD5 checksum: 1073530 ac4c767b43f20d304e9683ebfddf3a68 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_s390.deb Size/MD5 checksum: 224438 5a59744997773137c0409af842e7fdf0 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_s390.deb Size/MD5 checksum: 68782 57ed0962a4cf4f2f7c7d60edf52449ed http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_s390.deb Size/MD5 checksum: 140470 8fd23a0ec4c4b5c81c48d7b0228a5fa8 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_s390.deb Size/MD5 checksum: 82118 7a84a0ceeb5110380a231be90d6f36ce http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_s390.deb Size/MD5 checksum: 733368 6a3ea5e404cebc11888aaad6fdc2cedd
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 131724 561314d157da780fc7de7c06524e8a3c http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 77124 6de298978f0404514a0b16d863efa276 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 961534 754258b22c1eaf83c3167775c3138a58 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 372674 20c48448253a262988a3ca876cfb2931 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 123040 00e2f8c76353547804f9ff516de1f65d http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 680434 6bf7c8d82d481a8d6d9d784f5ed617ec http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 58242 f7e89e959e30e2bd36ac3ce1191a7711 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 63800 21beab0b247e7bdeea2004876f388c59 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 166710 b5127d835935bee8ce49a1154e5fa2eb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 200282 49524ee10fb4d4e7be223a1f25dffba7 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 78204 2462352e5493e856bd8a784ca49f95f0
These files will probably be moved into the stable distribution on its next update.
A flaw was discovered in how the Kerberos krb5kdc handled Kerberos v4 protocol packets.
This issue only affects krb5kdc when it has Kerberos v4 protocol compatibility enabled, which is a compiled-in default in all Kerberos versions that Mandriva Linux ships prior to Mandriva Linux 2008.0.
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt
Updated Packages:
Mandriva Linux 2007.1: 64c3f5c31177dcacc99b021ec6ed1271 2007.1/i586/ftp-client-krb5-1.5.2-6.6mdv2007.1.i586.rpm 11b4194bc9edba8c0951e44660ba9955 2007.1/i586/ftp-server-krb5-1.5.2-6.6mdv2007.1.i586.rpm 23794e6e0cb1d46a329c42a04f672c5f 2007.1/i586/krb5-server-1.5.2-6.6mdv2007.1.i586.rpm 0fbb29bd81c8452d937d30fbbda62242 2007.1/i586/krb5-workstation-1.5.2-6.6mdv2007.1.i586.rpm 8f4eea60bf4ea3bfc776f1c117ceb26d 2007.1/i586/libkrb53-1.5.2-6.6mdv2007.1.i586.rpm fd5b1da0a056d995011d2b1a692e4292 2007.1/i586/libkrb53-devel-1.5.2-6.6mdv2007.1.i586.rpm ca79ccbe3f286b9069f0ae028d9816f7 2007.1/i586/telnet-client-krb5-1.5.2-6.6mdv2007.1.i586.rpm 8a7c84f1fe1bbb5338723f28d12a9f21 2007.1/i586/telnet-server-krb5-1.5.2-6.6mdv2007.1.i586.rpm 22830790ad7715479b7d4fbecc6c1e7f 2007.1/SRPMS/krb5-1.5.2-6.6mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: fc02060b7c1da08c33952e6c14fb5627 2007.1/x86_64/ftp-client-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm 513fca34bdd1f2a5643a8e6adeb62e0e 2007.1/x86_64/ftp-server-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm 4f42d639753a885212e6d62bfe84a121 2007.1/x86_64/krb5-server-1.5.2-6.6mdv2007.1.x86_64.rpm 6b2ca028321fb08199be20a4aedef4a0 2007.1/x86_64/krb5-workstation-1.5.2-6.6mdv2007.1.x86_64.rpm 4d453dc2a579e74e29dfc052197fedc1 2007.1/x86_64/lib64krb53-1.5.2-6.6mdv2007.1.x86_64.rpm b22d9f1b515df1a5270d2d4c373b7dd3 2007.1/x86_64/lib64krb53-devel-1.5.2-6.6mdv2007.1.x86_64.rpm 21b245649de9e38e43782bd1a18922a7 2007.1/x86_64/telnet-client-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm 1322374ab1c15b5c1392ee4ae5f915e7 2007.1/x86_64/telnet-server-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm 22830790ad7715479b7d4fbecc6c1e7f 2007.1/SRPMS/krb5-1.5.2-6.6mdv2007.1.src.rpm
Mandriva Linux 2008.0: 3ee5a309927b830bf8559a872161384b 2008.0/i586/ftp-client-krb5-1.6.2-7.1mdv2008.0.i586.rpm 1835baa43ab27aac2493dc7821bafa8a 2008.0/i586/ftp-server-krb5-1.6.2-7.1mdv2008.0.i586.rpm 5e8369c201ac4678a7bc46590107e45f 2008.0/i586/krb5-1.6.2-7.1mdv2008.0.i586.rpm 94277e76faf2b75553c2e6250e428a43 2008.0/i586/krb5-server-1.6.2-7.1mdv2008.0.i586.rpm 695d5b85347b906401433fa55177be1a 2008.0/i586/krb5-workstation-1.6.2-7.1mdv2008.0.i586.rpm 4696cbae0ce644c265b74ff4ce59a865 2008.0/i586/libkrb53-1.6.2-7.1mdv2008.0.i586.rpm cc8122a1c6a3449fc41d3022bbdffeb2 2008.0/i586/libkrb53-devel-1.6.2-7.1mdv2008.0.i586.rpm d5e75835b35e81a3f7d038e501dabd1c 2008.0/i586/telnet-client-krb5-1.6.2-7.1mdv2008.0.i586.rpm 072b5ba782fbd1659ed8bde15bd11b5a 2008.0/i586/telnet-server-krb5-1.6.2-7.1mdv2008.0.i586.rpm cfd133fde8cc72b038ea61dc94405701 2008.0/SRPMS/krb5-1.6.2-7.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 7a8c1c390b1d1a0b2a8fe28e8fb6a458 2008.0/x86_64/ftp-client-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm 9b312bd49bd858d00d00ec299866a275 2008.0/x86_64/ftp-server-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm 19f7d0590227c4cc636ee5528db8027a 2008.0/x86_64/krb5-1.6.2-7.1mdv2008.0.x86_64.rpm 6a84bc19cb8e32f7331ce4c1ed36dc9d 2008.0/x86_64/krb5-server-1.6.2-7.1mdv2008.0.x86_64.rpm dabaf97b9b36316dc2b69e9edc953793 2008.0/x86_64/krb5-workstation-1.6.2-7.1mdv2008.0.x86_64.rpm 2810bbed78b7480ff48b021a798cb5a1 2008.0/x86_64/lib64krb53-1.6.2-7.1mdv2008.0.x86_64.rpm 734b018e6b05204767d07a7d53ef2c3c 2008.0/x86_64/lib64krb53-devel-1.6.2-7.1mdv2008.0.x86_64.rpm 787fb5ea70eff84b91eea5d68c1e956d 2008.0/x86_64/telnet-client-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm d6224c005bc7c818c117e3fc61643840 2008.0/x86_64/telnet-server-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm cfd133fde8cc72b038ea61dc94405701 2008.0/SRPMS/krb5-1.6.2-7.1mdv2008.0.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (GNU/Linux)
iD8DBQFH4WG/mqjQ0CJFipgRAom/AKDt3NL//QdT6Aw4zm4Ok/TlQjpNLQCeJ2qJ Hsy0RD3h2ilxoUTodKz7J5k= =y37y -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
VMware Security Advisory
Advisory ID: VMSA-2008-0009 Synopsis: Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues Issue date: 2008-06-04 Updated on: 2008-06-04 (initial release of advisory) CVE numbers: CVE-2007-5671 CVE-2008-0967 CVE-2008-2097 CVE-2008-2100 CVE-2006-1721 CVE-2008-0553 CVE-2007-5378 CVE-2007-4772 CVE-2008-0888 CVE-2008-0062 CVE-2008-0063 CVE-2008-0948
- Summary:
Several critical security vulnerabilities have been addressed in patches in ESX and in the newest releases of VMware's hosted product line.
- Relevant releases:
VMware Workstation 6.0.3 and earlier, VMware Workstation 5.5.6 and earlier, VMware Player 2.0.3 and earlier, VMware Player 1.0.6 and earlier, VMware ACE 2.0.3 and earlier, VMware ACE 1.0.5 and earlier, VMware Server 1.0.5 and earlier, VMware Fusion 1.1.1 and earlier
VMware ESXi 3.5 without patches ESXe350-200805501-I-SG, ESXe350-200805502-T-SG, ESXe350-200805503-C-SG
VMware ESX 3.5 without patches ESX350-200805515-SG, ESX350-200805508-SG, ESX350-200805501-BG, ESX350-200805504-SG, ESX350-200805506-SG, ESX350-200805505-SG, ESX350-200805507-SG
VMware ESX 3.0.2 without patches ESX-1004727, ESX-1004821, ESX-1004216, ESX-1004726, ESX-1004722, ESX-1004724, ESX-1004719, ESX-1004219
VMware ESX 3.0.1 without patches ESX-1004186, ESX-1004728, ESX-1004725, ESX-1004721, ESX-1004723, ESX-1004190, ESX-1004189
VMware ESX 2.5.5 without update patch 8 VMware ESX 2.5.4 without update patch 19
NOTES: Hosted products VMware Workstation 5.x, VMware Player 1.x, and VMware ACE 1.x will reach end of general support 2008-11-09. Customers should plan to upgrade to the latest version of their respective products.
ESX 3.0.1 is in Extended Support and its end of extended
support (Security and Bug fixes) is 2008-07-31. Users should plan
to upgrade to at least 3.0.2 update 1 and preferably the newest
release available before the end of extended support.
ESX 2.5.4 is in Extended Support and its end of extended support
(Security and Bug fixes) is 2008-10-08. Users should plan to upgrade
to at least 2.5.5 and preferably the newest release available before
the end of extended support.
- Problem description:
a. VMware Tools Local Privilege Escalation on Windows-based guest OS
The VMware Tools Package provides support required for shared folders
(HGFS) and other features.
An input validation error is present in the Windows-based VMware
HGFS.sys driver. Exploitation of this flaw might result in
arbitrary code execution on the guest system by an unprivileged
guest user. It doesn't matter on what host the Windows guest OS
is running, as this is a guest driver vulnerability and not a
vulnerability on the host.
The HGFS.sys driver is present in the guest operating system if the
VMware Tools package is loaded. Even if the host has HGFS disabled
and has no shared folders, Windows-based guests may be affected. This
is regardless if a host supports HGFS.
This issue could be mitigated by removing the VMware Tools package
from Windows based guests. However this is not recommended as it
would impact usability of the product.
NOTE: Installing the new hosted release or ESX patches will not
remediate the issue. The VMware Tools packages will need
to be updated on each Windows-based guest followed by a
reboot of the guest system.
VMware would like to thank iDefense and Stephen Fewer of Harmony
Security for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2007-5671 to this issue.
VMware Product Running Replace with/
Product Version on Apply Patch
============ ======== ======= =================
Workstation 6.x Windows not affected
Workstation 6.x Linux not affected
Workstation 5.x Windows 5.5.6 build 80404 or later
Workstation 5.x Linux 5.5.6 build 80404 or later
Player 2.x Windows not affected
Player 2.x Linux not affected
Player 1.x Windows 1.0.6 build 80404 or later
Player 1.x Linux 1.0.6 build 80404 or later
ACE 2.x Windows not affected
ACE 1.x Windows 1.0.5 build 79846 or later
Server 1.x Windows 1.0.5 build 80187 or later
Server 1.x Linux 1.0.5 build 80187 or later
Fusion 1.x Mac OS/X not affected
ESXi 3.5 ESXi not affected
ESX 3.5 ESX not affected
ESX 3.0.2 ESX ESX-1004727
ESX 3.0.1 ESX ESX-1004186
ESX 2.5.5 ESX ESX 2.5.5 upgrade patch 5 or later
ESX 2.5.4 ESX ESX 2.5.4 upgrade patch 16 or later
b. Privilege escalation on ESX or Linux based hosted operating systems
This update fixes a security issue related to local exploitation of
an untrusted library path vulnerability in vmware-authd. In order to
exploit this vulnerability, an attacker must have local access and
the ability to execute the set-uid vmware-authd binary on an affected
system. Exploitation of this flaw might result in arbitrary code
execution on the Linux host system by an unprivileged user.
VMware would like to thank iDefense for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2008-0967 to this issue.
VMware Product Running Replace with/
Product Version on Apply Patch
============ ======== ======= =================
Workstation 6.x Windows not affected
Workstation 6.x Linux 6.0.4 build 93057
Workstation 5.x Windows not affected
Workstation 5.x Linux 5.5.7 build 91707
Player 2.x Windows not affected
Player 2.x Linux 2.0.4 build 93057
Player 1.x Windows not affected
Player 1.x Linux 1.0.7 build 91707
ACE 2.x Windows not affected
ACE 1.x Windows not affected
Server 1.x Windows not affected
Server 1.x Linux 1.0.6 build 91891
Fusion 1.x Mac OS/X not affected
ESXi 3.5 ESXi ESXe350-200805501-I-SG
ESX 3.5 ESX ESX350-200805515-SG
ESX 3.0.2 ESX ESX-1004821
ESX 3.0.1 ESX ESX-1004728
ESX 2.5.5 ESX ESX 2.5.5 update patch 8
ESX 2.5.4 ESX ESX 2.5.4 update patch 19
c. Openwsman Invalid Content-Length Vulnerability
Openwsman is a system management platform that implements the Web
Services Management protocol (WS-Management). It is installed and
running by default. It is used in the VMware Management Service
Console and in ESXi.
The openwsman management service on ESX 3.5 and ESXi 3.5 is vulnerable
to a privilege escalation vulnerability, which may allow users with
non-privileged ESX or Virtual Center accounts to gain root privileges.
To exploit this vulnerability, an attacker would need a local ESX
account or a VirtualCenter account with the Host.Cim.CimInteraction
permission.
Systems with no local ESX accounts and no VirtualCenter accounts with
the Host.Cim.CimInteraction permission are not vulnerable.
This vulnerability cannot be exploited by users without valid login
credentials.
Discovery: Alexander Sotirov, VMware Security Research
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2008-2097 to this issue.
VMware Product Running Replace with/
Product Version on Apply Patch
============ ======== ======= =================
hosted any any not affected
ESXi 3.5 ESXi ESXe350-200805501-I-SG
ESX 3.5 ESX ESX350-200805508-SG
ESX 3.0.2 ESX not affected
ESX 3.0.1 ESX not affected
ESX 2.5.5 ESX not affected
ESX 2.5.4 ESX not affected
NOTE: VMware hosted products are not affected by this issue.
d. VMware VIX Application Programming Interface (API) Memory Overflow Vulnerabilities
The VIX API (also known as "Vix") is an API that lets users write scripts
and programs to manipulate virtual machines.
Multiple buffer overflow vulnerabilities are present in the VIX API.
Exploitation of these vulnerabilities might result in code execution on
the host system or on the service console in ESX Server from the guest
operating system.
The VIX API can be enabled and disabled using the "vix.inGuest.enable"
setting in the VMware configuration file. This default value for this
setting is "disabled". This configuration setting is present in the
following products:
VMware Workstation 6.0.2 and higher
VMware ACE 6.0.2 and higher
VMware Server 1.06 and higher
VMware Fusion 1.1.2 and higher
ESX Server 3.0 and higher
ESX Server 3.5 and higher
In previous versions of VMware products where the VIX API was introduced,
the VIX API couldn't be disabled.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2008-2100 to this issue.
VMware Product Running Replace with/
Product Version on Apply Patch
============ ======== ======= =================
VIX API 1.1.x Windows VMware-vix-1.1.4-93057.exe
VIX API 1.1.x Linux VMware-vix-1.1.4-93057.i386.tar.gz
VIX API 1.1.x Linux64 VMware-vix-1.1.4-93057.x86_64.tar.gz
Workstation 6.x Windows 6.0.4 build 93057
Workstation 6.x Linux 6.0.4 build 93057
Workstation 5.x Windows 5.5.7 build 91707
Workstation 5.x Linux 5.5.7 build 91707
Player 2.x Windows 2.0.4 build 93057
Player 2.x Linux 2.0.4 build 93057
Player 1.x Windows 1.0.6 build 91707
Player 1.x Linux 1.0.6 build 91707
ACE 2.x Windows 2.0.4 build 93057
ACE 1.x Windows not affected
Server 1.x Windows 1.0.6 build 91891
Server 1.x Linux 1.0.6 build 91891
Fusion 1.x Mac OS/X 1.1.2 build 87978 or later
ESXi 3.5 ESXi ESXe350-200805501-I-SG,
ESXe350-200805502-T-SG
ESX 3.5 ESX ESX350-200805501-BG
ESX 3.0.2 ESX ESX-1004216, ESX-1004726, ESX-1004727
ESX 3.0.1 ESX ESX-1004186, ESX-1004725
ESX 2.5.5 ESX not affected
ESX 2.5.4 ESX not affected
II Service Console rpm updates
NOTE: ESXi and hosted products are not affected by any service console security updates
a. Security update for cyrus-sasl
Updated cyrus-sasl package for the ESX Service Console corrects a security
issue found in the DIGEST-MD5 authentication mechanism of Cyrus'
implementation of Simple Authentication and Security Layer (SASL). As a
result of this issue in the authentication mechanism, a remote
unauthenticated attacker might be able to cause a denial of service error
on the service console.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-1721 to this issue.
RPMs Updated:
cyrus-sasl-2.1.15-15.i386.rpm
cyrus-sasl-md5-2.1.15-1.i386.rpm
VMware Product Running Replace with/
Product Version on Apply Patch
============ ======== ======= =================
hosted any any not affected
ESXi 3.5 ESXi not affected
ESX 3.5 ESX ESX350-200805504-SG
ESX 3.0.2 ESX ESX-1004722
ESX 3.0.1 ESX ESX-1004721
ESX 2.5.5 ESX not affected
ESX 2.5.4 ESX not affected
b. Security update for tcltk
An input validation flaw was discovered in Tk's GIF image handling. A
code-size value read from a GIF image was not properly validated before
being used, leading to a buffer overflow. A specially crafted GIF file
could use this to cause a crash or, potentially, execute code with the
privileges of the application using the Tk graphical toolkit.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2008-0553 to this issue.
A buffer overflow flaw was discovered in Tk's animated GIF image handling.
An animated GIF containing an initial image smaller than subsequent images
could cause a crash or, potentially, execute code with the privileges of
the application using the Tk library.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2007-5378 to this issue.
A flaw first discovered in the Tcl regular expression engine used in the
PostgreSQL database server, resulted in an infinite loop when processing
certain regular expressions.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2007-4772 to this issue.
RPM Updated:
tcl-8.3.5-92.8.i386.rpm
VMware Product Running Replace with/
Product Version on Apply Patch
============ ======== ======= =================
hosted any any not affected
ESXi 3.5 ESXi not affected
ESX 3.5 ESX ESX350-200805506-SG
ESX 3.0.2 ESX ESX-1004724
ESX 3.0.1 ESX ESX-1004723
ESX 2.5.5 ESX ESX 2.5.5 Upgrade Patch 8
ESX 2.5.4 ESX ESX 2.5.4 Upgrade Patch 19
c. Security update for unzip
This patch includes a moderate security update to the service console that
fixes a flaw in unzip. An attacker could execute malicious code with a
user's privileges if the user ran unzip on a file designed to leverage
this flaw.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2008-0888 to this issue.
RPM Updated:
Unzip-5.50-36.EL3.i386.rpm
VMware Product Running Replace with/
Product Version on Apply Patch
============ ======== ======= =================
hosted any any not affected
ESXi 3.5 ESXi not affected
ESX 3.5 ESX ESX350-200805505-SG
ESX 3.0.2 ESX ESX-1004719
ESX 3.0.1 ESX ESX-1004190
ESX 2.5.5 ESX ESX 2.5.5 Upgrade Patch 8
ESX 2.5.4 ESX ESX 2.5.4 Upgrade Patch 19
d.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2008-0062 to this issue.
NOTE: ESX doesn't contain the krb5kdc binary and is not vulnerable
to this issue.
NOTE: ESX doesn't contain the krb5kdc binary and is not vulnerable
to this issue.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2008-0948 to this issue.
RPM Updated:
krb5-libs-1.2.7-68.i386.rpm
VMware Product Running Replace with/
Product Version on Apply Patch
============ ======== ======= =================
hosted any any not affected
ESXi 3.5 ESXi not affected
ESX 3.5 ESX ESX350-200805507-SG
ESX 3.0.2 ESX ESX-1004219
ESX 3.0.1 ESX ESX-1004189
ESX 2.5.5 ESX ESX 2.5.5 Upgrade Patch 8
ESX 2.5.4 ESX ESX 2.5.4 Upgrade Patch 19
- Solution:
Please review the release notes for your product and version and verify the md5sum of your downloaded file.
VMware Workstation 6.0.4
http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
Windows binary md5sum: f50a05831e94c19d98f363c752fca5f9
RPM Installation file for 32-bit Linux md5sum: e7793b14b995d3b505f093c84e849421
tar Installation file for 32-bit Linux md5sum: a0a8e1d8188f4be03357872a57a767ab
RPM Installation file for 64-bit Linux md5sum: 960d753038a268b8f101f4b853c0257e
tar Installation file for 64-bit Linux md5sum: 4697ec8a9d6c1152d785f3b77db9d539
VMware Workstation 5.5.7
http://www.vmware.com/download/ws/ws5.html Release notes: http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
Windows binary: md5sum: 4c6a6653b7296240197aac048591c659
Compressed Tar archive for 32-bit Linux md5sum: 8fc15d72031489cf5cd5d47b966787e6
Linux RPM version for 32-bit Linux md5sum: f0872fe447ac654a583af16b2f4bba3f
VMware Player 2.0.4 and 1.0.7
http://www.vmware.com/download/player/ Release notes Player 1.x: http://www.vmware.com/support/player/doc/releasenotes_player.html Release notes Player 2.0 http://www.vmware.com/support/player2/doc/releasenotes_player2.html
2.0.4 Windows binary md5sum: a117664a8bfa7336b846117e5fc048dd
VMware Player 2.0.4 for Linux (.rpm) md5sum: de6ab6364a0966b68eadda2003561cd2
VMware Player 2.0.4 for Linux (.tar) md5sum: 9e1c2bfda6b22a3fc195a86aec11903a
VMware Player 2.0.4 - 64-bit (.rpm) md5sum: 997e5ceffe72f9ce9146071144dacafa
VMware Player 2.0.4 - 64-bit (.tar) md5sum: 18eb4ee49dd7e33ec155ef69d7d259ef
1.0.7 Windows binary md5sum: 51114b3b433dc1b3bf3e434aebbf2b9c
Player 1.0.7 for Linux (.rpm) md5sum: 3b5f97a37df3b984297fa595a5cdba9c
Player 1.0.7 for Linux (.tar) md5sum: b755739144944071492a16fa20f86a51
VMware ACE
http://www.vmware.com/download/ace/ Release notes 2.0: http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
VMware-workstation-6.0.4-93057.exe md5sum: f50a05831e94c19d98f363c752fca5f9
VMware-ACE-Management-Server-Appliance-2.0.4-93057.zip md5sum: d2ae2246f3d87268cf84c1421d94e86c
VMware-ACE-Management-Server-2.0.4-93057.exe md5sum: 41b31b3392d5da2cef77a7bb28654dbf
VMware-ACE-Management-Server-2.0.4-93057.i386-rhel4.rpm md5sum: 9920be4c33773df53a1728b41af4b109
VMware-ACE-Management-Server-2.0.4-93057.i386-sles9.rpm md5sum: 4ec4c37203db863e8844460b5e80920b
Release notes 1.x: http://www.vmware.com/support/ace/doc/releasenotes_ace.html
VMware-ACE-1.0.6-89199.exe md5sum: 110f6e24842a0d154d9ec55ef9225f4f
VMware Server 1.0.6
http://www.vmware.com/download/server/ Release notes: http://www.vmware.com/support/server/doc/releasenotes_server.html
VMware Server for Windows 32-bit and 64-bit md5sum: 3e00d5cfae123d875e4298bddabf12f5
VMware Server Windows client package md5sum: 64f3fc1b4520626ae465237d7ec4773e
VMware Server for Linux md5sum: 46ea876bfb018edb6602a921f6597245
VMware Server for Linux rpm md5sum: 9d2f0af908aba443ef80bec8f7ef3485
Management Interface md5sum: 1b3daabbbb49a036fe49f53f812ef64b
VMware Server Linux client package md5sum: 185e5b174659f366fcb38b1c4ad8d3c6
VMware Fusion 1.1.3
http://www.vmware.com/download/fusion/ Release notes: http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html md5sum: D15A3DFD3E7B11FC37AC684586086D
VMware VIX 1.1.4
http://www.vmware.com/support/developer/vix-api/ Release notes: http://www.vmware.com/support/pubs/vix-api/VIXAPI-1.1.4-Release-Notes.html VMware-vix-1.1.4-93057.exe md5sum: 2efb74618c7ead627ecb3b3033e3f9f6
VMware-vix-1.1.4-93057.i386.tar.gz md5sum: 988df2b2bbc975a6fc11f27ad1519832
VMware-vix-1.1.4-93057.x86_64.tar.gz md5sum: a64f951c6fb5b2795a29a5a7607059c0
ESXi
VMware ESXi 3.5 patch ESXe350-200805501-O-SG (authd, openwsman, VIX) http://download3.vmware.com/software/esx/ESXe350-200805501-O-SG.zip md5sum: 4ce06985d520e94243db1e0504a56d8c http://kb.vmware.com/kb/1005073 http://kb.vmware.com/kb/1004173 http://kb.vmware.com/kb/1004172
NOTE: ESXe350-200805501-O-SG contains the following patch bundles: ESXe350-200805501-I-SG, ESXe350-200805502-T-SG, ESXe350-200805503-C-SG
ESX
VMware ESX 3.5 patch ESX350-200805515-SG (authd) http://download3.vmware.com/software/esx/ESX350-200805515-SG.zip md5sum: 324b50ade230bcd5079a76e3636163c5 http://kb.vmware.com/kb/1004170
VMware ESX 3.5 patch ESX350-200805508-SG (openwsman) http://download3.vmware.com/software/esx/ESX350-200805508-SG.zip md5sum: 3ff8c06d4a9dd406f64f89c51bf26d12 http://kb.vmware.com/kb/1004644
VMware ESX 3.5 patch ESX350-200805501-BG (VIX) http://download3.vmware.com/software/esx/ESX350-200805501-BG.zip md5sum: 31a620aa249c593c30015b5b6f8c8650 http://kb.vmware.com/kb/1004637
VMware ESX 3.5 patch ESX350-200805504-SG (cyrus-sasl) http://download3.vmware.com/software/esx/ESX350-200805504-SG.zip md5sum: 4c1b1a8dcb09a636b55c64c290f7de51 http://kb.vmware.com/kb/1004640
VMware ESX 3.5 patch ESX350-200805506-SG (tcltk) http://download3.vmware.com/software/esx/ESX350-200805506-SG.zip md5sum: af279eef8fdeddb7808630da1ae717b1 http://kb.vmware.com/kb/1004642
VMware ESX 3.5 patch ESX350-200805505-SG (unzip) http://download3.vmware.com/software/esx/ESX350-200805505-SG.zip md5sum: 07af82d9fd97cccb89d9b90c6ecc41c6 http://kb.vmware.com/kb/1004641
VMware ESX 3.5 patch ESX350-200805507-SG (krb5) http://download3.vmware.com/software/esx/ESX350-200805507-SG.zip md5sum: 5d35a1c470daf13c9f4df5bdc9438748 http://kb.vmware.com/kb/1004643
VMware ESX 3.0.2 patch ESX-1004727 (HGFS,VIX) http://download3.vmware.com/software/vi/ESX-1004727.tgz md5sum: 31a67b0fa3449747887945f8d370f19e http://kb.vmware.com/kb/1004727
VMware ESX 3.0.2 patch ESX-1004821 (authd) http://download3.vmware.com/software/vi/ESX-1004821.tgz md5sum: 5c147bedd07245c903d44257522aeba1 http://kb.vmware.com/kb/1004821
VMware ESX 3.0.2 patch ESX-1004216 (VIX) http://download3.vmware.com/software/vi/ESX-1004216.tgz md5sum: 0784ef70420d28a9a5d6113769f6669a http://kb.vmware.com/kb/1004216
VMware ESX 3.0.2 patch ESX-1004726 (VIX) http://download3.vmware.com/software/vi/ESX-1004726.tgz md5sum: 44f03b274867b534cd274ccdf4630b86 http://kb.vmware.com/kb/1004726
VMware ESX 3.0.2 patch ESX-1004722 (cyrus-sasl) http://download3.vmware.com/software/vi/ESX-1004722.tgz md5sum: 99dc71aed5bab7711f573b6d322123d6 http://kb.vmware.com/kb/1004722
VMware ESX 3.0.2 patch ESX-1004724 (tcltk) http://download3.vmware.com/software/vi/ESX-1004724.tgz md5sum: fd9a160ca7baa5fc443f2adc8120ecf7 http://kb.vmware.com/kb/1004724
VMware ESX 3.0.2 patch ESX-1004719 (unzip) http://download3.vmware.com/software/vi/ESX-1004719.tgz md5sum: f0c37b9f6be3399536d60f6c6944de82 http://kb.vmware.com/kb/1004719
VMware ESX 3.0.2 patch ESX-1004219 (krb5) http://download3.vmware.com/software/vi/ESX-1004219.tgz md5sum: 7c68279762f407a7a5ee151a650ebfd4 http://kb.vmware.com/kb/1004219
VMware ESX 3.0.1 patch ESX-1004186 (HGFS,VIX) http://download3.vmware.com/software/vi/ESX-1004186.tgz md5sum: f64389a8b97718eccefadce1a14d1198 http://kb.vmware.com/kb/1004186
VMware ESX 3.0.1 patch ESX-1004728 (authd) http://download3.vmware.com/software/vi/ESX-1004728.tgz md5sum: 1f01bb819805b855ffa2ec1040eff5ca http://kb.vmware.com/kb/1004728
VMware ESX 3.0.1 patch ESX-1004725 (VIX) http://download3.vmware.com/software/vi/ESX-1004725.tgz md5sum: 9fafb04c6d3f6959e623832f539d2dc8 http://kb.vmware.com/kb/1004725
VMware ESX 3.0.1 patch ESX-1004721 (cyrus-sasl) http://download3.vmware.com/software/vi/ESX-1004721.tgz md5sum: 48190819b0f5afddefcb8d209d12b585 http://kb.vmware.com/kb/1004721
VMware ESX 3.0.1 patch ESX-1004723 (tcltk) http://download3.vmware.com/software/vi/ESX-1004723.tgz md5sum: c34ca0a5886e0c0917a93a97c331fd7d http://kb.vmware.com/kb/1004723
VMware ESX 3.0.1 patch ESX-1004190 (unzip) http://download3.vmware.com/software/vi/ESX-1004190.tgz md5sum: 05187b9f534048c79c62741367cc0dd2 http://kb.vmware.com/kb/1004190
VMware ESX 3.0.1 patch ESX-1004189 (krb5) http://download3.vmware.com/software/vi/ESX-1004189.tgz md5sum: 21b620530b99009f469c872e73a439e8 http://kb.vmware.com/kb/1004189
VMware ESX 2.5.5 Upgrade Patch 8 http://download3.vmware.com/software/esx/esx-2.5.5-90521-upgrade.tar.gz md5sum: 392b6947fc3600ca0e8e7788cd5bbb6e http://vmware.com/support/esx25/doc/esx-255-200805-patch.html
VMware ESX 2.5.4 Upgrade Patch 19 http://download3.vmware.com/software/esx/esx-2.5.4-90520-upgrade.tar.gz md5sum: 442788fd0bccb0d994c75b268bd12760 http://vmware.com/support/esx25/doc/esx-254-200805-patch.html
- References:
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5671 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0967 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2097 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2100 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1721 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0553 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5378 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0888 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0948
- Change log:
2008-06-04 VMSA-2008-0009 Initial release
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce@lists.vmware.com
- bugtraq@securityfocus.com
- full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFIRs08S2KysvBH1xkRCMxFAJ0WJX76quFzCV+avwupq3Lu72UKigCfRftj CZvxoXw/sZxDCSDjVzYAhrA= =s04s -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200803-31
http://security.gentoo.org/
Severity: High Title: MIT Kerberos 5: Multiple vulnerabilities Date: March 24, 2008 Bugs: #199205, #212363 ID: 200803-31
Synopsis
Multiple vulnerabilites have been found in MIT Kerberos 5, which could allow a remote unauthenticated user to execute arbitrary code with root privileges.
Background
MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. kadmind is the MIT Kerberos 5 administration daemon, KDC is the Key Distribution Center.
-
Jeff Altman (Secure Endpoints) discovered a buffer overflow in the RPC library server code, used in the kadmin server, caused when too many file descriptors are opened (CVE-2008-0947).
-
Venustech AD-LAB discovered multiple vulnerabilities in the GSSAPI library: usage of a freed variable in the gss_indicate_mechs() function (CVE-2007-5901) and a double free() vulnerability in the gss_krb5int_make_seal_token_v3() function (CVE-2007-5971). These bugs can only be triggered when Kerberos 4 support is enabled.
The RPC related vulnerability can be exploited by a remote unauthenticated attacker to crash kadmind, and theoretically execute arbitrary code with root privileges or cause database corruption. This bug can only be triggered in configurations that allow large numbers of open file descriptors in a process.
Workaround
Kerberos 4 support can be disabled via disabling the "krb4" USE flag and recompiling the ebuild, or setting "v4_mode=none" in the [kdcdefaults] section of /etc/krb5/kdc.conf. This will only work around the KDC related vulnerabilities.
Resolution
All MIT Kerberos 5 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-crypt/mit-krb5-1.6.3-r1"
References
[ 1 ] CVE-2007-5901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894 [ 2 ] CVE-2007-5971 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971 [ 3 ] CVE-2008-0062 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062 [ 4 ] CVE-2008-0063 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063 [ 5 ] CVE-2008-0947 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200803-31.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200803-0027", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "7", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "6.06", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "4.0", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "3.1", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "6.10", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "8", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "7.10", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "7.04", }, { model: "kerberos 5", scope: "lte", trust: 1, vendor: "mit", version: "1.6.3", }, { model: null, scope: null, trust: 0.8, vendor: "apple computer", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "mit kerberos team", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "ubuntu", version: null, }, { model: "apple mac os x server", scope: null, trust: 0.8, vendor: "アップル", version: null, }, { model: "red hat enterprise linux", scope: null, trust: 0.8, vendor: "レッドハット", version: null, }, { model: "red hat linux advanced workstation", scope: null, trust: 0.8, vendor: "レッドハット", version: null, }, { model: "apple mac os x", scope: null, trust: 0.8, vendor: "アップル", version: null, }, { model: "rhel desktop workstation", scope: "eq", trust: 0.8, vendor: "レッドハット", version: "5 (client)", }, { model: "turbolinux server", scope: null, trust: 0.8, vendor: "ターボリナックス", version: null, }, { model: "red hat enterprise linux desktop", scope: null, trust: 0.8, vendor: "レッドハット", version: null, }, { model: "kerberos", scope: null, trust: 0.8, vendor: "mit kerberos", version: null, }, { model: "asianux server", scope: null, trust: 0.8, vendor: "サイバートラスト株式会社", version: null, }, { model: "mac os x", scope: "eq", trust: 0.6, vendor: "apple", version: "10.4.11", }, { model: "mac os x server", scope: "eq", trust: 0.6, vendor: "apple", version: "10.5.2", }, { model: "mac os x", scope: "eq", trust: 0.6, vendor: "apple", version: "10.5.2", }, { model: "mac os x server", scope: "eq", trust: 0.6, vendor: "apple", version: "10.4.11", }, ], sources: [ { db: "CERT/CC", id: "VU#895609", }, { db: "JVNDB", id: "JVNDB-2008-001186", }, { db: "CNNVD", id: "CNNVD-200803-309", }, { db: "NVD", id: "CVE-2008-0062", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.6.3", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2008-0062", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Ken Raeburn", sources: [ { db: "CNNVD", id: "CNNVD-200803-309", }, ], trust: 0.6, }, cve: "CVE-2008-0062", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", exploitabilityScore: 8.6, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Complete", baseScore: 9.3, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2008-0062", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", exploitabilityScore: 8.6, id: "VHN-30187", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2008-0062", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2008-0062", trust: 1.8, value: "CRITICAL", }, { author: "CARNEGIE MELLON", id: "VU#895609", trust: 0.8, value: "10.10", }, { author: "CNNVD", id: "CNNVD-200803-309", trust: 0.6, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-30187", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CERT/CC", id: "VU#895609", }, { db: "VULHUB", id: "VHN-30187", }, { db: "JVNDB", id: "JVNDB-2008-001186", }, { db: "CNNVD", id: "CNNVD-200803-309", }, { db: "NVD", id: "CVE-2008-0062", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer dereference or double-free. Vulnerabilities in the MIT Kerberos Key Distribution Center server could allow a remote attacker to compromise the key database, gain access to sensitive information, or cause a denial of service. It adopts a client/server structure, and both the client and the server can authenticate each other (that is, double verification), which can prevent eavesdropping and replay attack, etc. MIT Kerberos 5 (also known as krb5) is a set of network authentication protocols developed by the Massachusetts Institute of Technology (MIT). ), which can prevent eavesdropping, prevent replay attacks, etc. If the KDC receives a malformed Kerberos 4 message, and there was no previous Kerberos 4 communication, a null pointer dereference will be triggered, causing the KDC to crash. If there is valid Kerberos 4 communication, messages sent to the client are locked using a null pointer; the pointer may resend a previously generated response, send some arbitrary block of process memory (which may contain key data), or due to an attempt to Accessing an invalid address crashes the process. If the process does not crash, a random address is passed to free(), which may corrupt the release pool, causing a crash, data corruption, or a jump to an arbitrary address in process memory. =========================================================== \nUbuntu Security Notice USN-587-1 March 19, 2008\nkrb5 vulnerabilities\nCVE-2008-0062, CVE-2008-0063, CVE-2008-0947\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 6.10\nUbuntu 7.04\nUbuntu 7.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n libkadm55 1.4.3-5ubuntu0.7\n libkrb53 1.4.3-5ubuntu0.7\n\nUbuntu 6.10:\n libkadm55 1.4.3-9ubuntu1.6\n libkrb53 1.4.3-9ubuntu1.6\n\nUbuntu 7.04:\n libkadm55 1.4.4-5ubuntu3.4\n libkrb53 1.4.4-5ubuntu3.4\n\nUbuntu 7.10:\n libkadm55 1.6.dfsg.1-7ubuntu0.1\n libkrb53 1.6.dfsg.1-7ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nIt was discovered that krb5 did not correctly handle certain krb4\nrequests. (CVE-2008-0947)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.7.diff.gz\n Size/MD5: 1460317 0090e30287f3448ed9babac78c39d5ca\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.7.dsc\n Size/MD5: 848 237125b6b35a1a059e5573d10fd7c18e\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3.orig.tar.gz\n Size/MD5: 7279788 43fe621ecb849a83ee014dfb856c54af\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-5ubuntu0.7_all.deb\n Size/MD5: 853222 dfd657a08b13ce0f3916e49ab8e3ce28\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_amd64.deb\n Size/MD5: 190904 e9e05267f551177f3c7cae46fdda9565\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_amd64.deb\n Size/MD5: 768706 79270ab27ac164fc4c76822e1dc0be2c\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_amd64.deb\n Size/MD5: 425714 d8467d288bf46cdfa35ba74e6aa0ff02\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_amd64.deb\n Size/MD5: 80378 b2d795bc82f8f962ceff0afdd11060da\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_amd64.deb\n Size/MD5: 223230 73161771034af58dc6d0cd0c4be72fa8\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_amd64.deb\n Size/MD5: 60376 f0712ab86caf1d9d9e52ff3750afeddd\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_amd64.deb\n Size/MD5: 135158 34b51b738a69c2aeb9df20e0af93e9bc\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_amd64.deb\n Size/MD5: 85274 265b8ad9968001e5c984743650d635ac\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_amd64.deb\n Size/MD5: 67600 bd5c7020310f1bd70f8dc98864c2961c\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_amd64.deb\n Size/MD5: 129906 0f0383de4d51d8581a260021c3332f72\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_i386.deb\n Size/MD5: 165730 8128a78d17cd98c4ccfa086b390af167\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_i386.deb\n Size/MD5: 647222 96672590753337d39b1aadc24dac0531\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_i386.deb\n Size/MD5: 381120 af9c45400c55b68778f3b769c238548d\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_i386.deb\n Size/MD5: 72298 754b91046e7e47bb0f2aa58cd2ca3797\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_i386.deb\n Size/MD5: 187240 d7e5a8b1a077776309282bc328aab885\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_i386.deb\n Size/MD5: 54326 1137dd0e4209cf7edb38ff327feb342d\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_i386.deb\n Size/MD5: 121564 9e36fe3a9567176b2e224a45e55017a0\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_i386.deb\n Size/MD5: 75920 cd8854a9ae911eaa1c82eaa945b3d175\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_i386.deb\n Size/MD5: 58720 eaf05e05f40183c066e294bec431bc61\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_i386.deb\n Size/MD5: 119078 67a73b248bf33afee23ffb885f5d2e18\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_powerpc.deb\n Size/MD5: 177716 b834ad9d37a2e3dfa44d086c6dcbfbc9\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_powerpc.deb\n Size/MD5: 752002 22dd063609b942c4996c56a3f74b266c\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_powerpc.deb\n Size/MD5: 395914 b4fde9f81a08aa112f48b38f1d7faf9c\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_powerpc.deb\n Size/MD5: 80530 7e55073ee6b67ba12f0ed48d0137e73c\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_powerpc.deb\n Size/MD5: 220582 482d21e5007a1876bf6af64e434b4942\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_powerpc.deb\n Size/MD5: 59574 4f47514f7992a292c162f40f8a174ee6\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_powerpc.deb\n Size/MD5: 135962 0e23ea255a84c3a580e0d7e6b0da9546\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_powerpc.deb\n Size/MD5: 85120 e07cf29268ba053833122cca9ed79d8d\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_powerpc.deb\n Size/MD5: 65990 3c4f25017e0760f4dd10404e604087a8\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_powerpc.deb\n Size/MD5: 134952 7096226ce8ce15dd20c6ed933888d56e\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_sparc.deb\n Size/MD5: 165278 5c8580725c8a200f24173d38dfce388e\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_sparc.deb\n Size/MD5: 678538 4002d8655a43f5784d5e9c95bc5b4f76\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_sparc.deb\n Size/MD5: 368726 5ee45e24f0ac54d79a55c20674b2887f\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_sparc.deb\n Size/MD5: 73042 672530bb7218c04a67e23d1053757050\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_sparc.deb\n Size/MD5: 197404 ea257178102f6b7732ef12538ead3e24\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_sparc.deb\n Size/MD5: 56304 855c59021874c714bd4e2605de10d5a6\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_sparc.deb\n Size/MD5: 124374 7d8f7f84b2c1648b63129ba342389d75\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_sparc.deb\n Size/MD5: 76922 142ed0e2c119d596c5437ac8f9042064\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_sparc.deb\n Size/MD5: 62350 db681a03624a21a34425fea9f6fa9ade\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_sparc.deb\n Size/MD5: 120620 ebe2ddf8dc131cf6e3322e1cb125f2f3\n\nUpdated packages for Ubuntu 6.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-9ubuntu1.6.diff.gz\n Size/MD5: 1481707 dc6dd5cd6d4a125e2fa70b9ebc3f8b12\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-9ubuntu1.6.dsc\n Size/MD5: 883 8fdcf0af1cc631c882a44ae0214e0b6f\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3.orig.tar.gz\n Size/MD5: 7279788 43fe621ecb849a83ee014dfb856c54af\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-9ubuntu1.6_all.deb\n Size/MD5: 853934 f3a7a044bedb974b32a46708774ec894\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 190826 7772b734a889ea97cf052de39072cead\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 1073390 bedf0987fe159bc38c30663ad966d0ac\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 772708 5cc8e489a0f6fcca17c3e0d8b9588879\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 428050 11b4c2211b18453bd2a662a297569f49\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 81790 06f349106755cc19cfb3f29fcc7228f8\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 224408 59491e595a544a84463a6deec8305f66\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 61620 f58dcb4c09e4c96f3db5bfc8172fdffa\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 139116 31943a9766f657fd47ac1aded48d49d6\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 87426 1033408d2692b38926947f8ae85e1515\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 68116 291db335b868748c933a7c67e6add6a7\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 130628 a2cb3cd3ee9ede8c3c10e695fd8148af\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 173062 e15aa9368fc4e4ef4562a23cc1780484\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 1024998 798f81a00c59842cbc2c8ea8cd4b9a5e\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 673152 671e72c1eb7645dfda924c77949610dd\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 404172 445f952e23f810f6de10773a01fd68ae\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 75380 0b3cd4b087f56ebdd527d61194cf7fc0\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 196506 bff3435e0da9aecff7a26d73e712937f\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 57136 3fafa3cd2cd2792e740c4d6976a881de\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 129352 7e190df154981717bf711697c5042cd4\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 80102 94a76cc7807e9d6598b4a452a7fbb738\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 61928 b7fdd344e683ce45be88f8fa43290175\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 122208 eb1ec6653d6d790e23dbcc14cd98f5f7\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 180126 f8e5d077ee06234bbb9881beb9d49f36\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 1076974 4752e5e87fdcd67fcb0f1ee2c35ddf80\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 758400 73ed6c35fbdcf1866a65a6198df8ca82\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 399112 1fdd3a0a2a45bd410a1f4e72713a0e1e\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 82420 446cda40d1590c088e2fc83118a58e13\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 223182 8e6f5f3062fe3cfb113db73bc8a1a89e\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 61826 b4ad931a1a1d48b668a972893502cd67\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 141210 8892626a667e0010a0cba8fe19df958f\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 87318 c7306114bbb195c221962abc469a1d42\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 67222 b99ea3def960bdc849376c508e263f0d\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 136888 1c651e27011fa9c25ea87960b40ffe1b\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 167176 0f2f57754f3e012257a6fef890a23767\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 957816 2ef6010c70801e7b0dd5e633a08e3fac\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 685238 a68016ffc9abcd0eab3f7f1ae323e83e\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 374074 d5ff62adb392f5be8b29c2e1056f6f92\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 75210 9611a07b489b518605a9550b27b3dd7c\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 203684 89d989c5db437eba6e9e56fc9bf7dc93\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 58980 b9d7f11d5c491595c90006ae7c039935\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 129664 acf15ad70331066092154952cbd7754a\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 80428 8409c34ee32612d48e8936618118bab7\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 63612 64b2987c2aee57159bc092c5fe37a25b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 122730 95db549e03f3bc30995d566f8ea7edac\n\nUpdated packages for Ubuntu 7.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.4-5ubuntu3.4.diff.gz\n Size/MD5: 1589880 e20eef948656a29a255b557af6e7817b\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.4-5ubuntu3.4.dsc\n Size/MD5: 968 971223b33ae8631f013c20a3c8867805\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.4.orig.tar.gz\n Size/MD5: 11017910 a675e5953bb8a29b5c6eb6f4ab0bb32a\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.4-5ubuntu3.4_all.deb\n Size/MD5: 1806176 c34d13b6877a21c426a85719a6ecf6a0\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 194368 2b6345b614c38e353a3ec4abd2957e6d\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 1076886 d4e2d9d77afd78df99d96a6541730527\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 772608 c3f93d5b94e84df6faac86b701f9836c\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 436580 f7e6430bf6f628592596b44e7341af30\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 83772 ad232225b5bbc88f1e0f5bd55916de24\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 226770 34e47342c392be9006254e15fc0258e3\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 62258 c71fecc4d7bd6e3191c08a19cbf07aa5\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 141840 33ec180078e9b8e1f80fca5f26c1d558\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 88380 64572d633f1a84999b2205bd6958206c\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 68890 dcabc2bcaac75b7e226c9090a82207a0\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 132614 f129069e4dd68ccf7801c717603713ef\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 176870 9e0e200bdff3119ef8488f9a5bf62e7c\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 1031008 8a80209f195b2eb787236e0dcd8aaa23\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 672020 7b5b4e1643b5802b2bbfab006d0e6d7a\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 412036 213c308bef9eaa6762ab755da6e7442a\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 77328 295e5ed2c0c2366fc6b3d343607ae431\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 199040 1b0a50f1bf8e421d9838acea254c6c26\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 57780 96ae66401532d513b4333c3429f6e2eb\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 131900 fc29493488e6311a94cfa5ec2c5ac7a8\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 81008 0c2bd14ee6534cad097d5d80200cc94a\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 62650 8d1f1316f52fe066626f0fde07f8b990\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 124088 de985ccf04486e2043c2324affbb18af\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 194590 f63db5ccc5825220d5014b1d7eda0ebe\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 1082008 3501eca4bc0d14b39fbc662ee20ab7cb\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 757006 169816425e730c69266d39518fb718f8\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 429982 24a79674c75e6f9731d34468ad86e27c\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 90254 936f19b572498c2de200fd3e323657de\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 240274 eb844e20839937a3ccad330429ba1840\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 65452 dffc482a088d83a0100e78e69f332bb8\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 153794 308fc25b452cb374f7b45a472784761b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 96692 9566a692d6f8a6d47e9f60e25d13927d\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 70680 4949b60728fc08134113f744738a293c\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 150262 dbf317c0added0c3faae6710b8026fc8\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 170940 967a1344994914065dc904da571a2aef\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 965784 bd503df54b8c9afcb4e5a6a375ce7fa8\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 683396 939cb2731116dc8718ea4ebc996b5c7e\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 380910 5b46d8169ecc2409caad5dd4feacdc2b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 79084 e3da961bcea67ff2c217008d141075cf\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 210904 688aeb4162f4dcf86768ddd299cf6625\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 60996 e20fcf5e2b4bab548fe8e0836aff86eb\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 135846 55612458a19bd82331991bbb672f74e9\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 84546 f1fc527ed376549516113ae94ca7d0fb\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 65282 7726043628cc103faccb839be0def042\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 127130 edddba0066c5bab862847c750a231a51\n\nUpdated packages for Ubuntu 7.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.1-7ubuntu0.1.diff.gz\n Size/MD5: 1674637 40fa0c4bdf307c7e5d9509be9870434e\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.1-7ubuntu0.1.dsc\n Size/MD5: 1044 2c6766c8721cf2e3caa259cdb5badf10\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.1.orig.tar.gz\n Size/MD5: 14474321 8f8d6a494380f01a7a0a9236162afa52\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.1-7ubuntu0.1_all.deb\n Size/MD5: 2076606 1c021446b5f479717a4998df0f87f205\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 165034 78f040deebe1683f8966347e9896fce8\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 1308970 04db0004a99e7e0d01b37d922f47df1e\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 88606 6509d222135bfaa05ebf79db1f63c2a7\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 493016 54a329e5f8464d5f519ac225f4d5d778\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 87824 cac8d5d1297bb71c52a877cf0b85c393\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 228534 d6c15467cf49d74831ac0ea494eec6f9\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 65864 563aaa90bffe6ff07ff8db56cff826f8\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 185182 e1f4910f7b6fca6655696a0bb7169d7b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 91334 c1c20f704f98f19212cfa70ac9edf193\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 72950 de7748ddb5f7cd3f0744eb77770fa3e0\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 137592 99c3b6d671ae7f0439f379d5b2688659\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 148364 a3e27e81c7e81f627d05c708faae402d\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 1266912 2696e89ea8cf6e857e36ee740fb65ea0\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 88624 9970f2076c76427dd0cbf217b6a6bba0\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 462068 bd3623332d7737858d0fe5918ef8838d\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 81192 d4a4e0e7358f626abc0dbb81575071f6\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 199624 5a24164123aaea818f2d40c41186fdf7\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 61098 8cc21c42ff5dd534f7158c4c750a498e\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 172178 319f2ba5ea41bb97a125049f17154ac4\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 83634 049a305ea62a45ec23b65dbcd04e85fb\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 66538 a0c51897ca2c55ee7ec2447465121f5e\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 128624 df48b843cf7ab20fc4696d36bba2fe6e\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 162676 0c11613a3d49190eb92074c27833f4c6\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 1320150 c2a537a9acf0ebf7b08764506136d37e\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 88634 eedc4522ba18dfed6fd2483cf8dd0379\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 482868 4d015493346726e61cd0cf9525e2b1e5\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 94492 50526cbb8952316a7b9195edcf148fd3\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 241802 99608692096cfa0e88372013a1b41517\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 68960 fc1d60376ba03106488b098f4b5ea624\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 198522 24b5f7bb74e3d978888dd1cdd065f881\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 99412 ca441f559a1e11b55c3ef52c54ede8ca\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 74666 0657bf76d80f969330c5391d65291baa\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 155750 967a3ce3bc4fe5383a2a4f6a54ac686a\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 145672 b78635a0dbdb4d4d76c7e6d7ee4cb2fa\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 1200060 c280c5257a62a657ba79ac09ed62e4ff\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 88620 9b75ff80509a5b3435f7d6f30b19ac9b\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 431168 3c7606d6ced441110ab47b16de3542fc\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 83030 cc47e0b9c435c5802a2352cb203c435c\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 211104 bed40b53469b42c5a65a1f0640ae4d2f\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 64404 13877024ad747d0ce0a696210217f170\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 172948 8fd8903c9b1caa12ebe73c7c6f86de98\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 87474 c3f94c62f987a7a6d50f9d5344e59cff\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 69196 97040973c460c004ee83b7ba19ddfc88\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 131692 c12abe7485457bcd0ebe5cf3ecfcc850\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1524-1 security@debian.org\nhttp://www.debian.org/security/ Noah Meyerhans\nMarch 18, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : krb5\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2008-0062 CVE-2008-0063 CVE-2008-0947\n\nSeveral remote vulnerabilities have been discovered in the kdc component\nof the krb5, a system for authenticating users and services on a\nnetwork. It is theoretically possible for the exposed\ninformation to include secret key data on some platforms. \n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.4.4-7etch5. \n\nFor the old stable distribution (sarge), these problems have been fixed\nin version krb5 1.3.6-2sarge6. \n\nWe recommend that you upgrade your krb5 packages. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\nDebian 3.1 (oldstable)\n- ----------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6.orig.tar.gz\n Size/MD5 checksum: 6526510 7974d0fc413802712998d5fc5eec2919\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge6.diff.gz\n Size/MD5 checksum: 673705 93382126a3c73ac44ed7daa7d85f166d\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge6.dsc\n Size/MD5 checksum: 782 0391aaf485ef1636ef18c6ba183c3fbe\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.3.6-2sarge6_all.deb\n Size/MD5 checksum: 718916 ca2fb37b53a19207f1e1f1de90c4c1f3\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_amd64.deb\n Size/MD5 checksum: 137834 d43e9d3f3ef65fe8c8cbbb7b5dcbd144\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_amd64.deb\n Size/MD5 checksum: 177730 947fb82dd795f9272935ea4cb027e543\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_amd64.deb\n Size/MD5 checksum: 124864 4f1d0aa9d18013023f4a9f2b9a10db65\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_amd64.deb\n Size/MD5 checksum: 104886 15037693de0d9dc27460d713b547872a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_amd64.deb\n Size/MD5 checksum: 63606 c4cfe2b01bfe0b579b216210817c4fa3\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_amd64.deb\n Size/MD5 checksum: 369420 c8d1eaf98400880ff82f727fe20f90cd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_amd64.deb\n Size/MD5 checksum: 82806 30230dfe2605b88fdeac8811d408acdb\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_amd64.deb\n Size/MD5 checksum: 57048 741292984684fddae11e130dcd388161\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_amd64.deb\n Size/MD5 checksum: 652378 d8f3493f4354e0b3717ffc72d6592b88\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_amd64.deb\n Size/MD5 checksum: 216990 0df13c59411cf57b86bd94e250cf458e\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_arm.deb\n Size/MD5 checksum: 115684 ef39b71c5ecf4187e24d27c1111c9a54\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_arm.deb\n Size/MD5 checksum: 633330 08566aa29ab8d56e26070137a16731a4\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_arm.deb\n Size/MD5 checksum: 158874 4f60129aa092ea3d750deb168299abe7\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_arm.deb\n Size/MD5 checksum: 54134 e23173f4ad3a59af03fbab0369a714a9\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_arm.deb\n Size/MD5 checksum: 58252 255394fcc06d13b6dabc2e87c91dac02\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_arm.deb\n Size/MD5 checksum: 198848 aaba0529c817ff11728515f5a116f71b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_arm.deb\n Size/MD5 checksum: 126814 85d31333aa01c4ab1f7b14ffaaa4c08b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_arm.deb\n Size/MD5 checksum: 74940 706b7cbfb01d66cbdb371a9019b3f725\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_arm.deb\n Size/MD5 checksum: 329190 a661364db9bd2d5c5340a0c6a5c939f4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_arm.deb\n Size/MD5 checksum: 93938 04dc96993c79d0113a0626a4439c8cbf\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_hppa.deb\n Size/MD5 checksum: 125154 afd4a9608fff5b1b3e793881bb2c9c2c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_hppa.deb\n Size/MD5 checksum: 64286 b85cf8b5680c12c093ff34150623a3a0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_hppa.deb\n Size/MD5 checksum: 59368 3df43bbb40e060d0522495ff3e78412d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_hppa.deb\n Size/MD5 checksum: 669644 50027bd1d314e911c4a91647989fad1e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_hppa.deb\n Size/MD5 checksum: 104948 a013d1818ed8d6dd7d75a8ac11e795f9\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_hppa.deb\n Size/MD5 checksum: 187304 401a8e21722c104f3d3aae86cf3640e9\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_hppa.deb\n Size/MD5 checksum: 383876 d50afad26c9a0416fe47dfdf5ff649f4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_hppa.deb\n Size/MD5 checksum: 81992 b6c84f121f66616f578b13a3f0c654ca\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_hppa.deb\n Size/MD5 checksum: 139202 4972377b638f980ad757128f14132874\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_hppa.deb\n Size/MD5 checksum: 224154 8a8436e210dd8892487ea482a1de6522\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_i386.deb\n Size/MD5 checksum: 116324 445bced4eb764a78e51b68e4d7558363\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_i386.deb\n Size/MD5 checksum: 574784 40fa136876b3219e55de089340c0c85e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_i386.deb\n Size/MD5 checksum: 52890 a6ae74be5b338ab7f215d0846353833e\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_i386.deb\n Size/MD5 checksum: 165726 4b2485d3b8a50cd61ffcd2e0748d70fe\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_i386.deb\n Size/MD5 checksum: 349416 2f33d4592484a2adf276fd29cfe9d728\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_i386.deb\n Size/MD5 checksum: 127878 7232e14b8bc1d78fa4346b4ed393a3b9\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_i386.deb\n Size/MD5 checksum: 95656 00f7666dac13adf2a7bfc81c9d801f2f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_i386.deb\n Size/MD5 checksum: 191526 d8613e5a3d87838ee7155f54c1c12f3d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_i386.deb\n Size/MD5 checksum: 57762 2baa509aad5f6b837753e5a3e65e63f1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_i386.deb\n Size/MD5 checksum: 75890 5e52830c36794bb8ed2cdd14611ec690\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_ia64.deb\n Size/MD5 checksum: 134332 473be671406f747295c4a94d3f2ca3c5\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_ia64.deb\n Size/MD5 checksum: 289396 c95c79f18a2a8cb78131a35073c09ebe\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_ia64.deb\n Size/MD5 checksum: 890018 a9ca82650f5f96ac66d2b4436b0d1345\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_ia64.deb\n Size/MD5 checksum: 167350 f448dced91316668c1d33d6a0776eb2c\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_ia64.deb\n Size/MD5 checksum: 240384 5dc95c9ea35a7b052041e177114c5acf\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_ia64.deb\n Size/MD5 checksum: 79982 8980a39a06eeca5ef5adb623786742a2\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_ia64.deb\n Size/MD5 checksum: 73692 039a88dc8793fa4de6e461408cde62bd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_ia64.deb\n Size/MD5 checksum: 105008 273a9dbaf7a4882f39ebd9de527f76fb\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_ia64.deb\n Size/MD5 checksum: 502382 97f1d32991c1778752bad887f4029990\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_ia64.deb\n Size/MD5 checksum: 165288 7d2e3c354cc50db22fc34a396902690f\n\nm68k architecture (Motorola Mc680x0)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_m68k.deb\n Size/MD5 checksum: 71116 2f35c57d9f24856b013e27b0eef24a25\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_m68k.deb\n Size/MD5 checksum: 516020 203205bb2e6f66161c2aa98746687190\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_m68k.deb\n Size/MD5 checksum: 49768 39d4529ec4e27e2fdc75de762c5643fa\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_m68k.deb\n Size/MD5 checksum: 107660 0659ab018fbf062504348fc63ef97cc6\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_m68k.deb\n Size/MD5 checksum: 147864 b86ebef3ec1541aeabc20be31e503049\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_m68k.deb\n Size/MD5 checksum: 305872 1fc4f6385b5196c1c892731eac06f5b3\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_m68k.deb\n Size/MD5 checksum: 122106 c60b71edc9196adda91d40c4b84a908e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_m68k.deb\n Size/MD5 checksum: 174180 6d750c072a8d641bd661ea5c688199f3\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_m68k.deb\n Size/MD5 checksum: 53478 74055ea66e27e24d79c824691da8fe0f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_m68k.deb\n Size/MD5 checksum: 88692 074a5c747c652e7ce8d911077ca5586c\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_mips.deb\n Size/MD5 checksum: 145108 f432457761497dcfd8e1ba6fe7ac43fa\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_mips.deb\n Size/MD5 checksum: 164386 512e3b183ffc5f121f82981f32235377\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_mips.deb\n Size/MD5 checksum: 57750 d827cf9980ed4eba196dedf93e7d9b5d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_mips.deb\n Size/MD5 checksum: 680860 b4718176172f14d54d2a4662ae28e534\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_mips.deb\n Size/MD5 checksum: 128738 a9592a522e7cc0f6db4c121ac04db438\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_mips.deb\n Size/MD5 checksum: 65060 9b5613121aff8f341cb2dc3786b28d78\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_mips.deb\n Size/MD5 checksum: 103404 eb3ca8cddb900bd4dfdb10b67ca9622c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_mips.deb\n Size/MD5 checksum: 225708 d09d386a5705b48584ffd51b0127883d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_mips.deb\n Size/MD5 checksum: 355178 359ca6a220b6a9e7af7b949e7a64fb5d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_mips.deb\n Size/MD5 checksum: 80956 407fec89580608afebb4ff89d95bdf72\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_mipsel.deb\n Size/MD5 checksum: 146678 76f8820a81a1c068ab60348f1302d087\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_mipsel.deb\n Size/MD5 checksum: 103808 db8b0c06f58646093ca80554061cc0d1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_mipsel.deb\n Size/MD5 checksum: 65266 c27b18832cafb60109ba97e529706a53\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_mipsel.deb\n Size/MD5 checksum: 226540 0ddfa3be4f63eeb0066682928c193996\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_mipsel.deb\n Size/MD5 checksum: 82060 2479f67cadc3533fb499507fc1977b5d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_mipsel.deb\n Size/MD5 checksum: 355120 d1644230bb4cc0788a04f5f0c8eb961c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_mipsel.deb\n Size/MD5 checksum: 58164 5dcd7db602701983272b2fbb0db88864\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_mipsel.deb\n Size/MD5 checksum: 130098 472042e34a7ac48352205df510767ddd\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_mipsel.deb\n Size/MD5 checksum: 165632 3074194d27a16bd4e737a9462d6a217a\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_mipsel.deb\n Size/MD5 checksum: 682776 b0046283d8860fc6c8fe968b335ff463\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_powerpc.deb\n Size/MD5 checksum: 61758 9496fefe85772ad549b84ae523c56e77\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_powerpc.deb\n Size/MD5 checksum: 217812 c5aa73b8513a3698002cc3cedfeff012\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_powerpc.deb\n Size/MD5 checksum: 105320 3677c003bd4c271bbe3daef5cf8f52df\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_powerpc.deb\n Size/MD5 checksum: 143838 61244dbf640bd19ee1cc738ee7b44b34\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_powerpc.deb\n Size/MD5 checksum: 57018 9afa2ba534be545b9d76d1f69c8e5468\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_powerpc.deb\n Size/MD5 checksum: 165746 74c29add119101782727226dc9200db0\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_powerpc.deb\n Size/MD5 checksum: 634906 93dd67378ead6cb763cc304516cbf632\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_powerpc.deb\n Size/MD5 checksum: 353104 c5b16a1f26d01435b2bcb540b5b97730\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_powerpc.deb\n Size/MD5 checksum: 82702 f728717a6a25b233526ad69934e376f4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_powerpc.deb\n Size/MD5 checksum: 126246 da0e3adca803929ae44fad884949cbe2\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_s390.deb\n Size/MD5 checksum: 214176 9c4b2684ce790d6544d078efde32f5d3\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_s390.deb\n Size/MD5 checksum: 132996 1ed627f09d5b25bb3eaaaa4148207d7f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_s390.deb\n Size/MD5 checksum: 63428 332d6f0c94eabdca1df666a3ec0c6184\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_s390.deb\n Size/MD5 checksum: 57214 f518a8dd4336c3916bb8c533bd8b6301\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_s390.deb\n Size/MD5 checksum: 624898 27ed5f1406b97c3a429ed6cc41a5421a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_s390.deb\n Size/MD5 checksum: 99652 0e49258823390960faaf06522ab8f1cc\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_s390.deb\n Size/MD5 checksum: 376188 ec0fdc218fbe9c53fa5aaec87667b5a7\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_s390.deb\n Size/MD5 checksum: 82370 3a26a1e22c24add8b16498a641444a77\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_s390.deb\n Size/MD5 checksum: 180336 34967e4eb80a75b18a23a9f3bf05bb5f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_s390.deb\n Size/MD5 checksum: 121318 883136f99bce1a8f9f413dc3d68f5762\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_sparc.deb\n Size/MD5 checksum: 576786 3c142ce93bd9b408ea9a6d6046e3d067\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_sparc.deb\n Size/MD5 checksum: 58950 91be8dfc1160f334f0ed514eaeddb3c4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_sparc.deb\n Size/MD5 checksum: 53520 89ceeef920ad596b129365a1f6876818\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_sparc.deb\n Size/MD5 checksum: 73596 cca4a24557097c3be9dc611d686d0688\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_sparc.deb\n Size/MD5 checksum: 93348 0a954f5b7f637eeaea3b656699314b99\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_sparc.deb\n Size/MD5 checksum: 114068 e7a1986874465f458987516f27a705d1\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_sparc.deb\n Size/MD5 checksum: 157712 2c8a0b75fc4982ee9265d2dd8cab2cc4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_sparc.deb\n Size/MD5 checksum: 126780 d6faa238b06d1ff65c6b20b54c7b4fac\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_sparc.deb\n Size/MD5 checksum: 194584 39322280b333988d5cce973c7c00cdad\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_sparc.deb\n Size/MD5 checksum: 330436 27d8b24e5a2bbb57d8078c7b1d391d53\n\nDebian 4.0 (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch5.dsc\n Size/MD5 checksum: 876 e8f30ac6b710091985a2b669632ca174\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4.orig.tar.gz\n Size/MD5 checksum: 11017910 a675e5953bb8a29b5c6eb6f4ab0bb32a\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch5.diff.gz\n Size/MD5 checksum: 1590551 c7d7bfb6aa34876ec8b5d0767ed65c2d\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.4.4-7etch5_all.deb\n Size/MD5 checksum: 1806352 0e3b03d93b1a62a41f9d004d3f6a69eb\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 76136 61c8f8b99cd2c5e08fe20121d5a33119\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 461032 12fe64d352941f674f01b875532ec91f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 91648 ee8cf04beb8687f4afc0684fbed232e9\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 1087614 dc627be2679028513f541ab0db184758\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 245650 57d128cab47e74d75ad56da8b81866fe\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 154868 4cac528d66a64df26a385bb15552061c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 136110 a0d904994baba8064c640014e238020c\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 216328 7e96a8117e5397282f9027dc99fee308\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 89690 a14489d539fc5274175e92b8c1f99cc4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 65866 c153e17e3514e566d1b719bd4941c3f2\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 1017046 543b2403aee468ad0a1692708de9a587\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 83852 4e7e51683f130dfdbaaaa2b6bbdfd70b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 61474 5ed45d3180ad5cda0839f53d8d9fc716\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 768634 4f227f866f481d0a11a90b1a41d14bbb\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 141926 5944b339ff70c630a2d04026dc8a436c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 68170 d5b5cc9a99c26889dcf685f88cc92a9a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 129822 8f01b6b85827382fcb2ac54b561a1ec0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 222262 b16ea5bddeb302c73844a465d5b27020\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 1072208 5458abcef1aa9174a703a51d9910bf42\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 190378 b663d232374d5d8ea6a1aeb6596e1e66\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 426424 39665f5600ac062e43d78823f79016a6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 86108 786e35f5915b137445eb034ef1f53eee\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 1013602 3087dae461053141fd9099ba1bf1f520\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 63418 6d76005bc5336972fff07aa9961bcbca\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 682712 20f548e7e7fe59ffc450c46c58b73fd1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 136110 b1774fea7cea371790dc1d7b9a293395\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 173154 785af0fd07d78658edb4a4c25082ca22\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 59834 e369f2b68c8090e91191718d207da76d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 206238 c69f58637e68a2d455750e32b5b770c0\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 390054 b972d264ad97b69120ee4e4d898f3055\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 81426 82979ab1f34edf407dc1a32f4be2a911\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 123540 f9534a82bfa054018029c9a3934fc121\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 78826 62163e751d27902012a16758fbbf67e0\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 1050680 8ea8f26032837464c794e615623ac59e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 87564 ec92090e89dc2c03500c52cbd188e4c3\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 441724 6cc26ce6c3e4fa233222786b15bc08ac\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 64206 fa4e68946117f10d2dbbcea75fabe5d0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 132802 23e6e453b5943c8df76fd87a18fe2182\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 85370 9011819683422a091d363e0d0064e82e\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 815220 652f24a16193c3d8bf9f128000888850\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 145028 88cb8fd42c037cca495bb200a8d5bacd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 69692 0ce8e82456cc62420ba31f7ce0aa3a39\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 201216 b7aa6c970117a632b2e60d14829ba7b7\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 232082 7a823371e31f4b3e937a4e9d7a83d09b\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 80306 8c8461beb8bd866080134bf1a25ef557\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 62446 22a83f7567df841b9f34ffc133534a64\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 133360 5e72e490c20ac03f49b7fd6921047048\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 680166 991c24aa3b8e2d82f07e49865d70119b\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 408376 f375a2157e2b1de2eadecbb2f03c8637\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 174112 f9efe4ee2c52dba6806f548d778e0f53\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 58050 b99734e1b92043a8cc816c588b04fce5\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 196558 0b03b5d3920efa1c5efbf8cbe3901f15\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 124206 21cc6d63e1eeaeb9deb70e227d61d84b\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 1037936 a1a2470171c5403563ed285be9caaa9a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 78598 80b9f57c39a90e17b67480271ec8cc2a\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 305920 940370e13598d9c00b123f97aa3f09ad\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 164602 6dd81cf1a5487ad63e2ab3cf1ce342f1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 112994 4ccb79847d301064e5e6496f2577b5e5\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 80324 88cc01f93ed8fe3b9c9861176050f004\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 105592 8745ddb42d7cb7afb95ef4f946a26c60\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 1088562 0d2cdc97965b7827a78bca972aed38fd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 91338 40c9d44d05f3262c1a5d6950c4255e16\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 269600 4acf36a3831bd4d2bb0af4d9130d0f27\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 1043576 6e487c186d462bc98b8ccdfbb5891324\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 190500 4cc37a9cd6bb13da4ca73f87b60738d3\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 592208 ac3bd63fc244d99757d33c8b8fa8f745\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 71184 99f78076e71ddc74b7809de695945048\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 128534 d08156f659ccfaa953e612ab0f1be1e0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 86416 a0ccc69288f43974099646a0b4df2702\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 807408 caa736a161edf63d4b7b0200642293cc\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 81794 820abd7cda885cfbcd651eeb819b6ea2\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 176908 eb82211002e6f5fa451b8c6fc72cd8c5\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 230468 6498dab212c73d4c618a77b105d40302\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 389766 cb2be7e8aa8890f3011c7721474048cb\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 145004 1d8436cb03bf8df56127ab37a1787096\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 62920 610d234fcd0e209b0d2e6c0f3be39f6b\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 1112710 5b98f43fa267c04b32bc96927ad868a2\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 87478 dce62567d27548de56ad38615fd5a8fe\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 71596 8cfffdf23386228753133a6d675a75dc\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 131106 22011c6b9dfeaf6318baffbb40b4b005\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 63834 9a2e78369d8fa1d0d8688eb48e443518\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 810348 c36eb2099ac9fd31e57d5693ec8eb92b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 82652 3699856d5fe3d28c74e0e66469d05859\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 1087382 a5cac22f1da48cbb4c80f7f736b70b2f\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 179494 4a1d3e8cc558c330b9f4a6bded87913b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 145716 1f45bb37dd7e13ea4c6b21f52c43c657\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 232788 88bc4c67b09b541769a7a00abc5d2688\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 391848 05272bb8eb78e5e3fa374c9cb6597403\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 222776 d87408739c95de5b207a88550278a0d0\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 1083104 a5a89067cd381199a75e9751be977884\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 143844 488e4411a9d507c14961e8c1a867a18b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 84364 fd1d52f855615c98fc8d207dcea36d2f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 137308 16ac4ae9b3a4eec6e584d4b9902771ed\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 399370 2c4951062f1fa124af1a36a8b0c1e761\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 86864 33e72918f1ae2f968537d4e3328237b8\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 67384 3547b618672d7e775018128fa421551d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 753506 cdc2c41be06d280160c3f7ee8b7f3417\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 61930 dad1ac368a357004137a4beaf0a4f8ba\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 179574 499b4b287b5726f7a8afea620d5606c5\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 63392 7e446e33886543cc1432026dbde49ea8\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 87886 02735411cb4acaa71b8aa72bf7d9683d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 438990 5aacff7c6ec54f708cb98fa0718bfcc0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 129266 31c153db1328ee93b97e64bdb01a3cc3\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 195506 d3175c75393ac80363919b170e1446e0\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 1073530 ac4c767b43f20d304e9683ebfddf3a68\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 224438 5a59744997773137c0409af842e7fdf0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 68782 57ed0962a4cf4f2f7c7d60edf52449ed\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 140470 8fd23a0ec4c4b5c81c48d7b0228a5fa8\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 82118 7a84a0ceeb5110380a231be90d6f36ce\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 733368 6a3ea5e404cebc11888aaad6fdc2cedd\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 131724 561314d157da780fc7de7c06524e8a3c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 77124 6de298978f0404514a0b16d863efa276\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 961534 754258b22c1eaf83c3167775c3138a58\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 372674 20c48448253a262988a3ca876cfb2931\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 123040 00e2f8c76353547804f9ff516de1f65d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 680434 6bf7c8d82d481a8d6d9d784f5ed617ec\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 58242 f7e89e959e30e2bd36ac3ce1191a7711\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 63800 21beab0b247e7bdeea2004876f388c59\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 166710 b5127d835935bee8ce49a1154e5fa2eb\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 200282 49524ee10fb4d4e7be223a1f25dffba7\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 78204 2462352e5493e856bd8a784ca49f95f0\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n \n A flaw was discovered in how the Kerberos krb5kdc handled Kerberos v4\n protocol packets. \n \n This issue only affects krb5kdc when it has Kerberos v4 protocol\n compatibility enabled, which is a compiled-in default in all\n Kerberos versions that Mandriva Linux ships prior to Mandriva\n Linux 2008.0. \n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947\n http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt\n http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.1:\n 64c3f5c31177dcacc99b021ec6ed1271 2007.1/i586/ftp-client-krb5-1.5.2-6.6mdv2007.1.i586.rpm\n 11b4194bc9edba8c0951e44660ba9955 2007.1/i586/ftp-server-krb5-1.5.2-6.6mdv2007.1.i586.rpm\n 23794e6e0cb1d46a329c42a04f672c5f 2007.1/i586/krb5-server-1.5.2-6.6mdv2007.1.i586.rpm\n 0fbb29bd81c8452d937d30fbbda62242 2007.1/i586/krb5-workstation-1.5.2-6.6mdv2007.1.i586.rpm\n 8f4eea60bf4ea3bfc776f1c117ceb26d 2007.1/i586/libkrb53-1.5.2-6.6mdv2007.1.i586.rpm\n fd5b1da0a056d995011d2b1a692e4292 2007.1/i586/libkrb53-devel-1.5.2-6.6mdv2007.1.i586.rpm\n ca79ccbe3f286b9069f0ae028d9816f7 2007.1/i586/telnet-client-krb5-1.5.2-6.6mdv2007.1.i586.rpm\n 8a7c84f1fe1bbb5338723f28d12a9f21 2007.1/i586/telnet-server-krb5-1.5.2-6.6mdv2007.1.i586.rpm \n 22830790ad7715479b7d4fbecc6c1e7f 2007.1/SRPMS/krb5-1.5.2-6.6mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n fc02060b7c1da08c33952e6c14fb5627 2007.1/x86_64/ftp-client-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm\n 513fca34bdd1f2a5643a8e6adeb62e0e 2007.1/x86_64/ftp-server-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm\n 4f42d639753a885212e6d62bfe84a121 2007.1/x86_64/krb5-server-1.5.2-6.6mdv2007.1.x86_64.rpm\n 6b2ca028321fb08199be20a4aedef4a0 2007.1/x86_64/krb5-workstation-1.5.2-6.6mdv2007.1.x86_64.rpm\n 4d453dc2a579e74e29dfc052197fedc1 2007.1/x86_64/lib64krb53-1.5.2-6.6mdv2007.1.x86_64.rpm\n b22d9f1b515df1a5270d2d4c373b7dd3 2007.1/x86_64/lib64krb53-devel-1.5.2-6.6mdv2007.1.x86_64.rpm\n 21b245649de9e38e43782bd1a18922a7 2007.1/x86_64/telnet-client-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm\n 1322374ab1c15b5c1392ee4ae5f915e7 2007.1/x86_64/telnet-server-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm \n 22830790ad7715479b7d4fbecc6c1e7f 2007.1/SRPMS/krb5-1.5.2-6.6mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n 3ee5a309927b830bf8559a872161384b 2008.0/i586/ftp-client-krb5-1.6.2-7.1mdv2008.0.i586.rpm\n 1835baa43ab27aac2493dc7821bafa8a 2008.0/i586/ftp-server-krb5-1.6.2-7.1mdv2008.0.i586.rpm\n 5e8369c201ac4678a7bc46590107e45f 2008.0/i586/krb5-1.6.2-7.1mdv2008.0.i586.rpm\n 94277e76faf2b75553c2e6250e428a43 2008.0/i586/krb5-server-1.6.2-7.1mdv2008.0.i586.rpm\n 695d5b85347b906401433fa55177be1a 2008.0/i586/krb5-workstation-1.6.2-7.1mdv2008.0.i586.rpm\n 4696cbae0ce644c265b74ff4ce59a865 2008.0/i586/libkrb53-1.6.2-7.1mdv2008.0.i586.rpm\n cc8122a1c6a3449fc41d3022bbdffeb2 2008.0/i586/libkrb53-devel-1.6.2-7.1mdv2008.0.i586.rpm\n d5e75835b35e81a3f7d038e501dabd1c 2008.0/i586/telnet-client-krb5-1.6.2-7.1mdv2008.0.i586.rpm\n 072b5ba782fbd1659ed8bde15bd11b5a 2008.0/i586/telnet-server-krb5-1.6.2-7.1mdv2008.0.i586.rpm \n cfd133fde8cc72b038ea61dc94405701 2008.0/SRPMS/krb5-1.6.2-7.1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 7a8c1c390b1d1a0b2a8fe28e8fb6a458 2008.0/x86_64/ftp-client-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm\n 9b312bd49bd858d00d00ec299866a275 2008.0/x86_64/ftp-server-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm\n 19f7d0590227c4cc636ee5528db8027a 2008.0/x86_64/krb5-1.6.2-7.1mdv2008.0.x86_64.rpm\n 6a84bc19cb8e32f7331ce4c1ed36dc9d 2008.0/x86_64/krb5-server-1.6.2-7.1mdv2008.0.x86_64.rpm\n dabaf97b9b36316dc2b69e9edc953793 2008.0/x86_64/krb5-workstation-1.6.2-7.1mdv2008.0.x86_64.rpm\n 2810bbed78b7480ff48b021a798cb5a1 2008.0/x86_64/lib64krb53-1.6.2-7.1mdv2008.0.x86_64.rpm\n 734b018e6b05204767d07a7d53ef2c3c 2008.0/x86_64/lib64krb53-devel-1.6.2-7.1mdv2008.0.x86_64.rpm\n 787fb5ea70eff84b91eea5d68c1e956d 2008.0/x86_64/telnet-client-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm\n d6224c005bc7c818c117e3fc61643840 2008.0/x86_64/telnet-server-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm \n cfd133fde8cc72b038ea61dc94405701 2008.0/SRPMS/krb5-1.6.2-7.1mdv2008.0.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n <security*mandriva.com>\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.8 (GNU/Linux)\n\niD8DBQFH4WG/mqjQ0CJFipgRAom/AKDt3NL//QdT6Aw4zm4Ok/TlQjpNLQCeJ2qJ\nHsy0RD3h2ilxoUTodKz7J5k=\n=y37y\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0009\nSynopsis: Updates to VMware Workstation, VMware Player,\n VMware ACE, VMware Fusion, VMware Server, VMware\n VIX API, VMware ESX, VMware ESXi resolve critical\n security issues\nIssue date: 2008-06-04\nUpdated on: 2008-06-04 (initial release of advisory)\nCVE numbers: CVE-2007-5671 CVE-2008-0967 CVE-2008-2097\n CVE-2008-2100 CVE-2006-1721 CVE-2008-0553\n CVE-2007-5378 CVE-2007-4772 CVE-2008-0888\n CVE-2008-0062 CVE-2008-0063 CVE-2008-0948\n- -------------------------------------------------------------------\n\n1. Summary:\n\n Several critical security vulnerabilities have been addressed\n in patches in ESX and in the newest releases of VMware's hosted\n product line. \n\n2. Relevant releases:\n\n VMware Workstation 6.0.3 and earlier,\n VMware Workstation 5.5.6 and earlier,\n VMware Player 2.0.3 and earlier,\n VMware Player 1.0.6 and earlier,\n VMware ACE 2.0.3 and earlier,\n VMware ACE 1.0.5 and earlier,\n VMware Server 1.0.5 and earlier,\n VMware Fusion 1.1.1 and earlier\n\n VMware ESXi 3.5 without patches ESXe350-200805501-I-SG,\n ESXe350-200805502-T-SG,\n ESXe350-200805503-C-SG\n\n VMware ESX 3.5 without patches ESX350-200805515-SG, ESX350-200805508-SG,\n ESX350-200805501-BG, ESX350-200805504-SG,\n ESX350-200805506-SG, ESX350-200805505-SG,\n ESX350-200805507-SG\n\n VMware ESX 3.0.2 without patches ESX-1004727, ESX-1004821, ESX-1004216,\n ESX-1004726, ESX-1004722, ESX-1004724,\n ESX-1004719, ESX-1004219\n\n VMware ESX 3.0.1 without patches ESX-1004186, ESX-1004728, ESX-1004725,\n ESX-1004721, ESX-1004723, ESX-1004190,\n ESX-1004189\n\n VMware ESX 2.5.5 without update patch 8\n VMware ESX 2.5.4 without update patch 19\n\nNOTES: Hosted products VMware Workstation 5.x, VMware Player 1.x,\n and VMware ACE 1.x will reach end of general support\n 2008-11-09. Customers should plan to upgrade to the latest\n version of their respective products. \n\n ESX 3.0.1 is in Extended Support and its end of extended\n support (Security and Bug fixes) is 2008-07-31. Users should plan\n to upgrade to at least 3.0.2 update 1 and preferably the newest\n release available before the end of extended support. \n\n ESX 2.5.4 is in Extended Support and its end of extended support\n (Security and Bug fixes) is 2008-10-08. Users should plan to upgrade\n to at least 2.5.5 and preferably the newest release available before\n the end of extended support. \n\n3. Problem description:\n\n a. VMware Tools Local Privilege Escalation on Windows-based guest OS\n\n The VMware Tools Package provides support required for shared folders\n (HGFS) and other features. \n\n An input validation error is present in the Windows-based VMware\n HGFS.sys driver. Exploitation of this flaw might result in\n arbitrary code execution on the guest system by an unprivileged\n guest user. It doesn't matter on what host the Windows guest OS\n is running, as this is a guest driver vulnerability and not a\n vulnerability on the host. \n\n The HGFS.sys driver is present in the guest operating system if the\n VMware Tools package is loaded. Even if the host has HGFS disabled\n and has no shared folders, Windows-based guests may be affected. This\n is regardless if a host supports HGFS. \n\n This issue could be mitigated by removing the VMware Tools package\n from Windows based guests. However this is not recommended as it\n would impact usability of the product. \n\n NOTE: Installing the new hosted release or ESX patches will not\n remediate the issue. The VMware Tools packages will need\n to be updated on each Windows-based guest followed by a\n reboot of the guest system. \n\n VMware would like to thank iDefense and Stephen Fewer of Harmony\n Security for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2007-5671 to this issue. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============ ======== ======= =================\n Workstation 6.x Windows not affected\n Workstation 6.x Linux not affected\n Workstation 5.x Windows 5.5.6 build 80404 or later\n Workstation 5.x Linux 5.5.6 build 80404 or later\n\n Player 2.x Windows not affected\n Player 2.x Linux not affected\n Player 1.x Windows 1.0.6 build 80404 or later\n Player 1.x Linux 1.0.6 build 80404 or later\n\n ACE 2.x Windows not affected\n ACE 1.x Windows 1.0.5 build 79846 or later\n\n Server 1.x Windows 1.0.5 build 80187 or later\n Server 1.x Linux 1.0.5 build 80187 or later\n\n Fusion 1.x Mac OS/X not affected\n\n ESXi 3.5 ESXi not affected\n\n ESX 3.5 ESX not affected\n ESX 3.0.2 ESX ESX-1004727\n ESX 3.0.1 ESX ESX-1004186\n ESX 2.5.5 ESX ESX 2.5.5 upgrade patch 5 or later\n ESX 2.5.4 ESX ESX 2.5.4 upgrade patch 16 or later\n\n\n b. Privilege escalation on ESX or Linux based hosted operating systems\n\n This update fixes a security issue related to local exploitation of\n an untrusted library path vulnerability in vmware-authd. In order to\n exploit this vulnerability, an attacker must have local access and\n the ability to execute the set-uid vmware-authd binary on an affected\n system. Exploitation of this flaw might result in arbitrary code\n execution on the Linux host system by an unprivileged user. \n\n VMware would like to thank iDefense for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2008-0967 to this issue. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============ ======== ======= =================\n Workstation 6.x Windows not affected\n Workstation 6.x Linux 6.0.4 build 93057\n Workstation 5.x Windows not affected\n Workstation 5.x Linux 5.5.7 build 91707\n\n Player 2.x Windows not affected\n Player 2.x Linux 2.0.4 build 93057\n Player 1.x Windows not affected\n Player 1.x Linux 1.0.7 build 91707\n\n ACE 2.x Windows not affected\n ACE 1.x Windows not affected\n\n Server 1.x Windows not affected\n Server 1.x Linux 1.0.6 build 91891\n\n Fusion 1.x Mac OS/X not affected\n\n ESXi 3.5 ESXi ESXe350-200805501-I-SG\n\n ESX 3.5 ESX ESX350-200805515-SG\n ESX 3.0.2 ESX ESX-1004821\n ESX 3.0.1 ESX ESX-1004728\n ESX 2.5.5 ESX ESX 2.5.5 update patch 8\n ESX 2.5.4 ESX ESX 2.5.4 update patch 19\n\n c. Openwsman Invalid Content-Length Vulnerability\n\n Openwsman is a system management platform that implements the Web\n Services Management protocol (WS-Management). It is installed and\n running by default. It is used in the VMware Management Service\n Console and in ESXi. \n\n The openwsman management service on ESX 3.5 and ESXi 3.5 is vulnerable\n to a privilege escalation vulnerability, which may allow users with\n non-privileged ESX or Virtual Center accounts to gain root privileges. \n\n To exploit this vulnerability, an attacker would need a local ESX\n account or a VirtualCenter account with the Host.Cim.CimInteraction\n permission. \n\n Systems with no local ESX accounts and no VirtualCenter accounts with\n the Host.Cim.CimInteraction permission are not vulnerable. \n\n This vulnerability cannot be exploited by users without valid login\n credentials. \n\n Discovery: Alexander Sotirov, VMware Security Research\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2008-2097 to this issue. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============ ======== ======= =================\n hosted any any not affected\n\n ESXi 3.5 ESXi ESXe350-200805501-I-SG\n\n ESX 3.5 ESX ESX350-200805508-SG\n ESX 3.0.2 ESX not affected\n ESX 3.0.1 ESX not affected\n ESX 2.5.5 ESX not affected\n ESX 2.5.4 ESX not affected\n\n NOTE: VMware hosted products are not affected by this issue. \n\n d. VMware VIX Application Programming Interface (API) Memory Overflow\nVulnerabilities\n\n The VIX API (also known as \"Vix\") is an API that lets users write scripts\n and programs to manipulate virtual machines. \n\n Multiple buffer overflow vulnerabilities are present in the VIX API. \n Exploitation of these vulnerabilities might result in code execution on\n the host system or on the service console in ESX Server from the guest\n operating system. \n\n The VIX API can be enabled and disabled using the \"vix.inGuest.enable\"\n setting in the VMware configuration file. This default value for this\n setting is \"disabled\". This configuration setting is present in the\n following products:\n VMware Workstation 6.0.2 and higher\n VMware ACE 6.0.2 and higher\n VMware Server 1.06 and higher\n VMware Fusion 1.1.2 and higher\n ESX Server 3.0 and higher\n ESX Server 3.5 and higher\n In previous versions of VMware products where the VIX API was introduced,\n the VIX API couldn't be disabled. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2008-2100 to this issue. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============ ======== ======= =================\n VIX API 1.1.x Windows VMware-vix-1.1.4-93057.exe\n VIX API 1.1.x Linux VMware-vix-1.1.4-93057.i386.tar.gz\n VIX API 1.1.x Linux64 VMware-vix-1.1.4-93057.x86_64.tar.gz\n\n Workstation 6.x Windows 6.0.4 build 93057\n Workstation 6.x Linux 6.0.4 build 93057\n Workstation 5.x Windows 5.5.7 build 91707\n Workstation 5.x Linux 5.5.7 build 91707\n\n Player 2.x Windows 2.0.4 build 93057\n Player 2.x Linux 2.0.4 build 93057\n Player 1.x Windows 1.0.6 build 91707\n Player 1.x Linux 1.0.6 build 91707\n\n ACE 2.x Windows 2.0.4 build 93057\n ACE 1.x Windows not affected\n\n Server 1.x Windows 1.0.6 build 91891\n Server 1.x Linux 1.0.6 build 91891\n\n Fusion 1.x Mac OS/X 1.1.2 build 87978 or later\n\n ESXi 3.5 ESXi ESXe350-200805501-I-SG,\n ESXe350-200805502-T-SG\n\n ESX 3.5 ESX ESX350-200805501-BG\n ESX 3.0.2 ESX ESX-1004216, ESX-1004726, ESX-1004727\n ESX 3.0.1 ESX ESX-1004186, ESX-1004725\n ESX 2.5.5 ESX not affected\n ESX 2.5.4 ESX not affected\n\n\nII Service Console rpm updates\n\n NOTE: ESXi and hosted products are not affected by any service console\n security updates\n\n a. Security update for cyrus-sasl\n\n Updated cyrus-sasl package for the ESX Service Console corrects a security\n issue found in the DIGEST-MD5 authentication mechanism of Cyrus'\n implementation of Simple Authentication and Security Layer (SASL). As a\n result of this issue in the authentication mechanism, a remote\n unauthenticated attacker might be able to cause a denial of service error\n on the service console. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the name CVE-2006-1721 to this issue. \n\n RPMs Updated:\n cyrus-sasl-2.1.15-15.i386.rpm\n cyrus-sasl-md5-2.1.15-1.i386.rpm\n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============ ======== ======= =================\n hosted any any not affected\n\n ESXi 3.5 ESXi not affected\n\n ESX 3.5 ESX ESX350-200805504-SG\n ESX 3.0.2 ESX ESX-1004722\n ESX 3.0.1 ESX ESX-1004721\n ESX 2.5.5 ESX not affected\n ESX 2.5.4 ESX not affected\n\n b. Security update for tcltk\n\n An input validation flaw was discovered in Tk's GIF image handling. A\n code-size value read from a GIF image was not properly validated before\n being used, leading to a buffer overflow. A specially crafted GIF file\n could use this to cause a crash or, potentially, execute code with the\n privileges of the application using the Tk graphical toolkit. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the name CVE-2008-0553 to this issue. \n\n A buffer overflow flaw was discovered in Tk's animated GIF image handling. \n An animated GIF containing an initial image smaller than subsequent images\n could cause a crash or, potentially, execute code with the privileges of\n the application using the Tk library. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the name CVE-2007-5378 to this issue. \n\n A flaw first discovered in the Tcl regular expression engine used in the\n PostgreSQL database server, resulted in an infinite loop when processing\n certain regular expressions. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the name CVE-2007-4772 to this issue. \n\n RPM Updated:\n tcl-8.3.5-92.8.i386.rpm\n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============ ======== ======= =================\n hosted any any not affected\n\n ESXi 3.5 ESXi not affected\n\n ESX 3.5 ESX ESX350-200805506-SG\n ESX 3.0.2 ESX ESX-1004724\n ESX 3.0.1 ESX ESX-1004723\n ESX 2.5.5 ESX ESX 2.5.5 Upgrade Patch 8\n ESX 2.5.4 ESX ESX 2.5.4 Upgrade Patch 19\n\n c. Security update for unzip\n\n This patch includes a moderate security update to the service console that\n fixes a flaw in unzip. An attacker could execute malicious code with a\n user's privileges if the user ran unzip on a file designed to leverage\n this flaw. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the name CVE-2008-0888 to this issue. \n\n RPM Updated:\n Unzip-5.50-36.EL3.i386.rpm\n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============ ======== ======= =================\n hosted any any not affected\n\n ESXi 3.5 ESXi not affected\n\n ESX 3.5 ESX ESX350-200805505-SG\n ESX 3.0.2 ESX ESX-1004719\n ESX 3.0.1 ESX ESX-1004190\n ESX 2.5.5 ESX ESX 2.5.5 Upgrade Patch 8\n ESX 2.5.4 ESX ESX 2.5.4 Upgrade Patch 19\n\n d. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2008-0062 to this issue. \n\n NOTE: ESX doesn't contain the krb5kdc binary and is not vulnerable\n to this issue. \n\n NOTE: ESX doesn't contain the krb5kdc binary and is not vulnerable\n to this issue. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2008-0948 to this issue. \n\n RPM Updated:\n krb5-libs-1.2.7-68.i386.rpm\n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============ ======== ======= =================\n hosted any any not affected\n\n ESXi 3.5 ESXi not affected\n\n ESX 3.5 ESX ESX350-200805507-SG\n ESX 3.0.2 ESX ESX-1004219\n ESX 3.0.1 ESX ESX-1004189\n ESX 2.5.5 ESX ESX 2.5.5 Upgrade Patch 8\n ESX 2.5.4 ESX ESX 2.5.4 Upgrade Patch 19\n\n4. Solution:\n\nPlease review the release notes for your product and version and verify the\nmd5sum of your downloaded file. \n\n VMware Workstation 6.0.4\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n\n Windows binary\n md5sum: f50a05831e94c19d98f363c752fca5f9\n\n RPM Installation file for 32-bit Linux\n md5sum: e7793b14b995d3b505f093c84e849421\n\n tar Installation file for 32-bit Linux\n md5sum: a0a8e1d8188f4be03357872a57a767ab\n\n RPM Installation file for 64-bit Linux\n md5sum: 960d753038a268b8f101f4b853c0257e\n\n tar Installation file for 64-bit Linux\n md5sum: 4697ec8a9d6c1152d785f3b77db9d539\n\n VMware Workstation 5.5.7\n ------------------------\n http://www.vmware.com/download/ws/ws5.html\n Release notes:\n http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n\n Windows binary:\n md5sum: 4c6a6653b7296240197aac048591c659\n\n Compressed Tar archive for 32-bit Linux\n md5sum: 8fc15d72031489cf5cd5d47b966787e6\n\n Linux RPM version for 32-bit Linux\n md5sum: f0872fe447ac654a583af16b2f4bba3f\n\n\n VMware Player 2.0.4 and 1.0.7\n -----------------------------\n http://www.vmware.com/download/player/\n Release notes Player 1.x:\n http://www.vmware.com/support/player/doc/releasenotes_player.html\n Release notes Player 2.0\n http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n\n 2.0.4 Windows binary\n md5sum: a117664a8bfa7336b846117e5fc048dd\n\n VMware Player 2.0.4 for Linux (.rpm)\n md5sum: de6ab6364a0966b68eadda2003561cd2\n\n VMware Player 2.0.4 for Linux (.tar)\n md5sum: 9e1c2bfda6b22a3fc195a86aec11903a\n\n VMware Player 2.0.4 - 64-bit (.rpm)\n md5sum: 997e5ceffe72f9ce9146071144dacafa\n\n VMware Player 2.0.4 - 64-bit (.tar)\n md5sum: 18eb4ee49dd7e33ec155ef69d7d259ef\n\n 1.0.7 Windows binary\n md5sum: 51114b3b433dc1b3bf3e434aebbf2b9c\n\n Player 1.0.7 for Linux (.rpm)\n md5sum: 3b5f97a37df3b984297fa595a5cdba9c\n\n Player 1.0.7 for Linux (.tar)\n md5sum: b755739144944071492a16fa20f86a51\n\n\n VMware ACE\n ----------\n http://www.vmware.com/download/ace/\n Release notes 2.0:\n http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n VMware-workstation-6.0.4-93057.exe\n md5sum: f50a05831e94c19d98f363c752fca5f9\n\n VMware-ACE-Management-Server-Appliance-2.0.4-93057.zip\n md5sum: d2ae2246f3d87268cf84c1421d94e86c\n\n VMware-ACE-Management-Server-2.0.4-93057.exe\n md5sum: 41b31b3392d5da2cef77a7bb28654dbf\n\n VMware-ACE-Management-Server-2.0.4-93057.i386-rhel4.rpm\n md5sum: 9920be4c33773df53a1728b41af4b109\n\n VMware-ACE-Management-Server-2.0.4-93057.i386-sles9.rpm\n md5sum: 4ec4c37203db863e8844460b5e80920b\n\n Release notes 1.x:\n http://www.vmware.com/support/ace/doc/releasenotes_ace.html\n\n VMware-ACE-1.0.6-89199.exe\n md5sum: 110f6e24842a0d154d9ec55ef9225f4f\n\n\n VMware Server 1.0.6\n -------------------\n http://www.vmware.com/download/server/\n Release notes:\n http://www.vmware.com/support/server/doc/releasenotes_server.html\n\n VMware Server for Windows 32-bit and 64-bit\n md5sum: 3e00d5cfae123d875e4298bddabf12f5\n\n VMware Server Windows client package\n md5sum: 64f3fc1b4520626ae465237d7ec4773e\n\n VMware Server for Linux\n md5sum: 46ea876bfb018edb6602a921f6597245\n\n VMware Server for Linux rpm\n md5sum: 9d2f0af908aba443ef80bec8f7ef3485\n\n Management Interface\n md5sum: 1b3daabbbb49a036fe49f53f812ef64b\n\n VMware Server Linux client package\n md5sum: 185e5b174659f366fcb38b1c4ad8d3c6\n\n\n VMware Fusion 1.1.3\n --------------\n http://www.vmware.com/download/fusion/\n Release notes:\n http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n md5sum: D15A3DFD3E7B11FC37AC684586086D\n\n\n VMware VIX 1.1.4\n ----------------\n http://www.vmware.com/support/developer/vix-api/\n Release notes:\n http://www.vmware.com/support/pubs/vix-api/VIXAPI-1.1.4-Release-Notes.html\n VMware-vix-1.1.4-93057.exe\n md5sum: 2efb74618c7ead627ecb3b3033e3f9f6\n\n VMware-vix-1.1.4-93057.i386.tar.gz\n md5sum: 988df2b2bbc975a6fc11f27ad1519832\n\n VMware-vix-1.1.4-93057.x86_64.tar.gz\n md5sum: a64f951c6fb5b2795a29a5a7607059c0\n\n\n ESXi\n ----\n VMware ESXi 3.5 patch ESXe350-200805501-O-SG (authd, openwsman, VIX)\n http://download3.vmware.com/software/esx/ESXe350-200805501-O-SG.zip\n md5sum: 4ce06985d520e94243db1e0504a56d8c\n http://kb.vmware.com/kb/1005073\n http://kb.vmware.com/kb/1004173\n http://kb.vmware.com/kb/1004172\n\n NOTE: ESXe350-200805501-O-SG contains the following patch bundles:\n ESXe350-200805501-I-SG, ESXe350-200805502-T-SG,\n ESXe350-200805503-C-SG\n\n\n ESX\n ---\n VMware ESX 3.5 patch ESX350-200805515-SG (authd)\n http://download3.vmware.com/software/esx/ESX350-200805515-SG.zip\n md5sum: 324b50ade230bcd5079a76e3636163c5\n http://kb.vmware.com/kb/1004170\n\n VMware ESX 3.5 patch ESX350-200805508-SG (openwsman)\n http://download3.vmware.com/software/esx/ESX350-200805508-SG.zip\n md5sum: 3ff8c06d4a9dd406f64f89c51bf26d12\n http://kb.vmware.com/kb/1004644\n\n VMware ESX 3.5 patch ESX350-200805501-BG (VIX)\n http://download3.vmware.com/software/esx/ESX350-200805501-BG.zip\n md5sum: 31a620aa249c593c30015b5b6f8c8650\n http://kb.vmware.com/kb/1004637\n\n VMware ESX 3.5 patch ESX350-200805504-SG (cyrus-sasl)\n http://download3.vmware.com/software/esx/ESX350-200805504-SG.zip\n md5sum: 4c1b1a8dcb09a636b55c64c290f7de51\n http://kb.vmware.com/kb/1004640\n\n VMware ESX 3.5 patch ESX350-200805506-SG (tcltk)\n http://download3.vmware.com/software/esx/ESX350-200805506-SG.zip\n md5sum: af279eef8fdeddb7808630da1ae717b1\n http://kb.vmware.com/kb/1004642\n\n VMware ESX 3.5 patch ESX350-200805505-SG (unzip)\n http://download3.vmware.com/software/esx/ESX350-200805505-SG.zip\n md5sum: 07af82d9fd97cccb89d9b90c6ecc41c6\n http://kb.vmware.com/kb/1004641\n\n VMware ESX 3.5 patch ESX350-200805507-SG (krb5)\n http://download3.vmware.com/software/esx/ESX350-200805507-SG.zip\n md5sum: 5d35a1c470daf13c9f4df5bdc9438748\n http://kb.vmware.com/kb/1004643\n\n VMware ESX 3.0.2 patch ESX-1004727 (HGFS,VIX)\n http://download3.vmware.com/software/vi/ESX-1004727.tgz\n md5sum: 31a67b0fa3449747887945f8d370f19e\n http://kb.vmware.com/kb/1004727\n\n VMware ESX 3.0.2 patch ESX-1004821 (authd)\n http://download3.vmware.com/software/vi/ESX-1004821.tgz\n md5sum: 5c147bedd07245c903d44257522aeba1\n http://kb.vmware.com/kb/1004821\n\n VMware ESX 3.0.2 patch ESX-1004216 (VIX)\n http://download3.vmware.com/software/vi/ESX-1004216.tgz\n md5sum: 0784ef70420d28a9a5d6113769f6669a\n http://kb.vmware.com/kb/1004216\n\n VMware ESX 3.0.2 patch ESX-1004726 (VIX)\n http://download3.vmware.com/software/vi/ESX-1004726.tgz\n md5sum: 44f03b274867b534cd274ccdf4630b86\n http://kb.vmware.com/kb/1004726\n\n VMware ESX 3.0.2 patch ESX-1004722 (cyrus-sasl)\n http://download3.vmware.com/software/vi/ESX-1004722.tgz\n md5sum: 99dc71aed5bab7711f573b6d322123d6\n http://kb.vmware.com/kb/1004722\n\n VMware ESX 3.0.2 patch ESX-1004724 (tcltk)\n http://download3.vmware.com/software/vi/ESX-1004724.tgz\n md5sum: fd9a160ca7baa5fc443f2adc8120ecf7\n http://kb.vmware.com/kb/1004724\n\n VMware ESX 3.0.2 patch ESX-1004719 (unzip)\n http://download3.vmware.com/software/vi/ESX-1004719.tgz\n md5sum: f0c37b9f6be3399536d60f6c6944de82\n http://kb.vmware.com/kb/1004719\n\n VMware ESX 3.0.2 patch ESX-1004219 (krb5)\n http://download3.vmware.com/software/vi/ESX-1004219.tgz\n md5sum: 7c68279762f407a7a5ee151a650ebfd4\n http://kb.vmware.com/kb/1004219\n\n VMware ESX 3.0.1 patch ESX-1004186 (HGFS,VIX)\n http://download3.vmware.com/software/vi/ESX-1004186.tgz\n md5sum: f64389a8b97718eccefadce1a14d1198\n http://kb.vmware.com/kb/1004186\n\n VMware ESX 3.0.1 patch ESX-1004728 (authd)\n http://download3.vmware.com/software/vi/ESX-1004728.tgz\n md5sum: 1f01bb819805b855ffa2ec1040eff5ca\n http://kb.vmware.com/kb/1004728\n\n VMware ESX 3.0.1 patch ESX-1004725 (VIX)\n http://download3.vmware.com/software/vi/ESX-1004725.tgz\n md5sum: 9fafb04c6d3f6959e623832f539d2dc8\n http://kb.vmware.com/kb/1004725\n\n VMware ESX 3.0.1 patch ESX-1004721 (cyrus-sasl)\n http://download3.vmware.com/software/vi/ESX-1004721.tgz\n md5sum: 48190819b0f5afddefcb8d209d12b585\n http://kb.vmware.com/kb/1004721\n\n VMware ESX 3.0.1 patch ESX-1004723 (tcltk)\n http://download3.vmware.com/software/vi/ESX-1004723.tgz\n md5sum: c34ca0a5886e0c0917a93a97c331fd7d\n http://kb.vmware.com/kb/1004723\n\n VMware ESX 3.0.1 patch ESX-1004190 (unzip)\n http://download3.vmware.com/software/vi/ESX-1004190.tgz\n md5sum: 05187b9f534048c79c62741367cc0dd2\n http://kb.vmware.com/kb/1004190\n\n VMware ESX 3.0.1 patch ESX-1004189 (krb5)\n http://download3.vmware.com/software/vi/ESX-1004189.tgz\n md5sum: 21b620530b99009f469c872e73a439e8\n http://kb.vmware.com/kb/1004189\n\n VMware ESX 2.5.5 Upgrade Patch 8\n http://download3.vmware.com/software/esx/esx-2.5.5-90521-upgrade.tar.gz\n md5sum: 392b6947fc3600ca0e8e7788cd5bbb6e\n http://vmware.com/support/esx25/doc/esx-255-200805-patch.html\n\n VMware ESX 2.5.4 Upgrade Patch 19\n http://download3.vmware.com/software/esx/esx-2.5.4-90520-upgrade.tar.gz\n md5sum: 442788fd0bccb0d994c75b268bd12760\n http://vmware.com/support/esx25/doc/esx-254-200805-patch.html\n\n5. References:\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5671\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0967\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2097\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2100\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1721\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0553\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5378\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0888\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0948\n\n6. Change log:\n\n2008-06-04 VMSA-2008-0009 Initial release\n\n- -------------------------------------------------------------------\n7. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce@lists.vmware.com\n * bugtraq@securityfocus.com\n * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFIRs08S2KysvBH1xkRCMxFAJ0WJX76quFzCV+avwupq3Lu72UKigCfRftj\nCZvxoXw/sZxDCSDjVzYAhrA=\n=s04s\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200803-31\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: MIT Kerberos 5: Multiple vulnerabilities\n Date: March 24, 2008\n Bugs: #199205, #212363\n ID: 200803-31\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilites have been found in MIT Kerberos 5, which could\nallow a remote unauthenticated user to execute arbitrary code with root\nprivileges. \n\nBackground\n==========\n\nMIT Kerberos 5 is a suite of applications that implement the Kerberos\nnetwork protocol. kadmind is the MIT Kerberos 5 administration daemon,\nKDC is the Key Distribution Center. \n\n* Jeff Altman (Secure Endpoints) discovered a buffer overflow in the\n RPC library server code, used in the kadmin server, caused when too\n many file descriptors are opened (CVE-2008-0947). \n\n* Venustech AD-LAB discovered multiple vulnerabilities in the GSSAPI\n library: usage of a freed variable in the gss_indicate_mechs()\n function (CVE-2007-5901) and a double free() vulnerability in the\n gss_krb5int_make_seal_token_v3() function (CVE-2007-5971). These bugs can only be triggered when Kerberos 4 support is\nenabled. \n\nThe RPC related vulnerability can be exploited by a remote\nunauthenticated attacker to crash kadmind, and theoretically execute\narbitrary code with root privileges or cause database corruption. This\nbug can only be triggered in configurations that allow large numbers of\nopen file descriptors in a process. \n\nWorkaround\n==========\n\nKerberos 4 support can be disabled via disabling the \"krb4\" USE flag\nand recompiling the ebuild, or setting \"v4_mode=none\" in the\n[kdcdefaults] section of /etc/krb5/kdc.conf. This will only work around\nthe KDC related vulnerabilities. \n\nResolution\n==========\n\nAll MIT Kerberos 5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-crypt/mit-krb5-1.6.3-r1\"\n\nReferences\n==========\n\n [ 1 ] CVE-2007-5901\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894\n [ 2 ] CVE-2007-5971\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971\n [ 3 ] CVE-2008-0062\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062\n [ 4 ] CVE-2008-0063\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063\n [ 5 ] CVE-2008-0947\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200803-31.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2008 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n", sources: [ { db: "NVD", id: "CVE-2008-0062", }, { db: "CERT/CC", id: "VU#895609", }, { db: "JVNDB", id: "JVNDB-2008-001186", }, { db: "VULHUB", id: "VHN-30187", }, { db: "PACKETSTORM", id: "64708", }, { db: "PACKETSTORM", id: "64730", }, { db: "PACKETSTORM", id: "64688", }, { db: "PACKETSTORM", id: "64729", }, { db: "PACKETSTORM", id: "64731", }, { db: "PACKETSTORM", id: "67011", }, { db: "PACKETSTORM", id: "64848", }, ], trust: 3.06, }, exploit_availability: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { reference: "https://www.scap.org.cn/vuln/vhn-30187", trust: 0.1, type: "unknown", }, ], sources: [ { db: "VULHUB", id: "VHN-30187", }, ], }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2008-0062", trust: 4, }, { db: "CERT/CC", id: "VU#895609", trust: 3.3, }, { db: "BID", id: "28303", trust: 2.5, }, { db: "SECUNIA", id: "29428", trust: 1.9, }, { db: "SECUNIA", id: "29457", trust: 1.7, }, { db: "SECUNIA", id: "29451", trust: 1.7, }, { db: "SECUNIA", id: "29663", trust: 1.7, }, { db: "SECUNIA", id: "30535", trust: 1.7, }, { db: "SECUNIA", id: "29462", trust: 1.7, }, { db: "SECUNIA", id: "29516", trust: 1.7, }, { db: "SECUNIA", id: "29450", trust: 1.7, }, { db: "SECUNIA", id: "29464", trust: 1.7, }, { db: "VUPEN", id: "ADV-2008-0924", trust: 1.7, }, { db: "VUPEN", id: "ADV-2008-0922", trust: 1.7, }, { db: "VUPEN", id: "ADV-2008-1744", trust: 1.7, }, { db: "VUPEN", id: "ADV-2008-1102", trust: 1.7, }, { db: "SECTRACK", id: "1019626", trust: 1.7, }, { db: "SECUNIA", id: "29424", trust: 1.1, }, { db: "SECUNIA", id: "29435", trust: 1.1, }, { db: "SECUNIA", id: "29423", trust: 1.1, }, { db: "SECUNIA", id: "29438", trust: 1.1, }, { db: "SECUNIA", id: "29420", trust: 1.1, }, { db: "USCERT", id: "TA08-079A", trust: 0.8, }, { db: "USCERT", id: "TA08-079B", trust: 0.8, }, { db: "USCERT", id: "SA08-079A", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2008-001186", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-200803-309", trust: 0.7, }, { db: "BUGTRAQ", id: "20080318 MITKRB5-SA-2008-001: DOUBLE-FREE, UNINITIALIZED DATA VULNERABILITIES IN KRB5KDC", trust: 0.6, }, { db: "BUGTRAQ", id: "20080319 RPSA-2008-0112-1 KRB5 KRB5-SERVER KRB5-SERVICES KRB5-TEST KRB5-WORKSTATION", trust: 0.6, }, { db: "BUGTRAQ", id: "20080604 VMSA-2008-0009 UPDATES TO VMWARE WORKSTATION, VMWARE PLAYER, VMWARE ACE, VMWARE FUSION, VMWARE SERVER, VMWARE VIX API, VMWARE ESX, VMWARE ESXI RESOLVE CRITICAL SECURITY ISSUES", trust: 0.6, }, { db: "CONFIRM", id: "HTTP://WIKI.RPATH.COM/WIKI/ADVISORIES:RPSA-2008-0112", trust: 0.6, }, { db: "CONFIRM", id: "HTTP://SUPPORT.NOVELL.COM/DOCS/READMES/INFODOCUMENT/PATCHBUILDER/README_5022520.HTML", trust: 0.6, }, { db: "CONFIRM", id: "HTTP://SUPPORT.NOVELL.COM/DOCS/READMES/INFODOCUMENT/PATCHBUILDER/README_5022542.HTML", trust: 0.6, }, { db: "CONFIRM", id: "HTTP://WIKI.RPATH.COM/ADVISORIES:RPSA-2008-0112", trust: 0.6, }, { db: "REDHAT", id: "RHSA-2008:0164", trust: 0.6, }, { db: "REDHAT", id: "RHSA-2008:0181", trust: 0.6, }, { db: "REDHAT", id: "RHSA-2008:0180", trust: 0.6, }, { db: "REDHAT", id: "RHSA-2008:0182", trust: 0.6, }, { db: "MANDRIVA", id: "MDVSA-2008:069", trust: 0.6, }, { db: "MANDRIVA", id: "MDVSA-2008:070", trust: 0.6, }, { db: "MANDRIVA", id: "MDVSA-2008:071", trust: 0.6, }, { db: "XF", id: "41275", trust: 0.6, }, { db: "XF", id: "5", trust: 0.6, }, { db: "FEDORA", id: "FEDORA-2008-2637", trust: 0.6, }, { db: "FEDORA", id: "FEDORA-2008-2647", trust: 0.6, }, { db: "GENTOO", id: "GLSA-200803-31", trust: 0.6, }, { db: "APPLE", id: "APPLE-SA-2008-03-18", trust: 0.6, }, { db: "UBUNTU", id: "USN-587-1", trust: 0.6, }, { db: "DEBIAN", id: "DSA-1524", trust: 0.6, }, { db: "PACKETSTORM", id: "64708", trust: 0.2, }, { db: "PACKETSTORM", id: "64688", trust: 0.2, }, { db: "PACKETSTORM", id: "64731", trust: 0.2, }, { db: "PACKETSTORM", id: "64714", trust: 0.1, }, { db: "PACKETSTORM", id: "101247", trust: 0.1, }, { db: "VULHUB", id: "VHN-30187", trust: 0.1, }, { db: "PACKETSTORM", id: "64730", trust: 0.1, }, { db: "PACKETSTORM", id: "64729", trust: 0.1, }, { db: "PACKETSTORM", id: "67011", trust: 0.1, }, { db: "PACKETSTORM", id: "64848", trust: 0.1, }, ], sources: [ { db: "CERT/CC", id: "VU#895609", }, { db: "VULHUB", id: "VHN-30187", }, { db: "JVNDB", id: "JVNDB-2008-001186", }, { db: "PACKETSTORM", id: "64708", }, { db: "PACKETSTORM", id: "64730", }, { db: "PACKETSTORM", id: "64688", }, { db: "PACKETSTORM", id: "64729", }, { db: "PACKETSTORM", id: "64731", }, { db: "PACKETSTORM", id: "67011", }, { db: "PACKETSTORM", id: "64848", }, { db: "CNNVD", id: "CNNVD-200803-309", }, { db: "NVD", id: "CVE-2008-0062", }, ], }, id: "VAR-200803-0027", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-30187", }, ], trust: 0.01, }, last_update_date: "2024-07-23T20:14:54.642000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "RHSA-2008", trust: 0.8, url: "http://web.mit.edu/kerberos/advisories/mitkrb5-sa-2008-001.txt", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2008-001186", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-665", trust: 1, }, { problemtype: "Improper initialization (CWE-665) [NVD evaluation ]", trust: 0.8, }, { problemtype: "CWE-189", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-30187", }, { db: "JVNDB", id: "JVNDB-2008-001186", }, { db: "NVD", id: "CVE-2008-0062", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.5, url: "http://www.securityfocus.com/bid/28303", }, { trust: 2.5, url: "http://www.kb.cert.org/vuls/id/895609", }, { trust: 2, url: "http://web.mit.edu/kerberos/advisories/mitkrb5-sa-2008-001.txt", }, { trust: 1.7, url: "http://lists.apple.com/archives/security-announce/2008/mar/msg00001.html", }, { trust: 1.7, url: "http://www.securityfocus.com/archive/1/489761", }, { trust: 1.7, url: "http://docs.info.apple.com/article.html?artnum=307562", }, { trust: 1.7, url: "http://support.novell.com/docs/readmes/infodocument/patchbuilder/readme_5022520.html", }, { trust: 1.7, url: "http://support.novell.com/docs/readmes/infodocument/patchbuilder/readme_5022542.html", }, { trust: 1.7, url: "http://wiki.rpath.com/advisories:rpsa-2008-0112", }, { trust: 1.7, url: "http://wiki.rpath.com/wiki/advisories:rpsa-2008-0112", }, { trust: 1.7, url: "http://www.vmware.com/security/advisories/vmsa-2008-0009.html", }, { trust: 1.7, url: "http://www.debian.org/security/2008/dsa-1524", }, { trust: 1.7, url: "https://www.redhat.com/archives/fedora-package-announce/2008-march/msg00537.html", }, { trust: 1.7, url: "https://www.redhat.com/archives/fedora-package-announce/2008-march/msg00544.html", }, { trust: 1.7, url: "http://www.gentoo.org/security/en/glsa/glsa-200803-31.xml", }, { trust: 1.7, url: "http://www.mandriva.com/security/advisories?name=mdvsa-2008:069", }, { trust: 1.7, url: "http://www.mandriva.com/security/advisories?name=mdvsa-2008:070", }, { trust: 1.7, url: "http://www.mandriva.com/security/advisories?name=mdvsa-2008:071", }, { trust: 1.7, url: "http://www.redhat.com/support/errata/rhsa-2008-0164.html", }, { trust: 1.7, url: "http://www.redhat.com/support/errata/rhsa-2008-0180.html", }, { trust: 1.7, url: "http://www.redhat.com/support/errata/rhsa-2008-0181.html", }, { trust: 1.7, url: "http://www.redhat.com/support/errata/rhsa-2008-0182.html", }, { trust: 1.7, url: "http://www.securitytracker.com/id?1019626", }, { trust: 1.7, url: "http://secunia.com/advisories/29450", }, { trust: 1.7, url: "http://secunia.com/advisories/29451", }, { trust: 1.7, url: "http://secunia.com/advisories/29457", }, { trust: 1.7, url: "http://secunia.com/advisories/29462", }, { trust: 1.7, url: "http://secunia.com/advisories/29464", }, { trust: 1.7, url: "http://secunia.com/advisories/29516", }, { trust: 1.7, url: "http://secunia.com/advisories/29663", }, { trust: 1.7, url: "http://secunia.com/advisories/30535", }, { trust: 1.7, url: "http://www.ubuntu.com/usn/usn-587-1", }, { trust: 1.1, url: "http://www.securityfocus.com/archive/1/489883/100/0/threaded", }, { trust: 1.1, url: "http://www.securityfocus.com/archive/1/493080/100/0/threaded", }, { trust: 1.1, url: "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9496", }, { trust: 1.1, url: "http://secunia.com/advisories/29420", }, { trust: 1.1, url: "http://secunia.com/advisories/29423", }, { trust: 1.1, url: "http://secunia.com/advisories/29424", }, { trust: 1.1, url: "http://secunia.com/advisories/29428", }, { trust: 1.1, url: "http://secunia.com/advisories/29435", }, { trust: 1.1, url: "http://secunia.com/advisories/29438", }, { trust: 1.1, url: "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00006.html", }, { trust: 1.1, url: "http://www.vupen.com/english/advisories/2008/0922/references", }, { trust: 1.1, url: "http://www.vupen.com/english/advisories/2008/0924/references", }, { trust: 1.1, url: "http://www.vupen.com/english/advisories/2008/1102/references", }, { trust: 1.1, url: "http://www.vupen.com/english/advisories/2008/1744", }, { trust: 1.1, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41275", }, { trust: 1, url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { trust: 0.8, url: "about vulnerability notes", }, { trust: 0.8, url: "contact us about this vulnerability", }, { trust: 0.8, url: "provide a vendor statement", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnta08-079a/index.html", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnta08-079b/index.html", }, { trust: 0.8, url: "http://jvn.jp/tr/trta08-079a/index.html", }, { trust: 0.8, url: "http://jvn.jp/tr/trta08-079b/index.html", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-0062", }, { trust: 0.8, url: "http://www.us-cert.gov/cas/alerts/sa08-079a.html", }, { trust: 0.8, url: "http://www.us-cert.gov/cas/techalerts/ta08-079a.html", }, { trust: 0.8, url: "http://www.us-cert.gov/cas/techalerts/ta08-079b.html", }, { trust: 0.8, url: "http://secunia.com/advisories/29428/", }, { trust: 0.8, url: "http://www.frsirt.com/english/advisories/2008/0922", }, { trust: 0.7, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0062", }, { trust: 0.7, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0063", }, { trust: 0.6, url: "http://xforce.iss.net/xforce/xfdb/41275", }, { trust: 0.6, url: "http://www.securityfocus.com/archive/1/archive/1/493080/100/0/threaded", }, { trust: 0.6, url: "http://www.securityfocus.com/archive/1/archive/1/489883/100/0/threaded", }, { trust: 0.6, url: "http://www.frsirt.com/english/advisories/2008/1744", }, { trust: 0.6, url: "http://www.frsirt.com/english/advisories/2008/1102/references", }, { trust: 0.6, url: "http://www.frsirt.com/english/advisories/2008/0924/references", }, { trust: 0.6, url: "http://www.frsirt.com/english/advisories/2008/0922/references", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0947", }, { trust: 0.5, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0062", }, { trust: 0.5, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0063", }, { trust: 0.3, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5971", }, { trust: 0.3, url: "http://www.mandriva.com/security/", }, { trust: 0.3, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0947", }, { trust: 0.3, url: "http://secunia.com/", }, { trust: 0.3, url: "http://www.mandriva.com/security/advisories", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5971", }, { trust: 0.3, url: "http://lists.grok.org.uk/full-disclosure-charter.html", }, { trust: 0.2, url: "http://web.mit.edu/kerberos/advisories/mitkrb5-sa-2008-002.txt", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5901", }, { trust: 0.1, url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.1-7ubuntu0.1.dsc", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.7.dsc", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.1.orig.tar.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.1-7ubuntu0.1_all.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.4-5ubuntu3.4.diff.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-9ubuntu1.6.dsc", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-9ubuntu1.6.diff.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.4-5ubuntu3.4.dsc", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.1-7ubuntu0.1.diff.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.4-5ubuntu3.4_all.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.4.orig.tar.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-5ubuntu0.7_all.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-9ubuntu1.6_all.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.7.diff.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3.orig.tar.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch5.dsc", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4.orig.tar.gz", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.3.6-2sarge6_all.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_ia64.deb", }, { trust: 0.1, url: "http://www.debian.org/security/faq", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch5.diff.gz", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge6.diff.gz", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge6.dsc", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.4.4-7etch5_all.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://www.debian.org/security/", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6.orig.tar.gz", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://packages.debian.org/<pkg>", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_mips.deb", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5901", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004189", }, { trust: 0.1, url: "http://download3.vmware.com/software/esx/esx350-200805515-sg.zip", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004723", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004644", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004642", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004219", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004725", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1055", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0553", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004722.tgz", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004719.tgz", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004219.tgz", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0948", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5378", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5378", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004724.tgz", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0967", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0967", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004719", }, { trust: 0.1, url: "http://www.vmware.com/support/server/doc/releasenotes_server.html", }, { trust: 0.1, url: "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", }, { trust: 0.1, url: "http://www.vmware.com/support/developer/vix-api/", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004172", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004725.tgz", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004727.tgz", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004641", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004724", }, { trust: 0.1, url: "http://www.vmware.com/support/policies/eos_vi.html", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5671", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004170", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004726.tgz", }, { trust: 0.1, url: "http://www.vmware.com/support/ace/doc/releasenotes_ace.html", }, { trust: 0.1, url: "http://download3.vmware.com/software/esx/esx350-200805501-bg.zip", }, { trust: 0.1, url: "http://www.vmware.com/download/player/", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004721", }, { trust: 0.1, url: "http://www.vmware.com/security", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-2097", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004722", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004727", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004821", }, { trust: 0.1, url: "http://download3.vmware.com/software/esx/esx-2.5.5-90521-upgrade.tar.gz", }, { trust: 0.1, url: "http://www.vmware.com/download/ws/", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004637", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0888", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004821.tgz", }, { trust: 0.1, url: "http://vmware.com/support/esx25/doc/esx-255-200805-patch.html", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004721.tgz", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5671", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0553", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1005073", }, { trust: 0.1, url: "http://www.vmware.com/support/policies/eos.html", }, { trust: 0.1, url: "http://www.vmware.com/download/server/", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004186", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004186.tgz", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004723.tgz", }, { trust: 0.1, url: "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2097", }, { trust: 0.1, url: "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce", }, { trust: 0.1, url: "http://download3.vmware.com/software/esx/esx350-200805508-sg.zip", }, { trust: 0.1, url: "http://download3.vmware.com/software/esx/esx350-200805505-sg.zip", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2006-1721", }, { trust: 0.1, url: "http://www.vmware.com/support/player/doc/releasenotes_player.html", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004173", }, { trust: 0.1, url: "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", }, { trust: 0.1, url: "http://www.vmware.com/download/ws/ws5.html", }, { trust: 0.1, url: "http://www.vmware.com/download/fusion/", }, { trust: 0.1, url: "http://download3.vmware.com/software/esx/esx-2.5.4-90520-upgrade.tar.gz", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2007-4772", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004643", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1721", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0948", }, { trust: 0.1, url: "http://www.vmware.com/support/policies/security_response.html", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004216.tgz", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004728", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004728.tgz", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004189.tgz", }, { trust: 0.1, url: "http://www.vmware.com/support/pubs/vix-api/vixapi-1.1.4-release-notes.html", }, { trust: 0.1, url: "http://www.vmware.com/download/ace/", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004190.tgz", }, { trust: 0.1, url: "http://download3.vmware.com/software/esx/esxe350-200805501-o-sg.zip", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-2100", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004216", }, { trust: 0.1, url: "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004190", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004726", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0888", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004640", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2100", }, { trust: 0.1, url: "http://download3.vmware.com/software/esx/esx350-200805506-sg.zip", }, { trust: 0.1, url: "http://download3.vmware.com/software/esx/esx350-200805504-sg.zip", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4772", }, { trust: 0.1, url: "http://download3.vmware.com/software/esx/esx350-200805507-sg.zip", }, { trust: 0.1, url: "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", }, { trust: 0.1, url: "http://vmware.com/support/esx25/doc/esx-254-200805-patch.html", }, { trust: 0.1, url: "http://bugs.gentoo.org.", }, { trust: 0.1, url: "http://creativecommons.org/licenses/by-sa/2.5", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5894", }, { trust: 0.1, url: "http://security.gentoo.org/glsa/glsa-200803-31.xml", }, { trust: 0.1, url: "http://security.gentoo.org/", }, ], sources: [ { db: "CERT/CC", id: "VU#895609", }, { db: "VULHUB", id: "VHN-30187", }, { db: "JVNDB", id: "JVNDB-2008-001186", }, { db: "PACKETSTORM", id: "64708", }, { db: "PACKETSTORM", id: "64730", }, { db: "PACKETSTORM", id: "64688", }, { db: "PACKETSTORM", id: "64729", }, { db: "PACKETSTORM", id: "64731", }, { db: "PACKETSTORM", id: "67011", }, { db: "PACKETSTORM", id: "64848", }, { db: "CNNVD", id: "CNNVD-200803-309", }, { db: "NVD", id: "CVE-2008-0062", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CERT/CC", id: "VU#895609", }, { db: "VULHUB", id: "VHN-30187", }, { db: "JVNDB", id: "JVNDB-2008-001186", }, { db: "PACKETSTORM", id: "64708", }, { db: "PACKETSTORM", id: "64730", }, { db: "PACKETSTORM", id: "64688", }, { db: "PACKETSTORM", id: "64729", }, { db: "PACKETSTORM", id: "64731", }, { db: "PACKETSTORM", id: "67011", }, { db: "PACKETSTORM", id: "64848", }, { db: "CNNVD", id: "CNNVD-200803-309", }, { db: "NVD", id: "CVE-2008-0062", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2008-03-19T00:00:00", db: "CERT/CC", id: "VU#895609", }, { date: "2008-03-19T00:00:00", db: "VULHUB", id: "VHN-30187", }, { date: "2008-04-03T00:00:00", db: "JVNDB", id: "JVNDB-2008-001186", }, { date: "2008-03-19T22:47:40", db: "PACKETSTORM", id: "64708", }, { date: "2008-03-19T23:37:11", db: "PACKETSTORM", id: "64730", }, { date: "2008-03-19T02:26:54", db: "PACKETSTORM", id: "64688", }, { date: "2008-03-19T23:35:04", db: "PACKETSTORM", id: "64729", }, { date: "2008-03-19T23:38:22", db: "PACKETSTORM", id: "64731", }, { date: "2008-06-05T01:56:09", db: "PACKETSTORM", id: "67011", }, { date: "2008-03-24T22:48:28", db: "PACKETSTORM", id: "64848", }, { date: "2008-03-19T00:00:00", db: "CNNVD", id: "CNNVD-200803-309", }, { date: "2008-03-19T10:44:00", db: "NVD", id: "CVE-2008-0062", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2011-07-22T00:00:00", db: "CERT/CC", id: "VU#895609", }, { date: "2018-10-15T00:00:00", db: "VULHUB", id: "VHN-30187", }, { date: "2024-02-28T07:01:00", db: "JVNDB", id: "JVNDB-2008-001186", }, { date: "2008-10-11T00:00:00", db: "CNNVD", id: "CNNVD-200803-309", }, { date: "2024-02-09T00:42:52.807000", db: "NVD", id: "CVE-2008-0062", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "64708", }, { db: "PACKETSTORM", id: "64688", }, { db: "CNNVD", id: "CNNVD-200803-309", }, ], trust: 0.8, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "MIT Kerberos krb4-enabled KDC contains multiple vulnerabilities", sources: [ { db: "CERT/CC", id: "VU#895609", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "digital error", sources: [ { db: "CNNVD", id: "CNNVD-200803-309", }, ], trust: 0.6, }, }
var-201408-0299
Vulnerability from variot
The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty continuation token at a certain point during a SPNEGO negotiation. MIT Kerberos 5 is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause a program to crash, resulting in denial-of-service conditions. Versions prior to Kerberos 5 1.12.2 are vulnerable.
CVE-2014-4343
An unauthenticated remote attacker with the ability to spoof packets
appearing to be from a GSSAPI acceptor can cause a double-free
condition in GSSAPI initiators (clients) which are using the SPNEGO
mechanism, by returning a different underlying mechanism than was
proposed by the initiator.
For the stable distribution (wheezy), these problems have been fixed in version 1.10.1+dfsg-5+deb7u2.
For the unstable distribution (sid), these problems have been fixed in version 1.12.1+dfsg-7. ========================================================================== Ubuntu Security Notice USN-2310-1 August 11, 2014
krb5 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in Kerberos. This issue only affected Ubuntu 12.04 LTS. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2014-4344)
Tomas Kuthan and Greg Hudson discovered that the Kerberos kadmind daemon incorrectly handled buffers when used with the LDAP backend. (CVE-2014-4345)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: krb5-admin-server 1.12+dfsg-2ubuntu4.2 krb5-kdc 1.12+dfsg-2ubuntu4.2 krb5-kdc-ldap 1.12+dfsg-2ubuntu4.2 krb5-otp 1.12+dfsg-2ubuntu4.2 krb5-pkinit 1.12+dfsg-2ubuntu4.2 krb5-user 1.12+dfsg-2ubuntu4.2 libgssapi-krb5-2 1.12+dfsg-2ubuntu4.2 libgssrpc4 1.12+dfsg-2ubuntu4.2 libk5crypto3 1.12+dfsg-2ubuntu4.2 libkadm5clnt-mit9 1.12+dfsg-2ubuntu4.2 libkadm5srv-mit9 1.12+dfsg-2ubuntu4.2 libkdb5-7 1.12+dfsg-2ubuntu4.2 libkrad0 1.12+dfsg-2ubuntu4.2 libkrb5-3 1.12+dfsg-2ubuntu4.2 libkrb5support0 1.12+dfsg-2ubuntu4.2
Ubuntu 12.04 LTS: krb5-admin-server 1.10+dfsg~beta1-2ubuntu0.5 krb5-kdc 1.10+dfsg~beta1-2ubuntu0.5 krb5-kdc-ldap 1.10+dfsg~beta1-2ubuntu0.5 krb5-pkinit 1.10+dfsg~beta1-2ubuntu0.5 krb5-user 1.10+dfsg~beta1-2ubuntu0.5 libgssapi-krb5-2 1.10+dfsg~beta1-2ubuntu0.5 libgssrpc4 1.10+dfsg~beta1-2ubuntu0.5 libk5crypto3 1.10+dfsg~beta1-2ubuntu0.5 libkadm5clnt-mit8 1.10+dfsg~beta1-2ubuntu0.5 libkadm5srv-mit8 1.10+dfsg~beta1-2ubuntu0.5 libkdb5-6 1.10+dfsg~beta1-2ubuntu0.5 libkrb5-3 1.10+dfsg~beta1-2ubuntu0.5 libkrb5support0 1.10+dfsg~beta1-2ubuntu0.5
Ubuntu 10.04 LTS: krb5-admin-server 1.8.1+dfsg-2ubuntu0.13 krb5-kdc 1.8.1+dfsg-2ubuntu0.13 krb5-kdc-ldap 1.8.1+dfsg-2ubuntu0.13 krb5-pkinit 1.8.1+dfsg-2ubuntu0.13 krb5-user 1.8.1+dfsg-2ubuntu0.13 libgssapi-krb5-2 1.8.1+dfsg-2ubuntu0.13 libgssrpc4 1.8.1+dfsg-2ubuntu0.13 libk5crypto3 1.8.1+dfsg-2ubuntu0.13 libkadm5clnt-mit7 1.8.1+dfsg-2ubuntu0.13 libkadm5srv-mit7 1.8.1+dfsg-2ubuntu0.13 libkdb5-4 1.8.1+dfsg-2ubuntu0.13 libkrb5-3 1.8.1+dfsg-2ubuntu0.13 libkrb5support0 1.8.1+dfsg-2ubuntu0.13
In general, a standard system update will make all the necessary changes. The verification of md5 checksums and GPG signatures is performed automatically for you. (CVE-2014-4341)
This update also fixes the following bugs:
-
Prior to this update, the libkrb5 library occasionally attempted to free already freed memory when encrypting credentials. As a consequence, the calling process terminated unexpectedly with a segmentation fault. With this update, libkrb5 frees memory correctly, which allows the credentials to be encrypted appropriately and thus prevents the mentioned crash. (BZ#1004632)
-
Previously, when the krb5 client library was waiting for a response from a server, the timeout variable in certain cases became a negative number. Consequently, the client could enter a loop while checking for responses. With this update, the client logic has been modified and the described error no longer occurs. After installing the updated packages, the krb5kdc daemon will be restarted automatically. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: krb5 security, bug fix and enhancement update Advisory ID: RHSA-2015:0439-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0439.html Issue date: 2015-03-05 CVE Names: CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345 CVE-2014-5352 CVE-2014-5353 CVE-2014-9421 CVE-2014-9422 CVE-2014-9423 =====================================================================
- Summary:
Updated krb5 packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
Kerberos is a networked authentication system which allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos KDC.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application. (CVE-2014-4344)
A buffer overflow was found in the KADM5 administration server (kadmind) when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind. (CVE-2014-4345)
A use-after-free flaw was found in the way the MIT Kerberos libgssapi_krb5 library processed valid context deletion tokens. An attacker able to make an application using the GSS-API library (libgssapi) call the gss_process_context_token() function could use this flaw to crash that application. (CVE-2014-5352)
If kadmind were used with an LDAP back end for the KDC database, a remote, authenticated attacker with the permissions to set the password policy could crash kadmind by attempting to use a named ticket policy object as a password policy for a principal. (CVE-2014-5353)
A double-free flaw was found in the way MIT Kerberos handled invalid External Data Representation (XDR) data. An authenticated user could use this flaw to crash the MIT Kerberos administration server (kadmind), or other applications using Kerberos libraries, using specially crafted XDR packets. (CVE-2014-9421)
It was found that the MIT Kerberos administration server (kadmind) incorrectly accepted certain authentication requests for two-component server principal names. A remote attacker able to acquire a key with a particularly named principal (such as "kad/x") could use this flaw to impersonate any user to kadmind, and perform administrative actions as that user. (CVE-2014-9422)
An information disclosure flaw was found in the way MIT Kerberos RPCSEC_GSS implementation (libgssrpc) handled certain requests. An attacker could send a specially crafted request to an application using libgssrpc to disclose a limited portion of uninitialized memory used by that application. (CVE-2014-9423)
Two buffer over-read flaws were found in the way MIT Kerberos handled certain requests. A remote, unauthenticated attacker able to inject packets into a client or server application's GSSAPI session could use either of these flaws to crash the application. An attacker able to spoof packets to appear as though they are from an GSSAPI acceptor could use this flaw to crash a client application that uses MIT Kerberos. (CVE-2014-4343)
Red Hat would like to thank the MIT Kerberos project for reporting the CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, and CVE-2014-9423 issues. MIT Kerberos project acknowledges Nico Williams for helping with the analysis of CVE-2014-5352.
The krb5 packages have been upgraded to upstream version 1.12, which provides a number of bug fixes and enhancements, including:
-
Added plug-in interfaces for principal-to-username mapping and verifying authorization to user accounts.
-
When communicating with a KDC over a connected TCP or HTTPS socket, the client gives the KDC more time to reply before it transmits the request to another server. (BZ#1049709, BZ#1127995)
This update also fixes multiple bugs, for example:
- The Kerberos client library did not recognize certain exit statuses that the resolver libraries could return when looking up the addresses of servers configured in the /etc/krb5.conf file or locating Kerberos servers using DNS service location. The library could treat non-fatal return codes as fatal errors. Now, the library interprets the specific return codes correctly. (BZ#1084068, BZ#1109102)
In addition, this update adds various enhancements. Among others:
-
Added support for contacting KDCs and kpasswd servers through HTTPS proxies implementing the Kerberos KDC Proxy (KKDCP) protocol. (BZ#1109919)
-
Solution:
All krb5 users are advised to upgrade to these updated packages, which correct these issues and add these enhancements.
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1084068 - ipv6 address handling in krb5.conf 1102837 - Please backport improved GSSAPI mech configuration 1109102 - Kerberos does not handle incorrect Active Directory DNS SRV entries correctly 1109919 - Backport https support into libkrb5 1116180 - CVE-2014-4341 krb5: denial of service flaws when handling padding length longer than the plaintext 1118347 - ksu non-functional, gets invalid argument copying cred cache 1120581 - CVE-2014-4342 krb5: denial of service flaws when handling RFC 1964 tokens 1121789 - CVE-2014-4343: use-after-free crash in SPNEGO 1121876 - CVE-2014-4343 krb5: double-free flaw in SPNEGO initiators 1121877 - CVE-2014-4344 krb5: NULL pointer dereference flaw in SPNEGO acceptor for continuation tokens 1127995 - aggressive kinit timeout causes AS_REQ resent and subsequent OTP auth failure 1128157 - CVE-2014-4345 krb5: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001) 1166012 - libkadmclnt SONAME change (8 to 9) in krb5 1.12 update 1174543 - CVE-2014-5353 krb5: NULL pointer dereference when using a ticket policy name as a password policy name 1179856 - CVE-2014-5352 krb5: gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001) 1179857 - CVE-2014-9421 krb5: kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001) 1179861 - CVE-2014-9422 krb5: kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001) 1179863 - CVE-2014-9423 krb5: libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001) 1184629 - kinit loops on principals on unknown error
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: krb5-1.12.2-14.el7.src.rpm
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: krb5-1.12.2-14.el7.src.rpm
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: krb5-1.12.2-14.el7.src.rpm
ppc64: krb5-debuginfo-1.12.2-14.el7.ppc.rpm krb5-debuginfo-1.12.2-14.el7.ppc64.rpm krb5-devel-1.12.2-14.el7.ppc.rpm krb5-devel-1.12.2-14.el7.ppc64.rpm krb5-libs-1.12.2-14.el7.ppc.rpm krb5-libs-1.12.2-14.el7.ppc64.rpm krb5-pkinit-1.12.2-14.el7.ppc64.rpm krb5-server-1.12.2-14.el7.ppc64.rpm krb5-server-ldap-1.12.2-14.el7.ppc64.rpm krb5-workstation-1.12.2-14.el7.ppc64.rpm
s390x: krb5-debuginfo-1.12.2-14.el7.s390.rpm krb5-debuginfo-1.12.2-14.el7.s390x.rpm krb5-devel-1.12.2-14.el7.s390.rpm krb5-devel-1.12.2-14.el7.s390x.rpm krb5-libs-1.12.2-14.el7.s390.rpm krb5-libs-1.12.2-14.el7.s390x.rpm krb5-pkinit-1.12.2-14.el7.s390x.rpm krb5-server-1.12.2-14.el7.s390x.rpm krb5-server-ldap-1.12.2-14.el7.s390x.rpm krb5-workstation-1.12.2-14.el7.s390x.rpm
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: krb5-1.12.2-14.el7.src.rpm
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-4341 https://access.redhat.com/security/cve/CVE-2014-4342 https://access.redhat.com/security/cve/CVE-2014-4343 https://access.redhat.com/security/cve/CVE-2014-4344 https://access.redhat.com/security/cve/CVE-2014-4345 https://access.redhat.com/security/cve/CVE-2014-5352 https://access.redhat.com/security/cve/CVE-2014-5353 https://access.redhat.com/security/cve/CVE-2014-9421 https://access.redhat.com/security/cve/CVE-2014-9422 https://access.redhat.com/security/cve/CVE-2014-9423 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFU+GoxXlSAg2UNWIIRAtkZAJ9PYyHLsR1t+YWgqw4jb4XTtX8iuACgkxfi gZD8EL2lSaLXnIQxca8zLTg= =aK0y -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 6) - i386, x86_64
It was found that if a KDC served multiple realms, certain requests could cause the setup_server_realm() function to dereference a NULL pointer. (CVE-2014-4343)
These updated krb5 packages also include several bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.6 Technical Notes, linked to in the References section, for information on the most significant of these changes
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201408-0299", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "linux", scope: "eq", trust: 1.6, vendor: "debian", version: "7.0", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.10.1", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11.3", }, { model: "enterprise linux server", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.10", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11.4", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.10.2", }, { model: "enterprise linux workstation", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11.1", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.12", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11.2", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.10.3", }, { model: "enterprise linux hpc node", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.12.1", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11.5", }, { model: "enterprise linux desktop", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.10.4", }, { model: "kerberos", scope: "lt", trust: 0.8, vendor: "mit kerberos", version: "1.5.x from 1.12.x", }, { model: "kerberos", scope: "eq", trust: 0.8, vendor: "mit kerberos", version: "5 1.12.2", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.3.4", }, { model: "big-ip apm hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "aura session manager sp2", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "aura messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "aura collaboration environment", scope: "eq", trust: 0.3, vendor: "avaya", version: "3.0", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "1.0", }, { model: "enterprise linux hpc node optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "big-ip edge gateway hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "linux arm", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.11.4", }, { model: "big-ip apm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2.1", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.0.13", }, { model: "aura presence services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6", }, { model: "linux ia-64", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "centos", scope: "eq", trust: 0.3, vendor: "centos", version: "5", }, { model: "proactive contact", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.0", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "6.2", }, { model: "ip office application server", scope: "eq", trust: 0.3, vendor: "avaya", version: "8.1", }, { model: "communication server 1000m signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.6", }, { model: "enterprise linux server", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.3.8.3", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3.1", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2", }, { model: "communication server 1000m", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.6", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.2", }, { model: "big-ip apm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "iq", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.1.1", }, { model: "communication server 1000e", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.6", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.1.8", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.3.2", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.8.3", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.3.9.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.8", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.11.1", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.4", }, { model: "linux lts", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "10.04", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.2", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.1", }, { model: "one-x client enablement services sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3.3", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.1", }, { model: "aura application server sip core pb19", scope: "eq", trust: 0.3, vendor: "avaya", version: "53002.0", }, { model: "aura session manager sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "aura communication manager utility services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.8.4", }, { model: "aura conferencing standard edition", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "enterprise linux workstation", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.2", }, { model: "business server", scope: "eq", trust: 0.3, vendor: "mandriva", version: "1x8664", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.9", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.11.3", }, { model: "aix", scope: "eq", trust: 0.3, vendor: "ibm", version: "5.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.8.1", }, { model: "big-ip apm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.0.10", }, { model: "enterprise linux desktop client", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "aura communication manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3", }, { model: "aura collaboration environment", scope: "eq", trust: 0.3, vendor: "avaya", version: "2.0", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "aura messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.1", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.1.0.9", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10.4", }, { model: "communication server 1000m", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "big-ip edge gateway hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "big-ip apm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.9.5", }, { model: "aura session manager sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "aura communication manager utility services sp", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.16.1.0.9.8", }, { model: "aura application server sip core", scope: "eq", trust: 0.3, vendor: "avaya", version: "53003.0", }, { model: "aura application server sip core pb25", scope: "eq", trust: 0.3, vendor: "avaya", version: "53002.0", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.0", }, { model: "iq", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.1", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.7", }, { model: "aura presence services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.3", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2.4", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.3.3", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "aura conferencing", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.2", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.5", }, { model: "aura communication manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "one-x client enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.1", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10.2", }, { model: "big-ip edge gateway hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.1.1", }, { model: "communication server 1000m signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "communication server 1000e signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "ip office server edition", scope: "eq", trust: 0.3, vendor: "avaya", version: "9.0", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.5", }, { model: "aura messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.3", }, { model: "big-ip apm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.3", }, { model: "aura system manager sp3", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.0", }, { model: "aura messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.1", }, { model: "communication server 1000e", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "aura system platform sp3", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "aura communication manager utility services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.4.0.15", }, { model: "big-ip apm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "aura system platform sp2", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2.2", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.1", }, { model: "big-ip apm hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.0", }, { model: "aura conferencing", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.0", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "aura session manager sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.12", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.2", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "aura system platform sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.1", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3.1", }, { model: "business server", scope: "eq", trust: 0.3, vendor: "mandriva", version: "1", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.2", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.11.2", }, { model: "aura application server sip core pb3", scope: "eq", trust: 0.3, vendor: "avaya", version: "53003.0", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "big-ip apm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2.1", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.3", }, { model: "enterprise linux desktop optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.1", }, { model: "cms r17", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "aura communication manager utility services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10.3", }, { model: "proactive contact", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.1", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "7", }, { model: "linux lts", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "14.04", }, { model: "aura application server sip core pb26", scope: "eq", trust: 0.3, vendor: "avaya", version: "53002.0", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.2.4", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.4", }, { model: "big-ip apm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "aura application server sip core pb28", scope: "eq", trust: 0.3, vendor: "avaya", version: "53002.0", }, { model: "aura application server sip core", scope: "eq", trust: 0.3, vendor: "avaya", version: "53002.0", }, { model: "enterprise linux hpc node", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "aura communication manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.1", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "1.1", }, { model: "big-ip edge gateway hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.8.2", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.2.0", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "10.1", }, { model: "meeting exchange", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "ip office application server", scope: "eq", trust: 0.3, vendor: "avaya", version: "8.0", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.1", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.3.0.3", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.0.12", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.2.5", }, { model: "aura communication manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "communication server 1000e signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.5", }, { model: "aura communication manager utility services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.0.9.8", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.1.1", }, { model: "enterprise linux server", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "aix", scope: "eq", trust: 0.3, vendor: "ibm", version: "7.1", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3", }, { model: "aura application server sip core pb16", scope: "eq", trust: 0.3, vendor: "avaya", version: "53002.0", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.12.1", }, { model: "aura communication manager utility services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.0", }, { model: "linux ia-32", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux mips", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux lts", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "12.04", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.4", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2.4", }, { model: "aura messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "kerberos", scope: "ne", trust: 0.3, vendor: "mit", version: "51.12.2", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.1", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "big-ip edge gateway hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.2", }, { model: "ip office application server", scope: "eq", trust: 0.3, vendor: "avaya", version: "9.0", }, { model: "aura system manager sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3.3", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.4", }, { model: "iq", scope: "eq", trust: 0.3, vendor: "avaya", version: "5", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2", }, { model: "aura conferencing", scope: "eq", trust: 0.3, vendor: "avaya", version: "8.0", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.7.1", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1", }, { model: "aura system manager sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "aura communication manager utility services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.5.0.15", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.2", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "communication server 1000m", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10.1", }, { model: "linux s/390", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.14", }, { model: "communication server 1000m signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.0", }, { model: "communication server 1000e signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.6", }, { model: "communication server 1000e signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.0", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "aura communication manager utility services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "enterprise linux desktop workstation client", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "aura messaging sp4", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.3.0", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10.6", }, { model: "communication server 1000e", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.7.2", }, { model: "big-ip edge gateway hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "aix", scope: "eq", trust: 0.3, vendor: "ibm", version: "6.1", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.3", }, { model: "iq", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.1", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.1", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.1.0", }, { model: "aura application server sip core pb23", scope: "eq", trust: 0.3, vendor: "avaya", version: "53002.0", }, { model: "aura system manager sp2", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.1.3", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.7", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.1", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.2", }, { model: "aura messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2", }, { model: "meeting exchange", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "communication server 1000m signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.5", }, { model: "aura session manager sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.10.7", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.0.11", }, { model: "message networking", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.0", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.3", }, { model: "big-ip edge gateway hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "aura session manager sp2", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3.4", }, { model: "enterprise linux desktop", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "aura application server sip core", scope: "eq", trust: 0.3, vendor: "avaya", version: "53002.1", }, { model: "one-x client enablement services sp2", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "communication server 1000e", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.5", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.5", }, { model: "ip office server edition", scope: "eq", trust: 0.3, vendor: "avaya", version: "8.1", }, { model: "vios", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.2.1.9", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.3", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.0", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3.2", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "one-x client enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.2", }, { model: "communication server 1000m", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.7", }, { model: "aura application server sip core pb5", scope: "eq", trust: 0.3, vendor: "avaya", version: "53003.0", }, ], sources: [ { db: "BID", id: "69160", }, { db: "JVNDB", id: "JVNDB-2014-003819", }, { db: "NVD", id: "CVE-2014-4344", }, { db: "CNNVD", id: "CNNVD-201408-252", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2014-4344", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The vendor reported this issue.", sources: [ { db: "BID", id: "69160", }, ], trust: 0.3, }, cve: "CVE-2014-4344", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", exploitabilityScore: 10, impactScore: 6.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Complete", baseScore: 7.8, confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2014-4344", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2014-4344", trust: 1.8, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201408-252", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2014-003819", }, { db: "NVD", id: "CVE-2014-4344", }, { db: "CNNVD", id: "CNNVD-201408-252", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty continuation token at a certain point during a SPNEGO negotiation. MIT Kerberos 5 is prone to a remote denial-of-service vulnerability. \nAttackers can exploit this issue to cause a program to crash, resulting in denial-of-service conditions. \nVersions prior to Kerberos 5 1.12.2 are vulnerable. \n\nCVE-2014-4343\n\n An unauthenticated remote attacker with the ability to spoof packets\n appearing to be from a GSSAPI acceptor can cause a double-free\n condition in GSSAPI initiators (clients) which are using the SPNEGO\n mechanism, by returning a different underlying mechanism than was\n proposed by the initiator. \n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 1.10.1+dfsg-5+deb7u2. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.12.1+dfsg-7. ==========================================================================\nUbuntu Security Notice USN-2310-1\nAugust 11, 2014\n\nkrb5 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Kerberos. This issue only affected Ubuntu\n12.04 LTS. This\nissue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. This issue only affected\nUbuntu 10.04 LTS and Ubuntu 12.04 LTS. \nThis issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. \n(CVE-2014-4344)\n\nTomas Kuthan and Greg Hudson discovered that the Kerberos kadmind daemon\nincorrectly handled buffers when used with the LDAP backend. (CVE-2014-4345)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n krb5-admin-server 1.12+dfsg-2ubuntu4.2\n krb5-kdc 1.12+dfsg-2ubuntu4.2\n krb5-kdc-ldap 1.12+dfsg-2ubuntu4.2\n krb5-otp 1.12+dfsg-2ubuntu4.2\n krb5-pkinit 1.12+dfsg-2ubuntu4.2\n krb5-user 1.12+dfsg-2ubuntu4.2\n libgssapi-krb5-2 1.12+dfsg-2ubuntu4.2\n libgssrpc4 1.12+dfsg-2ubuntu4.2\n libk5crypto3 1.12+dfsg-2ubuntu4.2\n libkadm5clnt-mit9 1.12+dfsg-2ubuntu4.2\n libkadm5srv-mit9 1.12+dfsg-2ubuntu4.2\n libkdb5-7 1.12+dfsg-2ubuntu4.2\n libkrad0 1.12+dfsg-2ubuntu4.2\n libkrb5-3 1.12+dfsg-2ubuntu4.2\n libkrb5support0 1.12+dfsg-2ubuntu4.2\n\nUbuntu 12.04 LTS:\n krb5-admin-server 1.10+dfsg~beta1-2ubuntu0.5\n krb5-kdc 1.10+dfsg~beta1-2ubuntu0.5\n krb5-kdc-ldap 1.10+dfsg~beta1-2ubuntu0.5\n krb5-pkinit 1.10+dfsg~beta1-2ubuntu0.5\n krb5-user 1.10+dfsg~beta1-2ubuntu0.5\n libgssapi-krb5-2 1.10+dfsg~beta1-2ubuntu0.5\n libgssrpc4 1.10+dfsg~beta1-2ubuntu0.5\n libk5crypto3 1.10+dfsg~beta1-2ubuntu0.5\n libkadm5clnt-mit8 1.10+dfsg~beta1-2ubuntu0.5\n libkadm5srv-mit8 1.10+dfsg~beta1-2ubuntu0.5\n libkdb5-6 1.10+dfsg~beta1-2ubuntu0.5\n libkrb5-3 1.10+dfsg~beta1-2ubuntu0.5\n libkrb5support0 1.10+dfsg~beta1-2ubuntu0.5\n\nUbuntu 10.04 LTS:\n krb5-admin-server 1.8.1+dfsg-2ubuntu0.13\n krb5-kdc 1.8.1+dfsg-2ubuntu0.13\n krb5-kdc-ldap 1.8.1+dfsg-2ubuntu0.13\n krb5-pkinit 1.8.1+dfsg-2ubuntu0.13\n krb5-user 1.8.1+dfsg-2ubuntu0.13\n libgssapi-krb5-2 1.8.1+dfsg-2ubuntu0.13\n libgssrpc4 1.8.1+dfsg-2ubuntu0.13\n libk5crypto3 1.8.1+dfsg-2ubuntu0.13\n libkadm5clnt-mit7 1.8.1+dfsg-2ubuntu0.13\n libkadm5srv-mit7 1.8.1+dfsg-2ubuntu0.13\n libkdb5-4 1.8.1+dfsg-2ubuntu0.13\n libkrb5-3 1.8.1+dfsg-2ubuntu0.13\n libkrb5support0 1.8.1+dfsg-2ubuntu0.13\n\nIn general, a standard system update will make all the necessary changes. The verification\n of md5 checksums and GPG signatures is performed automatically for you. (CVE-2014-4341)\n\nThis update also fixes the following bugs:\n\n* Prior to this update, the libkrb5 library occasionally attempted to free\nalready freed memory when encrypting credentials. As a consequence, the\ncalling process terminated unexpectedly with a segmentation fault. \nWith this update, libkrb5 frees memory correctly, which allows the\ncredentials to be encrypted appropriately and thus prevents the mentioned\ncrash. (BZ#1004632)\n\n* Previously, when the krb5 client library was waiting for a response from\na server, the timeout variable in certain cases became a negative number. \nConsequently, the client could enter a loop while checking for responses. \nWith this update, the client logic has been modified and the described\nerror no longer occurs. After installing the\nupdated packages, the krb5kdc daemon will be restarted automatically. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: krb5 security, bug fix and enhancement update\nAdvisory ID: RHSA-2015:0439-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-0439.html\nIssue date: 2015-03-05\nCVE Names: CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 \n CVE-2014-4344 CVE-2014-4345 CVE-2014-5352 \n CVE-2014-5353 CVE-2014-9421 CVE-2014-9422 \n CVE-2014-9423 \n=====================================================================\n\n1. Summary:\n\nUpdated krb5 packages that fix multiple security issues, several bugs, and\nadd various enhancements are now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\nKerberos is a networked authentication system which allows clients and\nservers to authenticate to each other with the help of a trusted third\nparty, the Kerberos KDC. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. A remote, unauthenticated attacker could\nuse this flaw to crash a GSSAPI-enabled server application. (CVE-2014-4344)\n\nA buffer overflow was found in the KADM5 administration server (kadmind)\nwhen it was used with an LDAP back end for the KDC database. A remote,\nauthenticated attacker could potentially use this flaw to execute arbitrary\ncode on the system running kadmind. (CVE-2014-4345)\n\nA use-after-free flaw was found in the way the MIT Kerberos libgssapi_krb5\nlibrary processed valid context deletion tokens. An attacker able to make\nan application using the GSS-API library (libgssapi) call the\ngss_process_context_token() function could use this flaw to crash that\napplication. (CVE-2014-5352)\n\nIf kadmind were used with an LDAP back end for the KDC database, a remote,\nauthenticated attacker with the permissions to set the password policy\ncould crash kadmind by attempting to use a named ticket policy object as a\npassword policy for a principal. (CVE-2014-5353)\n\nA double-free flaw was found in the way MIT Kerberos handled invalid\nExternal Data Representation (XDR) data. An authenticated user could use\nthis flaw to crash the MIT Kerberos administration server (kadmind), or\nother applications using Kerberos libraries, using specially crafted XDR\npackets. (CVE-2014-9421)\n\nIt was found that the MIT Kerberos administration server (kadmind)\nincorrectly accepted certain authentication requests for two-component\nserver principal names. A remote attacker able to acquire a key with a\nparticularly named principal (such as \"kad/x\") could use this flaw to\nimpersonate any user to kadmind, and perform administrative actions as that\nuser. (CVE-2014-9422)\n\nAn information disclosure flaw was found in the way MIT Kerberos RPCSEC_GSS\nimplementation (libgssrpc) handled certain requests. An attacker could send\na specially crafted request to an application using libgssrpc to disclose a\nlimited portion of uninitialized memory used by that application. \n(CVE-2014-9423)\n\nTwo buffer over-read flaws were found in the way MIT Kerberos handled\ncertain requests. A remote, unauthenticated attacker able to inject packets\ninto a client or server application's GSSAPI session could use either of\nthese flaws to crash the application. An\nattacker able to spoof packets to appear as though they are from an GSSAPI\nacceptor could use this flaw to crash a client application that uses MIT\nKerberos. (CVE-2014-4343)\n\nRed Hat would like to thank the MIT Kerberos project for reporting the\nCVE-2014-5352, CVE-2014-9421, CVE-2014-9422, and CVE-2014-9423 issues. MIT\nKerberos project acknowledges Nico Williams for helping with the analysis\nof CVE-2014-5352. \n\nThe krb5 packages have been upgraded to upstream version 1.12, which\nprovides a number of bug fixes and enhancements, including:\n\n* Added plug-in interfaces for principal-to-username mapping and verifying\nauthorization to user accounts. \n\n* When communicating with a KDC over a connected TCP or HTTPS socket, the\nclient gives the KDC more time to reply before it transmits the request to\nanother server. (BZ#1049709, BZ#1127995)\n\nThis update also fixes multiple bugs, for example:\n\n* The Kerberos client library did not recognize certain exit statuses that\nthe resolver libraries could return when looking up the addresses of\nservers configured in the /etc/krb5.conf file or locating Kerberos servers\nusing DNS service location. The library could treat non-fatal return codes\nas fatal errors. Now, the library interprets the specific return codes\ncorrectly. (BZ#1084068, BZ#1109102)\n\nIn addition, this update adds various enhancements. Among others:\n\n* Added support for contacting KDCs and kpasswd servers through HTTPS\nproxies implementing the Kerberos KDC Proxy (KKDCP) protocol. (BZ#1109919)\n\n4. Solution:\n\nAll krb5 users are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements. \n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1084068 - ipv6 address handling in krb5.conf\n1102837 - Please backport improved GSSAPI mech configuration\n1109102 - Kerberos does not handle incorrect Active Directory DNS SRV entries correctly\n1109919 - Backport https support into libkrb5\n1116180 - CVE-2014-4341 krb5: denial of service flaws when handling padding length longer than the plaintext\n1118347 - ksu non-functional, gets invalid argument copying cred cache\n1120581 - CVE-2014-4342 krb5: denial of service flaws when handling RFC 1964 tokens\n1121789 - CVE-2014-4343: use-after-free crash in SPNEGO\n1121876 - CVE-2014-4343 krb5: double-free flaw in SPNEGO initiators\n1121877 - CVE-2014-4344 krb5: NULL pointer dereference flaw in SPNEGO acceptor for continuation tokens\n1127995 - aggressive kinit timeout causes AS_REQ resent and subsequent OTP auth failure\n1128157 - CVE-2014-4345 krb5: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001)\n1166012 - libkadmclnt SONAME change (8 to 9) in krb5 1.12 update\n1174543 - CVE-2014-5353 krb5: NULL pointer dereference when using a ticket policy name as a password policy name\n1179856 - CVE-2014-5352 krb5: gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)\n1179857 - CVE-2014-9421 krb5: kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)\n1179861 - CVE-2014-9422 krb5: kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)\n1179863 - CVE-2014-9423 krb5: libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)\n1184629 - kinit loops on principals on unknown error\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nkrb5-1.12.2-14.el7.src.rpm\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-libs-1.12.2-14.el7.i686.rpm\nkrb5-libs-1.12.2-14.el7.x86_64.rpm\nkrb5-pkinit-1.12.2-14.el7.x86_64.rpm\nkrb5-workstation-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-devel-1.12.2-14.el7.i686.rpm\nkrb5-devel-1.12.2-14.el7.x86_64.rpm\nkrb5-server-1.12.2-14.el7.x86_64.rpm\nkrb5-server-ldap-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nkrb5-1.12.2-14.el7.src.rpm\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-libs-1.12.2-14.el7.i686.rpm\nkrb5-libs-1.12.2-14.el7.x86_64.rpm\nkrb5-pkinit-1.12.2-14.el7.x86_64.rpm\nkrb5-workstation-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-devel-1.12.2-14.el7.i686.rpm\nkrb5-devel-1.12.2-14.el7.x86_64.rpm\nkrb5-server-1.12.2-14.el7.x86_64.rpm\nkrb5-server-ldap-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nkrb5-1.12.2-14.el7.src.rpm\n\nppc64:\nkrb5-debuginfo-1.12.2-14.el7.ppc.rpm\nkrb5-debuginfo-1.12.2-14.el7.ppc64.rpm\nkrb5-devel-1.12.2-14.el7.ppc.rpm\nkrb5-devel-1.12.2-14.el7.ppc64.rpm\nkrb5-libs-1.12.2-14.el7.ppc.rpm\nkrb5-libs-1.12.2-14.el7.ppc64.rpm\nkrb5-pkinit-1.12.2-14.el7.ppc64.rpm\nkrb5-server-1.12.2-14.el7.ppc64.rpm\nkrb5-server-ldap-1.12.2-14.el7.ppc64.rpm\nkrb5-workstation-1.12.2-14.el7.ppc64.rpm\n\ns390x:\nkrb5-debuginfo-1.12.2-14.el7.s390.rpm\nkrb5-debuginfo-1.12.2-14.el7.s390x.rpm\nkrb5-devel-1.12.2-14.el7.s390.rpm\nkrb5-devel-1.12.2-14.el7.s390x.rpm\nkrb5-libs-1.12.2-14.el7.s390.rpm\nkrb5-libs-1.12.2-14.el7.s390x.rpm\nkrb5-pkinit-1.12.2-14.el7.s390x.rpm\nkrb5-server-1.12.2-14.el7.s390x.rpm\nkrb5-server-ldap-1.12.2-14.el7.s390x.rpm\nkrb5-workstation-1.12.2-14.el7.s390x.rpm\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-devel-1.12.2-14.el7.i686.rpm\nkrb5-devel-1.12.2-14.el7.x86_64.rpm\nkrb5-libs-1.12.2-14.el7.i686.rpm\nkrb5-libs-1.12.2-14.el7.x86_64.rpm\nkrb5-pkinit-1.12.2-14.el7.x86_64.rpm\nkrb5-server-1.12.2-14.el7.x86_64.rpm\nkrb5-server-ldap-1.12.2-14.el7.x86_64.rpm\nkrb5-workstation-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nkrb5-1.12.2-14.el7.src.rpm\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-devel-1.12.2-14.el7.i686.rpm\nkrb5-devel-1.12.2-14.el7.x86_64.rpm\nkrb5-libs-1.12.2-14.el7.i686.rpm\nkrb5-libs-1.12.2-14.el7.x86_64.rpm\nkrb5-pkinit-1.12.2-14.el7.x86_64.rpm\nkrb5-server-1.12.2-14.el7.x86_64.rpm\nkrb5-server-ldap-1.12.2-14.el7.x86_64.rpm\nkrb5-workstation-1.12.2-14.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-4341\nhttps://access.redhat.com/security/cve/CVE-2014-4342\nhttps://access.redhat.com/security/cve/CVE-2014-4343\nhttps://access.redhat.com/security/cve/CVE-2014-4344\nhttps://access.redhat.com/security/cve/CVE-2014-4345\nhttps://access.redhat.com/security/cve/CVE-2014-5352\nhttps://access.redhat.com/security/cve/CVE-2014-5353\nhttps://access.redhat.com/security/cve/CVE-2014-9421\nhttps://access.redhat.com/security/cve/CVE-2014-9422\nhttps://access.redhat.com/security/cve/CVE-2014-9423\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFU+GoxXlSAg2UNWIIRAtkZAJ9PYyHLsR1t+YWgqw4jb4XTtX8iuACgkxfi\ngZD8EL2lSaLXnIQxca8zLTg=\n=aK0y\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 6) - i386, x86_64\n\n3. \n\nIt was found that if a KDC served multiple realms, certain requests could\ncause the setup_server_realm() function to dereference a NULL pointer. (CVE-2014-4343)\n\nThese updated krb5 packages also include several bug fixes. Space precludes\ndocumenting all of these changes in this advisory. Users are directed to\nthe Red Hat Enterprise Linux 6.6 Technical Notes, linked to in the\nReferences section, for information on the most significant of these\nchanges", sources: [ { db: "NVD", id: "CVE-2014-4344", }, { db: "JVNDB", id: "JVNDB-2014-003819", }, { db: "BID", id: "69160", }, { db: "PACKETSTORM", id: "127813", }, { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "128077", }, { db: "PACKETSTORM", id: "128267", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, ], trust: 2.43, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2014-4344", trust: 3.3, }, { db: "BID", id: "69160", trust: 1.9, }, { db: "OSVDB", id: "109389", trust: 1.6, }, { db: "SECUNIA", id: "59102", trust: 1.6, }, { db: "SECUNIA", id: "61051", trust: 1.6, }, { db: "SECUNIA", id: "60448", trust: 1.6, }, { db: "SECUNIA", id: "60082", trust: 1.6, }, { db: "SECTRACK", id: "1030706", trust: 1.6, }, { db: "JVNDB", id: "JVNDB-2014-003819", trust: 0.8, }, { db: "CS-HELP", id: "SB2022060309", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-201408-252", trust: 0.6, }, { db: "PACKETSTORM", id: "127813", trust: 0.1, }, { db: "PACKETSTORM", id: "127825", trust: 0.1, }, { db: "PACKETSTORM", id: "128077", trust: 0.1, }, { db: "PACKETSTORM", id: "128267", trust: 0.1, }, { db: "PACKETSTORM", id: "130669", trust: 0.1, }, { db: "PACKETSTORM", id: "128660", trust: 0.1, }, ], sources: [ { db: "BID", id: "69160", }, { db: "JVNDB", id: "JVNDB-2014-003819", }, { db: "PACKETSTORM", id: "127813", }, { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "128077", }, { db: "PACKETSTORM", id: "128267", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, { db: "NVD", id: "CVE-2014-4344", }, { db: "CNNVD", id: "CNNVD-201408-252", }, ], }, id: "VAR-201408-0299", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.44448256, }, last_update_date: "2023-12-18T11:43:11.335000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Fix null deref in SPNEGO acceptor [CVE-2014-4344]", trust: 0.8, url: "https://github.com/krb5/krb5/commit/a7886f0ed1277c69142b14a2c6629175a6331edc", }, { title: "RHSA-2015:0439", trust: 0.8, url: "https://rhn.redhat.com/errata/rhsa-2015-0439.html", }, { title: "Ticket #7970 NULL dereference in SPNEGO acceptor for continuation tokens [CVE-2014-4344]", trust: 0.8, url: "http://krbdev.mit.edu/rt/ticket/display.html?id=7970", }, { title: "krb5-krb5-1.12.2-final", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51699", }, { title: "krb5-krb5-1.12.2-final", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51700", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2014-003819", }, { db: "CNNVD", id: "CNNVD-201408-252", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-476", trust: 1, }, { problemtype: "CWE-Other", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2014-003819", }, { db: "NVD", id: "CVE-2014-4344", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "http://advisories.mageia.org/mgasa-2014-0345.html", }, { trust: 1.7, url: "http://rhn.redhat.com/errata/rhsa-2015-0439.html", }, { trust: 1.6, url: "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", }, { trust: 1.6, url: "http://krbdev.mit.edu/rt/ticket/display.html?id=7970", }, { trust: 1.6, url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136360.html", }, { trust: 1.6, url: "http://secunia.com/advisories/59102", }, { trust: 1.6, url: "http://secunia.com/advisories/60082", }, { trust: 1.6, url: "http://secunia.com/advisories/60448", }, { trust: 1.6, url: "http://secunia.com/advisories/61051", }, { trust: 1.6, url: "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15561.html", }, { trust: 1.6, url: "http://www.debian.org/security/2014/dsa-3000", }, { trust: 1.6, url: "http://www.mandriva.com/security/advisories?name=mdvsa-2014:165", }, { trust: 1.6, url: "http://www.osvdb.org/109389", }, { trust: 1.6, url: "http://www.securityfocus.com/bid/69160", }, { trust: 1.6, url: "http://www.securitytracker.com/id/1030706", }, { trust: 1.6, url: "https://bugzilla.redhat.com/show_bug.cgi?id=1121877", }, { trust: 1.6, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95210", }, { trust: 1.6, url: "https://github.com/krb5/krb5/commit/524688ce87a15fc75f87efc8c039ba4c7d5c197b", }, { trust: 1.6, url: "https://github.com/krb5/krb5/commit/a7886f0ed1277c69142b14a2c6629175a6331edc", }, { trust: 0.9, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4344", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4344", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4341", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4344", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022060309", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4345", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4342", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4343", }, { trust: 0.3, url: "http://web.mit.edu/kerberos/www/", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2013-1418", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2013-6800", }, { trust: 0.3, url: "https://www.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.3, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.3, url: "https://bugzilla.redhat.com/):", }, { trust: 0.3, url: "https://access.redhat.com/articles/11258", }, { trust: 0.3, url: "https://access.redhat.com/security/updates/classification/#moderate", }, { trust: 0.2, url: "http://www.debian.org/security/", }, { trust: 0.2, url: "https://www.redhat.com/security/data/cve/cve-2013-6800.html", }, { trust: 0.2, url: "https://www.redhat.com/security/data/cve/cve-2013-1418.html", }, { trust: 0.2, url: "https://access.redhat.com/security/team/key/#package", }, { trust: 0.2, url: "https://www.redhat.com/security/data/cve/cve-2014-4341.html", }, { trust: 0.2, url: "https://www.redhat.com/security/data/cve/cve-2014-4344.html", }, { trust: 0.1, url: "http://www.debian.org/security/faq", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/krb5/1.8.1+dfsg-2ubuntu0.13", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/krb5/1.12+dfsg-2ubuntu4.2", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-1416", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/krb5/1.10+dfsg~beta1-2ubuntu0.5", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2012-1016", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-1415", }, { trust: 0.1, url: "http://www.ubuntu.com/usn/usn-2310-1", }, { trust: 0.1, url: "http://www.mandriva.com/en/support/security/", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4345", }, { trust: 0.1, url: "http://www.mandriva.com/en/support/security/advisories/", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4341", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4342", }, { trust: 0.1, url: "https://rhn.redhat.com/errata/rhsa-2014-1245.html", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4342", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4343", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-9421", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-5353", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-9423", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4341", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-5353", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-9422", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-9421", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4345", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-9423", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-5352", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-5352", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-9422", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4344", }, { trust: 0.1, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4345.html", }, { trust: 0.1, url: "https://rhn.redhat.com/errata/rhsa-2014-1389.html", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4343.html", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/6.6_technical_notes/krb5.html#rhsa-2014-1389", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4342.html", }, ], sources: [ { db: "BID", id: "69160", }, { db: "JVNDB", id: "JVNDB-2014-003819", }, { db: "PACKETSTORM", id: "127813", }, { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "128077", }, { db: "PACKETSTORM", id: "128267", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, { db: "NVD", id: "CVE-2014-4344", }, { db: "CNNVD", id: "CNNVD-201408-252", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "BID", id: "69160", }, { db: "JVNDB", id: "JVNDB-2014-003819", }, { db: "PACKETSTORM", id: "127813", }, { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "128077", }, { db: "PACKETSTORM", id: "128267", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, { db: "NVD", id: "CVE-2014-4344", }, { db: "CNNVD", id: "CNNVD-201408-252", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2014-07-22T00:00:00", db: "BID", id: "69160", }, { date: "2014-08-15T00:00:00", db: "JVNDB", id: "JVNDB-2014-003819", }, { date: "2014-08-11T13:33:00", db: "PACKETSTORM", id: "127813", }, { date: "2014-08-11T18:24:00", db: "PACKETSTORM", id: "127825", }, { date: "2014-09-02T20:17:38", db: "PACKETSTORM", id: "128077", }, { date: "2014-09-16T14:08:26", db: "PACKETSTORM", id: "128267", }, { date: "2015-03-05T21:51:51", db: "PACKETSTORM", id: "130669", }, { date: "2014-10-14T23:04:48", db: "PACKETSTORM", id: "128660", }, { date: "2014-08-14T05:01:49.943000", db: "NVD", id: "CVE-2014-4344", }, { date: "2014-08-15T00:00:00", db: "CNNVD", id: "CNNVD-201408-252", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2015-05-07T17:10:00", db: "BID", id: "69160", }, { date: "2015-06-08T00:00:00", db: "JVNDB", id: "JVNDB-2014-003819", }, { date: "2020-01-21T15:46:47.197000", db: "NVD", id: "CVE-2014-4344", }, { date: "2022-06-06T00:00:00", db: "CNNVD", id: "CNNVD-201408-252", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "128077", }, { db: "PACKETSTORM", id: "128267", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, { db: "CNNVD", id: "CNNVD-201408-252", }, ], trust: 1.1, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "MIT Kerberos 5 of lib/gssapi/spnego/spnego_mech.c of SPNEGO Asceptor's acc_ctx_cont Service disruption in functions (DoS) Vulnerabilities", sources: [ { db: "JVNDB", id: "JVNDB-2014-003819", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "code problem", sources: [ { db: "CNNVD", id: "CNNVD-201408-252", }, ], trust: 0.6, }, }
var-200712-0605
Vulnerability from variot
Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code. Vulnerabilities in the MIT Kerberos libgssrpc library may allow an attacker to cause a denial of service or potentially execute arbitrary code. This problem is probably caused by a typo in the source code.Details of this vulnerability are unknown. Kerberos是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等。MIT Kerberos 5(又名krb5)是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等. Kerberos的实现上存在多个内存破坏漏洞,远程攻击者可能利用这些漏洞导致服务程序崩溃. gssftp的ftpd是Kerberos加密的FTP服务器,可通过Kerberos 5认证。在ftpd.c的reply()函数中存在未初始化的指针: void reply(int n, char fmt, ...) { ... (1) int length, kerror; <---- declared length without initializer if (n) sprintf(in, \"\%d\%c\", n, cont_char); else in[0] = \'\'\0\'\'; strncat(in, buf, sizeof (in) - strlen(in) - 1); #ifdef KRB5_KRB4_COMPAT if (strcmp(auth_type, \"KERBEROS_V4\") == 0) { if (clevel == PROT_P) length = krb_mk_priv((unsigned char )in, (unsigned char )out, strlen(in), schedule, &kdata.session, &ctrl_addr, &his_addr); else length = krb_mk_safe((unsigned char )in, (unsigned char )out, strlen(in), &kdata.session, &ctrl_addr, &his_addr); if (length == -1) { syslog(LOG_ERR, \"krb_mk_\%s failed for KERBEROS_V4\", clevel == PROT_P ? \"priv\" : \"safe\"); fputs(in,stdout); } } else #endif / KRB5_KRB4_COMPAT / #ifdef GSSAPI / reply (based on level) / if (strcmp(auth_type, \"GSSAPI\") == 0) { gss_buffer_desc in_buf, out_buf; OM_uint32 maj_stat, min_stat; int conf_state; in_buf.value = in; in_buf.length = strlen(in); maj_stat = gss_seal(&min_stat, gcontext, clevel == PROT_P, / private / GSS_C_QOP_DEFAULT, &in_buf, &conf_state, &out_buf); if (maj_stat != GSS_S_COMPLETE) { #if 0 / Don\'\'t setup an infinite loop / / generally need to deal / secure_gss_error(maj_stat, min_stat, (clevel==PROT_P)? \"gss_seal ENC didn\'\'t complete\": \"gss_seal MIC didn\'\'t complete\"); #endif / 0 / } else if ((clevel == PROT_P) && !conf_state) { #if 0 / Don\'\'t setup an infinite loop / secure_error(\"GSSAPI didn\'\'t encrypt message\"); #endif / 0 / } else { memcpy(out, out_buf.value, length=out_buf.length); gss_release_buffer(&min_stat, &out_buf); } } #endif / GSSAPI / / Othe. These issues include a use-after-free vulnerability, an integer-overflow vulnerability, and two double-free vulnerabilities. It adopts a client/server structure, and both the client and the server can authenticate each other (that is, double verification), which can prevent eavesdropping and replay attack, etc. MIT Kerberos 5 (also known as krb5) is a set of network authentication protocols developed by the Massachusetts Institute of Technology (MIT). ), which can prevent eavesdropping, prevent replay attacks, etc. gssftp's ftpd is a Kerberos-encrypted FTP server that can pass Kerberos 5 authentication. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2008:069 http://www.mandriva.com/security/
Package : krb5 Date : March 19, 2008 Affected: 2007.1, 2008.0
Problem Description:
Multiple memory management flaws were found in the GSSAPI library used by Kerberos that could result in the use of already freed memory or an attempt to free already freed memory, possibly leading to a crash or allowing the execution of arbitrary code (CVE-2007-5901, CVE-2007-5971).
A flaw was discovered in how the Kerberos krb5kdc handled Kerberos v4 protocol packets.
This issue only affects krb5kdc when it has Kerberos v4 protocol compatibility enabled, which is a compiled-in default in all Kerberos versions that Mandriva Linux ships prior to Mandriva Linux 2008.0.
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt
Updated Packages:
Mandriva Linux 2007.1: 64c3f5c31177dcacc99b021ec6ed1271 2007.1/i586/ftp-client-krb5-1.5.2-6.6mdv2007.1.i586.rpm 11b4194bc9edba8c0951e44660ba9955 2007.1/i586/ftp-server-krb5-1.5.2-6.6mdv2007.1.i586.rpm 23794e6e0cb1d46a329c42a04f672c5f 2007.1/i586/krb5-server-1.5.2-6.6mdv2007.1.i586.rpm 0fbb29bd81c8452d937d30fbbda62242 2007.1/i586/krb5-workstation-1.5.2-6.6mdv2007.1.i586.rpm 8f4eea60bf4ea3bfc776f1c117ceb26d 2007.1/i586/libkrb53-1.5.2-6.6mdv2007.1.i586.rpm fd5b1da0a056d995011d2b1a692e4292 2007.1/i586/libkrb53-devel-1.5.2-6.6mdv2007.1.i586.rpm ca79ccbe3f286b9069f0ae028d9816f7 2007.1/i586/telnet-client-krb5-1.5.2-6.6mdv2007.1.i586.rpm 8a7c84f1fe1bbb5338723f28d12a9f21 2007.1/i586/telnet-server-krb5-1.5.2-6.6mdv2007.1.i586.rpm 22830790ad7715479b7d4fbecc6c1e7f 2007.1/SRPMS/krb5-1.5.2-6.6mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: fc02060b7c1da08c33952e6c14fb5627 2007.1/x86_64/ftp-client-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm 513fca34bdd1f2a5643a8e6adeb62e0e 2007.1/x86_64/ftp-server-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm 4f42d639753a885212e6d62bfe84a121 2007.1/x86_64/krb5-server-1.5.2-6.6mdv2007.1.x86_64.rpm 6b2ca028321fb08199be20a4aedef4a0 2007.1/x86_64/krb5-workstation-1.5.2-6.6mdv2007.1.x86_64.rpm 4d453dc2a579e74e29dfc052197fedc1 2007.1/x86_64/lib64krb53-1.5.2-6.6mdv2007.1.x86_64.rpm b22d9f1b515df1a5270d2d4c373b7dd3 2007.1/x86_64/lib64krb53-devel-1.5.2-6.6mdv2007.1.x86_64.rpm 21b245649de9e38e43782bd1a18922a7 2007.1/x86_64/telnet-client-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm 1322374ab1c15b5c1392ee4ae5f915e7 2007.1/x86_64/telnet-server-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm 22830790ad7715479b7d4fbecc6c1e7f 2007.1/SRPMS/krb5-1.5.2-6.6mdv2007.1.src.rpm
Mandriva Linux 2008.0: 3ee5a309927b830bf8559a872161384b 2008.0/i586/ftp-client-krb5-1.6.2-7.1mdv2008.0.i586.rpm 1835baa43ab27aac2493dc7821bafa8a 2008.0/i586/ftp-server-krb5-1.6.2-7.1mdv2008.0.i586.rpm 5e8369c201ac4678a7bc46590107e45f 2008.0/i586/krb5-1.6.2-7.1mdv2008.0.i586.rpm 94277e76faf2b75553c2e6250e428a43 2008.0/i586/krb5-server-1.6.2-7.1mdv2008.0.i586.rpm 695d5b85347b906401433fa55177be1a 2008.0/i586/krb5-workstation-1.6.2-7.1mdv2008.0.i586.rpm 4696cbae0ce644c265b74ff4ce59a865 2008.0/i586/libkrb53-1.6.2-7.1mdv2008.0.i586.rpm cc8122a1c6a3449fc41d3022bbdffeb2 2008.0/i586/libkrb53-devel-1.6.2-7.1mdv2008.0.i586.rpm d5e75835b35e81a3f7d038e501dabd1c 2008.0/i586/telnet-client-krb5-1.6.2-7.1mdv2008.0.i586.rpm 072b5ba782fbd1659ed8bde15bd11b5a 2008.0/i586/telnet-server-krb5-1.6.2-7.1mdv2008.0.i586.rpm cfd133fde8cc72b038ea61dc94405701 2008.0/SRPMS/krb5-1.6.2-7.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 7a8c1c390b1d1a0b2a8fe28e8fb6a458 2008.0/x86_64/ftp-client-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm 9b312bd49bd858d00d00ec299866a275 2008.0/x86_64/ftp-server-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm 19f7d0590227c4cc636ee5528db8027a 2008.0/x86_64/krb5-1.6.2-7.1mdv2008.0.x86_64.rpm 6a84bc19cb8e32f7331ce4c1ed36dc9d 2008.0/x86_64/krb5-server-1.6.2-7.1mdv2008.0.x86_64.rpm dabaf97b9b36316dc2b69e9edc953793 2008.0/x86_64/krb5-workstation-1.6.2-7.1mdv2008.0.x86_64.rpm 2810bbed78b7480ff48b021a798cb5a1 2008.0/x86_64/lib64krb53-1.6.2-7.1mdv2008.0.x86_64.rpm 734b018e6b05204767d07a7d53ef2c3c 2008.0/x86_64/lib64krb53-devel-1.6.2-7.1mdv2008.0.x86_64.rpm 787fb5ea70eff84b91eea5d68c1e956d 2008.0/x86_64/telnet-client-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm d6224c005bc7c818c117e3fc61643840 2008.0/x86_64/telnet-server-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm cfd133fde8cc72b038ea61dc94405701 2008.0/SRPMS/krb5-1.6.2-7.1mdv2008.0.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (GNU/Linux)
iD8DBQFH4WG/mqjQ0CJFipgRAom/AKDt3NL//QdT6Aw4zm4Ok/TlQjpNLQCeJ2qJ Hsy0RD3h2ilxoUTodKz7J5k= =y37y -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it.
Background
MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. kadmind is the MIT Kerberos 5 administration daemon, KDC is the Key Distribution Center.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-crypt/mit-krb5 < 1.6.3-r1 >= 1.6.3-r1
Description
-
Two vulnerabilities were found in the Kerberos 4 support in KDC: A global variable is not set for some incoming message types, leading to a NULL pointer dereference or a double free() (CVE-2008-0062) and unused portions of a buffer are not properly cleared when generating an error message, which results in stack content being contained in a reply (CVE-2008-0063).
-
Jeff Altman (Secure Endpoints) discovered a buffer overflow in the RPC library server code, used in the kadmin server, caused when too many file descriptors are opened (CVE-2008-0947). These bugs can only be triggered when Kerberos 4 support is enabled.
Workaround
Kerberos 4 support can be disabled via disabling the "krb4" USE flag and recompiling the ebuild, or setting "v4_mode=none" in the [kdcdefaults] section of /etc/krb5/kdc.conf. This will only work around the KDC related vulnerabilities.
Resolution
All MIT Kerberos 5 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-crypt/mit-krb5-1.6.3-r1"
References
[ 1 ] CVE-2007-5901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894 [ 2 ] CVE-2007-5971 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971 [ 3 ] CVE-2008-0062 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062 [ 4 ] CVE-2008-0063 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063 [ 5 ] CVE-2008-0947 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200803-31.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched.
1) The problem is that KDC uses a global variable for all incoming krb4 requests, but sets the variable only for certain requests.
2) An error exists in KDC when sending responses for krb4 requests. This can be exploited to disclose potentially sensitive stack memory via a specially crafted krb4 request.
Successful exploitation of the vulnerabilities requires that krb4 support is enabled in KDC (disabled by default in newer versions).
3) Two errors exist in the Kerberos RPC library when handling open file descriptors. This can be exploited to cause a memory corruption via an overly large number of RPC connections.
Successful exploitation of the vulnerability may allow execution of arbitrary code, but requires that the operating system allows an overly large number of opened file descriptors, and that "FD_SETSIZE" is not defined in the system headers for versions prior to 1.3.
Vulnerabilities #1 and #2 are reported in Kerberos 5 versions 1.6.3 and prior. Vulnerability #3 is reported in Kerberos 5 versions 1.2.2 through 1.3, and versions 1.4 through 1.6.3.
SOLUTION: Apply vendor patches. http://web.mit.edu/kerberos/advisories/2008-001-patch.txt http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2008-002.txt
PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor. 2) The vendor credits Jeff Altman of Secure Endpoints, and Red Hat Security Response Team.
ORIGINAL ADVISORY: http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2008-001.txt http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2008-002.txt
OTHER REFERENCES: US-CERT VU#895609: http://www.kb.cert.org/vuls/id/895609
US-CERT VU#374121: http://www.kb.cert.org/vuls/id/374121
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
Description
A uninitialized vulnerability (CVE-2007-5894)in function reply() in
ftpd.c. A dereferencing vulnerability(CVE-2007-5901) in gssapi lib in function gss_indicate_mechs(mi norStatus, mechSet) in g_initialize.c and a integer overflow vunerability(CVE-2007-5902) in rpc lib in function svcauth_gss_get_principal in svc_auth_gss.c.
Impact
Reading uninitialized variables can result in unpredictable behavior, crashes, or security holes. Dereferencing,integer overflow and double free may cause instability and potentially crash.
References
[ 1 ] CVE-2007-5894 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894 [ 2 ] CVE-2007-5901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901 [ 3 ] CVE-2007-5902 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5902 [ 4 ] CVE-2007-5971 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971 [ 5 ] CVE-2007-5972 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5972
III.CREDIT:
Venustech AD-LAB discovery this vuln. Thank to all Venustech AD-Lab
guys.
V.DISCLAIMS:
The information in this bulletin is provided "AS IS" without warranty of any kind. In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
Copyright 1996-2007 VENUSTECH. All Rights Reserved. Terms of use.
VENUSTECH Security Lab VENUSTECH INFORMATION TECHNOLOGY CO.,LTD(http://www.venustech.com.cn)
Security Trusted {Solution} Provider Service
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . =========================================================== Ubuntu Security Notice USN-924-1 April 07, 2010 krb5 vulnerabilities CVE-2007-5901, CVE-2007-5902, CVE-2007-5971, CVE-2007-5972, CVE-2010-0629 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 8.04 LTS: krb5-kdc 1.6.dfsg.3~beta1-2ubuntu1.4 libkrb53 1.6.dfsg.3~beta1-2ubuntu1.4
Ubuntu 8.10: krb5-kdc 1.6.dfsg.4~beta1-3ubuntu0.4
Ubuntu 9.04: krb5-kdc 1.6.dfsg.4~beta1-5ubuntu2.3 libkrb53 1.6.dfsg.4~beta1-5ubuntu2.3
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Sol Jerome discovered that the Kerberos kadmind service did not correctly free memory. (CVE-2010-0629)
It was discovered that Kerberos did not correctly free memory in the GSSAPI library. (Ubuntu 8.10 was not affected.) (CVE-2007-5901, CVE-2007-5971)
It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. (Only Ubuntu 8.04 LTS was affected.) (CVE-2007-5902, CVE-2007-5972)
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.diff.gz
Size/MD5: 1747579 857bc90fe202aacef9aa7ec1915912b0
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.dsc
Size/MD5: 1135 4cacf5667996472a34c29f5db3590a0a
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1.orig.tar.gz
Size/MD5: 14672599 7a36c3471aa31ffd01d5a020f9d82dff
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.3~beta1-2ubuntu1.4_all.deb
Size/MD5: 2121560 319ec346ce4f7acfcd3f535276b2e7e9
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 140892 372ce44cc13bfcea71652553d16ab0f6
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 162164 6b37b079fa1b8fd1d512e8d5a268c6e3
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 1337522 23370d40c101659acb54bd203c263e3d
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 89344 02a61de3df97772e9a46ce5f960d392d
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 497374 89e647e9beec851c340774d758f6d68c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 88168 6f6c1a76b5fd3f579c26f5438fb04f69
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 230020 ff26ae7c13bedcd6335b36d335357f79
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 65660 6ad8023f8ec936b19046b04c95c948bc
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 186140 af7b0135284c9bffd16a6a03b2c36703
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 64960 abc799e9e887480fc993bdba504af466
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 91866 cfb606d8378283313f5009faa2dec564
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 73208 6ee86c16449e975666de4454ca001fb4
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 131262 a8beec1ae2763a39f4224e6457d79a68
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 146000 ea7aad15118b9e3df627d9e41f641c25
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 1289340 b3f36e7e2fb3fdba00a5af1153c4f407
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 89352 372324ef9477c4a6f3f9bc31ef297a57
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 460514 62959156fab7500c76d9f11ebae51d52
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 81706 fbbc1993212b37307d15fbac473a1568
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 201704 e920981af86ee031bcf12fdf0d58f044
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 60694 c1e8663d26f5090f64350e56967f1b4b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 173246 532692f310673efbd4329d0661811370
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 61726 78e20ba263aad29b73f92ce156ba12a7
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 84298 fe5eceddccc659692e8c95149da13dd9
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 66892 efb07a08a44037d73c7e98525dcbab56
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 131436 e9a07a3d73999fe64e97ec4f15754f00
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 143896 0885dad9ce7cfb900e80f664256ce3c7
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 1318388 8c5fee9fe04a1d4d5cd50e31066c592d
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 89348 f12babd06a10b951388d6618288b081d
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 455898 ceb7713ec70fe69de2e9e675f34162eb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 82168 603b21fbba3e4092e21e95f7fc79addb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 200914 066a5fa912c9a64a2a4f4de12326ded2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 60786 d11c67185932d0b746584e0406294a3e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 172640 2de487fc075709f917b2396a053d8bde
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 61574 394a1d2ee087fb9ed2d8bbdd6b54c1c2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 84204 1c7cccecf78f77db4073669da9f82ef7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 67206 ce64e680e6c213afea88440bb1d944b6
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 158748 c5daffac1ce8e89ee9002325f63ed078
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 159344 9fb7e6c72d4e07e06e704b127582204a
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 1335326 2e5bf6c9daec4169d467583f70b2652f
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 89362 edd451d9c7efb36480bd396347d33b47
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 482430 c4f6f3ee75b56c4fb436e0a55f008097
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 95278 554caab935dc3d35ed2297dff4b9cd21
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 245012 0a16b0e350544021fd2a3a8879d1372f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 68806 ea6d4ae9080e63be328418af216cf7fd
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 199412 9063aec6b15eab435032ac249f516a44
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 64060 a367b9c7a4afee60fe4b8e7e98eac1a4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 100238 e253160984af0fd0f914b453bf604b1d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 75518 7bfda8e39e560cb747ad8b78ceee7fa8
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 134486 d031b1b700640b4e254e9ba9950c0a9c
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 142010 d0fd459614fb1e4bb411b5ff1220e6a9
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 1213582 cd49f178b2202d58d3eb471a3c791e49
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 89356 8e603c181d789500185720f8e35da971
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 428108 356af6cc775d8bafe2a028c43a33b89c
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 83266 e87d03878c6db3b236edbe0616e1c839
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 211652 121558486b173d309bccbe304b8ec550
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 64092 69c588ea021fc09582f299ec80ce5ebf
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 173032 01fd0f15a60c39f2180c0290b8b4f015
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 58806 e21d86723683a97d0f9812d820b39da7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 87886 eef2eaa5c992cd9849f865c5b88de7aa
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 69614 8f28b615e8a75bb0a6e04da3131c39bb
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.diff.gz
Size/MD5: 858566 abe6f3bf8714b16dd084cd583b5aa350
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.dsc
Size/MD5: 1671 e03526558ccf9a954c92a3e257e66351
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz
Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-3ubuntu0.4_all.deb
Size/MD5: 2148728 a0785e0f46d4268e3906483b821241bb
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 146234 7c1e6b679b00982416953a085acb5f39
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 165978 0415c29a760df4dbf38e3b82e93aaf54
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 1474040 289fcb9189903998fe6adb217d111257
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 92554 db275139f0715242c7f339b0005f7f65
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 510612 ad1d674ce1ffc4f39dfc6d75d8c80282
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 92862 99ee34c7a17ce0cb980ba620cbc97e67
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 237266 eb87e828f93d628e7dab9de7a657566d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 68946 43644b68a2aa3219a07dcb85f7a45371
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 107696 5be51db685dc9d9536765a0771e52223
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 196660 e36a1e5bc9fd0b173bbd0fca05b79d0b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 67914 098fd941dbdb7c32ce12f983dbbd6ed9
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 94504 4bbe57034a98573f623870361380055d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 76670 6759a5aad2f5ba13b5b0354dc025aa0c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 136816 71232407545e52025735e7e630496f84
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 150618 e413fd35cb127f765870211bc25a47ec
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 1413034 f1f3fb8a55ee8ba77c9b6aac5ad9aff4
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 92570 98ed6b6053fff58ac3a600f4b51b7cd0
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 472690 7cf30b9521b99808b48879295b579d07
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 86424 76aefeea8bbaecc66933de53158503fe
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 213602 a6d796c92390bc1b9ff794ae4204f974
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 63886 8a7affbe90bd3c31e1bb360f4f93ce90
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 102054 15234247c475c7ac05549b3e0ac04e8a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 183124 34b361091e4883adf77658c04f431edb
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 64676 72cd11a2060ebd4524dfb4345d6ac3b0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 87766 bd091590f2ebf42a256b00c00ca08704
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 70558 37b76c195ee928457ddb7f859ee19b80
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 136772 173deb07bb07502e6d16adc880d27209
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 148130 beebf3d09c4c0f5b605a1719d87d3f62
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 1443468 4236ad375d51fe23404e21b1979103cf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 92538 c696e177873d8255183b7cc50576eb48
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 463248 680eff30a2fd36ab52900ad3b7d58192
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 86530 2d5c2d44148bcc30b1fc0862c26bbc88
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 206758 d08cdf41d7ee2bacd847639b5f5b8676
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 63948 c42df041a5ed4079b03fad6d1fd16a5d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 101826 1bfed64995fab3d278fd7e382be0f207
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 182666 c40bbef2b97460a08eb18a64767c9f8f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 64188 1421cd4073a447d334eea471a2dd548f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 86954 b9b8f522b5881cc111124d368dcc0d6f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 70346 f77d255277ff6ea8964c3992dded5118
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 157076 4501c9b76ba4cd09cce27ef2ce1a74ad
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 161396 9f6134a5f7e29859b46f41fa1f6c23a8
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 1472026 4f1e6fbc7c474bd9ddedce81c307e52f
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 92578 3b7a1d729048d6c66629e03a8230cb8b
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 492848 c791a13ad685af0293c3b8b0397adb25
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 96700 4980c34839066b9866eacb06fb385d23
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 245612 c4f47729971c422bdf47cbc86669999b
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 70360 4904070348252bd4bdd692d85af4249a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 110768 2c18038848b99c2f90b87a0c8af7a2e5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 202494 7c9671f7bdb178be8f1bbc8445ab00a9
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 66680 36a33a9765740aa2eab16419017562b0
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 98830 bfafb479fdc24c38cda9ab334c7c059e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 77096 ffc6213bd7623df1b396d14a72d4e830
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 140360 97dcf304de4a27ebac536e0092b7fc1b
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 144848 64545260134ceba4c1fa36bbb5dbb3e7
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 1332818 cfbeb843bc41b29bc39c9f472cc6f388
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 92562 18978f9e7ff1ce581359bffaa3183cae
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 433500 135cfb8e8a08c6086ee81a2401f5caea
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 87970 205855c848f241acd5262a11ca7bbc7a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 221618 1475ec81f68851111b85bb0bb0ab6fbf
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 67506 5742f0bd5b8775f8aa948f8fda02456b
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 100974 b9c4cb0e343eb63dbda925b29888186d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 182710 be662df46e52c604f0ef9aee39287bd4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 60936 d39a4e432ed22e23cc7342986b59cad2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 91922 62f5f68fe447a9e1367457ba4ac1033e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 72734 e3a771cb836f6fc6b40402befbdfdf20
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.diff.gz
Size/MD5: 884759 6834e06b9b7420e013639e5f0177dde7
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.dsc
Size/MD5: 1671 2df8fc05d522a39465b516106eb1c720
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz
Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5ubuntu2.3_all.deb
Size/MD5: 2149012 143718b601a3a99b8ebd05937ecaed25
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 146656 2d86ade2be3e079d940e8919217802e7
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 166316 faec7da08e9aa386f72e349c7408bf10
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 1479408 de4a5e28107e556683c959c1a0cfa819
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 93046 a88830b71b66d9071ecf9e43422c1d3e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 512336 6623911d29c86d0da61a57ac3f5443fa
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 93766 c1fe58d664c3021eb0f3b39a21f292f6
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 237514 15434edb948a81df6827c54e7cfc493a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 69208 f38a09c9ce73b663053b0c16e562d53e
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 108010 397c0979124621bde63b49d55df1951b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 198894 971764b78a61757018f675faaf8d13c2
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 68258 7abb3d320bbaac22e6d91c8ddf808ced
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 94832 c3b98b57230bdd7b7f6ebb83418b398f
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 76946 85b0519be431be8228d1b8930ca82032
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 137258 6722093f41aea33c126c60594e91aa89
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 150922 b01712adff6c2dd19bbb578691b55a82
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 1417102 87153ec02650a379e068d91412027243
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 93044 d29e99de8b3cd37a2f66411cb62f69e6
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 473744 d7f752135e4a924139b89e5873901aa1
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 87338 441b4cbdfcf76a714c81f88fc78d45f0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 213942 12b948c395cf70a2fea94cc8fc195228
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 64306 bab53b895c90f98f7964e66768e8e020
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 102364 0892484a20867e24c567a57fa9bdabbe
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 185436 c7716a56e5e00c6b34c37d619c3e2fd3
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 65034 673f5afa510e0b6c9718ca2b0b1d8634
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 88118 4d16b24b0c8de073394fcd16efbd471b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 70886 7c57638b2967e79f0b35ed27baca2c5c
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 137092 88eac351aa4c04cabeb5004ba0488a89
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 148518 5c4bcb387e8ceae4642e955c9073b936
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 1448176 04dc34d8d656fdd5cabfd522a2862fcb
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 93040 696bfd471bba2b1f3cb7d5c0538068d0
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 464142 11481d506c939a4595c5d235768692e5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 87422 41b6c7fb1aed7ddfd0732af69c393ee5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 207106 86e5df0b876d7a0fc53ff75dffcced9e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 64392 783c9e473eb37ca0368c9a52aa92d343
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 102218 548d6f447c103522fa6616dbea42e75a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 184990 325f5322d631683068bc6ddc6af35940
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 64550 b6b3f9ad2c07f8f7597c484fc14315be
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 87292 bcdb18ceb438927ab77150be9c4176f9
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 70680 eb8483a9164d278a76774413d9660ddb
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 157362 3603a529157befb84af0edad2c3bb7dc
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 161722 7ba5b2cd8023ffb44230d435aad75f4c
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 1476674 1db714f8b53e25bdc2301cdfa99551bf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 93054 82c6e84e63e5c5a561dfc55a5bbee018
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 494652 9251f6d55d90fbf9bb28ee930cef7aed
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 97626 05a2eef51dafed34f8689bde6d025d51
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 245924 2e85a1edc5ea735861525a91a37bcca6
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 70818 aa62de270b7d513cd8bd5831c63e4d20
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 111146 d4464357b86e371914cc23251c2c1780
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 204756 dd5364842f6604199e2d7698334771ff
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 67072 5144031c10eebd19c85b9bed8186b5a7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 99180 54eca3303b1097ee902e2ef84f0220e7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 77438 a18355513e1155b4dc997881878ce816
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 140558 5c0e1c57333b16f654ed94502e54d354
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 145012 bc16c76d7e202efb7f392185f9a34ecf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 1337686 00ce5bdd2e53fd6059205375458ba917
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 93054 29490c704727e89faf1079f1b517606e
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 434466 9047f19cc6730c592a0f9ac99abd31e4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 88702 55bf696f05f0d9b72b630d35422ed905
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 221790 bf2fb8e80cf389bee1a7b9edbcacb3d0
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 67822 4c2219ff77a59d8bcc8c78fb07e5b0e7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 101378 d7720e20362e7870e6d205a924b7e486
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 184808 7d8827058a213b3216c16cfe15d26bf1
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 61274 1b5b021b7e019641010877555e99058d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 92206 8baa9bba468967c26e6a2c87ffa8dfbb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 73024 607a1edca12d6130393158fc82b86b28
Show details on source website
{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200712-0605", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: null, scope: null, trust: 1.6, vendor: "mit kerberos team", version: null, }, { model: null, scope: null, trust: 1.6, vendor: "ubuntu", version: null, }, { model: "kerberos 5", scope: "lte", trust: 1, vendor: "mit", version: "1.6.3_kdc", }, { model: null, scope: null, trust: 0.8, vendor: "apple computer", version: null, }, { model: "kerberos", scope: "lte", trust: 0.8, vendor: "mit kerberos", version: "5 version 1.6.3 kdc", }, { model: "mac os x", scope: "eq", trust: 0.8, vendor: "apple", version: "v10.4.11", }, { model: "mac os x", scope: "eq", trust: 0.8, vendor: "apple", version: "v10.5.2", }, { model: "mac os x server", scope: "eq", trust: 0.8, vendor: "apple", version: "v10.4.11", }, { model: "mac os x server", scope: "eq", trust: 0.8, vendor: "apple", version: "v10.5.2", }, { model: "asianux server", scope: "eq", trust: 0.8, vendor: "cybertrust", version: "3 (x86)", }, { model: "asianux server", scope: "eq", trust: 0.8, vendor: "cybertrust", version: "3 (x86-64)", }, { model: "enterprise linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "5 (server)", }, { model: "enterprise linux desktop", scope: "eq", trust: 0.8, vendor: "red hat", version: "5.0 (client)", }, { model: "rhel desktop workstation", scope: "eq", trust: 0.8, vendor: "red hat", version: "5 (client)", }, { model: "mac os x", scope: "eq", trust: 0.6, vendor: "apple", version: "10.4.11", }, { model: "mac os x server", scope: "eq", trust: 0.6, vendor: "apple", version: "10.5.2", }, { model: "mac os x", scope: "eq", trust: 0.6, vendor: "apple", version: "10.5.2", }, { model: "mac os x server", scope: "eq", trust: 0.6, vendor: "apple", version: "10.4.11", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux lts sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "6.06", }, { model: "linux lts powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "6.06", }, { model: "linux lts i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "6.06", }, { model: "linux lts amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "6.06", }, { model: "linux enterprise server sp1", scope: "eq", trust: 0.3, vendor: "suse", version: "10", }, { model: "linux enterprise server", scope: "eq", trust: 0.3, vendor: "suse", version: "10", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "10.1x86-64", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "10.1x86", }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "10.1", }, { model: "opensuse", scope: "eq", trust: 0.3, vendor: "s u s e", version: "10.3", }, { model: "opensuse", scope: "eq", trust: 0.3, vendor: "s u s e", version: "10.2", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "rpath", version: "1", }, { model: "appliance platform linux service", scope: "eq", trust: 0.3, vendor: "rpath", version: "1", }, { model: "fedora", scope: "eq", trust: 0.3, vendor: "redhat", version: "7", }, { model: "enterprise linux ws", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux es", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux desktop workstation client", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "enterprise linux desktop client", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "enterprise linux as", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux server", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "desktop", scope: "eq", trust: 0.3, vendor: "redhat", version: "4.0", }, { model: "application server es", scope: "eq", trust: 0.3, vendor: "redhat", version: "3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.1", }, { model: "kerberos -alpha1", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.8", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.7", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.3", }, { model: "kerberos -beta1", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.1.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0.8", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0", }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2008.0", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2008.0", }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2007.1", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2007.1", }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2007.0", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2007.0", }, { model: "corporate server x86 64", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "4.0", }, { model: "corporate server", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "4.0", }, { model: "linux", scope: null, trust: 0.3, vendor: "gentoo", version: null, }, { model: "directory pro", scope: "eq", trust: 0.3, vendor: "cosmicperl", version: "10.0.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.11", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.10", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.9", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.8", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.7", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.9", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.8", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.7", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.8", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.7", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.11", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.10", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.9", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.8", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.6", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.9", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.8", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.6", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.8", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.6", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5", }, ], sources: [ { db: "CERT/CC", id: "VU#895609", }, { db: "CERT/CC", id: "VU#374121", }, { db: "BID", id: "26750", }, { db: "JVNDB", id: "JVNDB-2007-001143", }, { db: "CNNVD", id: "CNNVD-200712-059", }, { db: "NVD", id: "CVE-2007-5901", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.6.3_kdc", vulnerable: true, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2007-5901", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Venustech AD-LAB", sources: [ { db: "PACKETSTORM", id: "61598", }, { db: "CNNVD", id: "CNNVD-200712-059", }, ], trust: 0.7, }, cve: "CVE-2007-5901", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.4, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Local", authentication: "None", author: "NVD", availabilityImpact: "Complete", baseScore: 6.9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2007-5901", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.9, userInteractionRequired: null, vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.4, id: "VHN-29263", impactScore: 10, integrityImpact: "COMPLETE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:L/AC:M/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2007-5901", trust: 1.8, value: "MEDIUM", }, { author: "CARNEGIE MELLON", id: "VU#895609", trust: 0.8, value: "10.10", }, { author: "CARNEGIE MELLON", id: "VU#374121", trust: 0.8, value: "2.87", }, { author: "CNNVD", id: "CNNVD-200712-059", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-29263", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2007-5901", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CERT/CC", id: "VU#895609", }, { db: "CERT/CC", id: "VU#374121", }, { db: "VULHUB", id: "VHN-29263", }, { db: "VULMON", id: "CVE-2007-5901", }, { db: "JVNDB", id: "JVNDB-2007-001143", }, { db: "CNNVD", id: "CNNVD-200712-059", }, { db: "NVD", id: "CVE-2007-5901", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code. Vulnerabilities in the MIT Kerberos libgssrpc library may allow an attacker to cause a denial of service or potentially execute arbitrary code. This problem is probably caused by a typo in the source code.Details of this vulnerability are unknown. Kerberos是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等。MIT Kerberos 5(又名krb5)是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等. \nKerberos的实现上存在多个内存破坏漏洞,远程攻击者可能利用这些漏洞导致服务程序崩溃. \ngssftp的ftpd是Kerberos加密的FTP服务器,可通过Kerberos 5认证。在ftpd.c的reply()函数中存在未初始化的指针:\nvoid reply(int n, char *fmt, ...)\n{\n... \n(1) int length, kerror; <---- declared length without initializer\nif (n) sprintf(in, \\\"\\\\%d\\\\%c\\\", n, cont_char);\nelse in[0] = \\'\\'\0\\'\\';\nstrncat(in, buf, sizeof (in) - strlen(in) - 1);\n#ifdef KRB5_KRB4_COMPAT\nif (strcmp(auth_type, \\\"KERBEROS_V4\\\") == 0) {\nif (clevel == PROT_P)\nlength = krb_mk_priv((unsigned char\n*)in,\n(unsigned char\n*)out,\nstrlen(in),\nschedule,\n&kdata.session,\n&ctrl_addr,\n&his_addr);\nelse\nlength = krb_mk_safe((unsigned char\n*)in,\n(unsigned char\n*)out,\nstrlen(in),\n&kdata.session,\n&ctrl_addr,\n&his_addr);\nif (length == -1) {\nsyslog(LOG_ERR,\n\\\"krb_mk_\\\\%s failed for\nKERBEROS_V4\\\",\nclevel == PROT_P ? \\\"priv\\\" :\n\\\"safe\\\");\nfputs(in,stdout);\n}\n} else\n#endif /* KRB5_KRB4_COMPAT */\n#ifdef GSSAPI\n/* reply (based on level) */\nif (strcmp(auth_type, \\\"GSSAPI\\\") == 0) {\ngss_buffer_desc in_buf, out_buf;\nOM_uint32 maj_stat, min_stat;\nint conf_state;\nin_buf.value = in;\nin_buf.length = strlen(in);\nmaj_stat = gss_seal(&min_stat, gcontext,\nclevel == PROT_P, /*\nprivate */\nGSS_C_QOP_DEFAULT,\n&in_buf, &conf_state,\n&out_buf);\nif (maj_stat != GSS_S_COMPLETE) {\n#if 0\n/* Don\\'\\'t setup an infinite loop */\n/* generally need to deal */\nsecure_gss_error(maj_stat, min_stat,\n(clevel==PROT_P)?\n\\\"gss_seal ENC didn\\'\\'t\ncomplete\\\":\n\\\"gss_seal MIC didn\\'\\'t\ncomplete\\\");\n#endif /* 0 */\n} else if ((clevel == PROT_P) && !conf_state) {\n#if 0\n/* Don\\'\\'t setup an infinite loop */\nsecure_error(\\\"GSSAPI didn\\'\\'t encrypt\nmessage\\\");\n#endif /* 0 */\n} else {\nmemcpy(out, out_buf.value,\nlength=out_buf.length);\ngss_release_buffer(&min_stat,\n&out_buf);\n}\n}\n#endif /* GSSAPI */\n/* Othe. These issues include a use-after-free vulnerability, an integer-overflow vulnerability, and two double-free vulnerabilities. It adopts a client/server structure, and both the client and the server can authenticate each other (that is, double verification), which can prevent eavesdropping and replay attack, etc. MIT Kerberos 5 (also known as krb5) is a set of network authentication protocols developed by the Massachusetts Institute of Technology (MIT). ), which can prevent eavesdropping, prevent replay attacks, etc. gssftp's ftpd is a Kerberos-encrypted FTP server that can pass Kerberos 5 authentication. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n \n Mandriva Linux Security Advisory MDVSA-2008:069\n http://www.mandriva.com/security/\n _______________________________________________________________________\n \n Package : krb5\n Date : March 19, 2008\n Affected: 2007.1, 2008.0\n _______________________________________________________________________\n \n Problem Description:\n \n Multiple memory management flaws were found in the GSSAPI library\n used by Kerberos that could result in the use of already freed memory\n or an attempt to free already freed memory, possibly leading to a\n crash or allowing the execution of arbitrary code (CVE-2007-5901,\n CVE-2007-5971). \n \n A flaw was discovered in how the Kerberos krb5kdc handled Kerberos v4\n protocol packets. \n \n This issue only affects krb5kdc when it has Kerberos v4 protocol\n compatibility enabled, which is a compiled-in default in all\n Kerberos versions that Mandriva Linux ships prior to Mandriva\n Linux 2008.0. \n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947\n http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt\n http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.1:\n 64c3f5c31177dcacc99b021ec6ed1271 2007.1/i586/ftp-client-krb5-1.5.2-6.6mdv2007.1.i586.rpm\n 11b4194bc9edba8c0951e44660ba9955 2007.1/i586/ftp-server-krb5-1.5.2-6.6mdv2007.1.i586.rpm\n 23794e6e0cb1d46a329c42a04f672c5f 2007.1/i586/krb5-server-1.5.2-6.6mdv2007.1.i586.rpm\n 0fbb29bd81c8452d937d30fbbda62242 2007.1/i586/krb5-workstation-1.5.2-6.6mdv2007.1.i586.rpm\n 8f4eea60bf4ea3bfc776f1c117ceb26d 2007.1/i586/libkrb53-1.5.2-6.6mdv2007.1.i586.rpm\n fd5b1da0a056d995011d2b1a692e4292 2007.1/i586/libkrb53-devel-1.5.2-6.6mdv2007.1.i586.rpm\n ca79ccbe3f286b9069f0ae028d9816f7 2007.1/i586/telnet-client-krb5-1.5.2-6.6mdv2007.1.i586.rpm\n 8a7c84f1fe1bbb5338723f28d12a9f21 2007.1/i586/telnet-server-krb5-1.5.2-6.6mdv2007.1.i586.rpm \n 22830790ad7715479b7d4fbecc6c1e7f 2007.1/SRPMS/krb5-1.5.2-6.6mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n fc02060b7c1da08c33952e6c14fb5627 2007.1/x86_64/ftp-client-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm\n 513fca34bdd1f2a5643a8e6adeb62e0e 2007.1/x86_64/ftp-server-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm\n 4f42d639753a885212e6d62bfe84a121 2007.1/x86_64/krb5-server-1.5.2-6.6mdv2007.1.x86_64.rpm\n 6b2ca028321fb08199be20a4aedef4a0 2007.1/x86_64/krb5-workstation-1.5.2-6.6mdv2007.1.x86_64.rpm\n 4d453dc2a579e74e29dfc052197fedc1 2007.1/x86_64/lib64krb53-1.5.2-6.6mdv2007.1.x86_64.rpm\n b22d9f1b515df1a5270d2d4c373b7dd3 2007.1/x86_64/lib64krb53-devel-1.5.2-6.6mdv2007.1.x86_64.rpm\n 21b245649de9e38e43782bd1a18922a7 2007.1/x86_64/telnet-client-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm\n 1322374ab1c15b5c1392ee4ae5f915e7 2007.1/x86_64/telnet-server-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm \n 22830790ad7715479b7d4fbecc6c1e7f 2007.1/SRPMS/krb5-1.5.2-6.6mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n 3ee5a309927b830bf8559a872161384b 2008.0/i586/ftp-client-krb5-1.6.2-7.1mdv2008.0.i586.rpm\n 1835baa43ab27aac2493dc7821bafa8a 2008.0/i586/ftp-server-krb5-1.6.2-7.1mdv2008.0.i586.rpm\n 5e8369c201ac4678a7bc46590107e45f 2008.0/i586/krb5-1.6.2-7.1mdv2008.0.i586.rpm\n 94277e76faf2b75553c2e6250e428a43 2008.0/i586/krb5-server-1.6.2-7.1mdv2008.0.i586.rpm\n 695d5b85347b906401433fa55177be1a 2008.0/i586/krb5-workstation-1.6.2-7.1mdv2008.0.i586.rpm\n 4696cbae0ce644c265b74ff4ce59a865 2008.0/i586/libkrb53-1.6.2-7.1mdv2008.0.i586.rpm\n cc8122a1c6a3449fc41d3022bbdffeb2 2008.0/i586/libkrb53-devel-1.6.2-7.1mdv2008.0.i586.rpm\n d5e75835b35e81a3f7d038e501dabd1c 2008.0/i586/telnet-client-krb5-1.6.2-7.1mdv2008.0.i586.rpm\n 072b5ba782fbd1659ed8bde15bd11b5a 2008.0/i586/telnet-server-krb5-1.6.2-7.1mdv2008.0.i586.rpm \n cfd133fde8cc72b038ea61dc94405701 2008.0/SRPMS/krb5-1.6.2-7.1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 7a8c1c390b1d1a0b2a8fe28e8fb6a458 2008.0/x86_64/ftp-client-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm\n 9b312bd49bd858d00d00ec299866a275 2008.0/x86_64/ftp-server-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm\n 19f7d0590227c4cc636ee5528db8027a 2008.0/x86_64/krb5-1.6.2-7.1mdv2008.0.x86_64.rpm\n 6a84bc19cb8e32f7331ce4c1ed36dc9d 2008.0/x86_64/krb5-server-1.6.2-7.1mdv2008.0.x86_64.rpm\n dabaf97b9b36316dc2b69e9edc953793 2008.0/x86_64/krb5-workstation-1.6.2-7.1mdv2008.0.x86_64.rpm\n 2810bbed78b7480ff48b021a798cb5a1 2008.0/x86_64/lib64krb53-1.6.2-7.1mdv2008.0.x86_64.rpm\n 734b018e6b05204767d07a7d53ef2c3c 2008.0/x86_64/lib64krb53-devel-1.6.2-7.1mdv2008.0.x86_64.rpm\n 787fb5ea70eff84b91eea5d68c1e956d 2008.0/x86_64/telnet-client-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm\n d6224c005bc7c818c117e3fc61643840 2008.0/x86_64/telnet-server-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm \n cfd133fde8cc72b038ea61dc94405701 2008.0/SRPMS/krb5-1.6.2-7.1mdv2008.0.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n <security*mandriva.com>\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.8 (GNU/Linux)\n\niD8DBQFH4WG/mqjQ0CJFipgRAom/AKDt3NL//QdT6Aw4zm4Ok/TlQjpNLQCeJ2qJ\nHsy0RD3h2ilxoUTodKz7J5k=\n=y37y\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \n\nBackground\n==========\n\nMIT Kerberos 5 is a suite of applications that implement the Kerberos\nnetwork protocol. kadmind is the MIT Kerberos 5 administration daemon,\nKDC is the Key Distribution Center. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-crypt/mit-krb5 < 1.6.3-r1 >= 1.6.3-r1\n\nDescription\n===========\n\n* Two vulnerabilities were found in the Kerberos 4 support in KDC: A\n global variable is not set for some incoming message types, leading\n to a NULL pointer dereference or a double free() (CVE-2008-0062) and\n unused portions of a buffer are not properly cleared when generating\n an error message, which results in stack content being contained in a\n reply (CVE-2008-0063). \n\n* Jeff Altman (Secure Endpoints) discovered a buffer overflow in the\n RPC library server code, used in the kadmin server, caused when too\n many file descriptors are opened (CVE-2008-0947). These bugs can only be triggered when Kerberos 4 support is\nenabled. \n\nWorkaround\n==========\n\nKerberos 4 support can be disabled via disabling the \"krb4\" USE flag\nand recompiling the ebuild, or setting \"v4_mode=none\" in the\n[kdcdefaults] section of /etc/krb5/kdc.conf. This will only work around\nthe KDC related vulnerabilities. \n\nResolution\n==========\n\nAll MIT Kerberos 5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-crypt/mit-krb5-1.6.3-r1\"\n\nReferences\n==========\n\n [ 1 ] CVE-2007-5901\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894\n [ 2 ] CVE-2007-5971\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971\n [ 3 ] CVE-2008-0062\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062\n [ 4 ] CVE-2008-0063\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063\n [ 5 ] CVE-2008-0947\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200803-31.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2008 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nA new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI\nhas been released. The new version includes many new and advanced\nfeatures, which makes it even easier to stay patched. \n\n1) The problem is that KDC uses a global variable for all incoming\nkrb4 requests, but sets the variable only for certain requests. \n\n2) An error exists in KDC when sending responses for krb4 requests. \nThis can be exploited to disclose potentially sensitive stack memory\nvia a specially crafted krb4 request. \n\nSuccessful exploitation of the vulnerabilities requires that krb4\nsupport is enabled in KDC (disabled by default in newer versions). \n\n3) Two errors exist in the Kerberos RPC library when handling open\nfile descriptors. This can be exploited to cause a memory corruption\nvia an overly large number of RPC connections. \n\nSuccessful exploitation of the vulnerability may allow execution of\narbitrary code, but requires that the operating system allows an\noverly large number of opened file descriptors, and that \"FD_SETSIZE\"\nis not defined in the system headers for versions prior to 1.3. \n\nVulnerabilities #1 and #2 are reported in Kerberos 5 versions 1.6.3\nand prior. Vulnerability #3 is reported in Kerberos 5 versions 1.2.2\nthrough 1.3, and versions 1.4 through 1.6.3. \n\nSOLUTION:\nApply vendor patches. \nhttp://web.mit.edu/kerberos/advisories/2008-001-patch.txt\nhttp://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2008-002.txt\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Reported by the vendor. \n2) The vendor credits Jeff Altman of Secure Endpoints, and Red Hat\nSecurity Response Team. \n\nORIGINAL ADVISORY:\nhttp://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2008-001.txt\nhttp://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2008-002.txt\n\nOTHER REFERENCES:\nUS-CERT VU#895609:\nhttp://www.kb.cert.org/vuls/id/895609\n\nUS-CERT VU#374121:\nhttp://www.kb.cert.org/vuls/id/374121\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nDescription\n\n\tA uninitialized vulnerability (CVE-2007-5894)in function reply() in\nftpd.c. \n A dereferencing vulnerability(CVE-2007-5901) in gssapi lib in function\ngss_indicate_mechs(mi\nnorStatus, mechSet) in g_initialize.c and a integer overflow\nvunerability(CVE-2007-5902)\nin rpc lib in function svcauth_gss_get_principal in svc_auth_gss.c. \n\nImpact\n\nReading uninitialized variables can result in unpredictable behavior,\ncrashes, or security holes. \nDereferencing,integer overflow and double free may cause instability and\npotentially crash. \n\nReferences\n==========\n\n [ 1 ] CVE-2007-5894\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894\n [ 2 ] CVE-2007-5901\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901\n [ 3 ] CVE-2007-5902\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5902\n [ 4 ] CVE-2007-5971\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971\n [ 5 ] CVE-2007-5972\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5972\n\n\nIII.CREDIT:\n----------\n Venustech AD-LAB discovery this vuln. Thank to all Venustech AD-Lab\nguys. \n\nV.DISCLAIMS:\n-----------\n\nThe information in this bulletin is provided \"AS IS\" without warranty of\nany\nkind. In no event shall we be liable for any damages whatsoever\nincluding direct,\nindirect, incidental, consequential, loss of business profits or special\ndamages. \n\nCopyright 1996-2007 VENUSTECH. All Rights Reserved. Terms of use. \n\nVENUSTECH Security Lab\nVENUSTECH INFORMATION TECHNOLOGY CO.,LTD(http://www.venustech.com.cn)\n\nSecurity\nTrusted {Solution} Provider\nService\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ===========================================================\nUbuntu Security Notice USN-924-1 April 07, 2010\nkrb5 vulnerabilities\nCVE-2007-5901, CVE-2007-5902, CVE-2007-5971, CVE-2007-5972,\nCVE-2010-0629\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 8.04 LTS\nUbuntu 8.10\nUbuntu 9.04\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 8.04 LTS:\n krb5-kdc 1.6.dfsg.3~beta1-2ubuntu1.4\n libkrb53 1.6.dfsg.3~beta1-2ubuntu1.4\n\nUbuntu 8.10:\n krb5-kdc 1.6.dfsg.4~beta1-3ubuntu0.4\n\nUbuntu 9.04:\n krb5-kdc 1.6.dfsg.4~beta1-5ubuntu2.3\n libkrb53 1.6.dfsg.4~beta1-5ubuntu2.3\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nSol Jerome discovered that the Kerberos kadmind service did not correctly\nfree memory. (CVE-2010-0629)\n\nIt was discovered that Kerberos did not correctly free memory in\nthe GSSAPI library. (Ubuntu 8.10 was not affected.) (CVE-2007-5901,\nCVE-2007-5971)\n\nIt was discovered that Kerberos did not correctly free memory in the\nGSSAPI and kdb libraries. (Only Ubuntu 8.04 LTS was affected.)\n(CVE-2007-5902, CVE-2007-5972)\n\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.diff.gz\n Size/MD5: 1747579 857bc90fe202aacef9aa7ec1915912b0\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.dsc\n Size/MD5: 1135 4cacf5667996472a34c29f5db3590a0a\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1.orig.tar.gz\n Size/MD5: 14672599 7a36c3471aa31ffd01d5a020f9d82dff\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.3~beta1-2ubuntu1.4_all.deb\n Size/MD5: 2121560 319ec346ce4f7acfcd3f535276b2e7e9\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 140892 372ce44cc13bfcea71652553d16ab0f6\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 162164 6b37b079fa1b8fd1d512e8d5a268c6e3\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 1337522 23370d40c101659acb54bd203c263e3d\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 89344 02a61de3df97772e9a46ce5f960d392d\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 497374 89e647e9beec851c340774d758f6d68c\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 88168 6f6c1a76b5fd3f579c26f5438fb04f69\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 230020 ff26ae7c13bedcd6335b36d335357f79\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 65660 6ad8023f8ec936b19046b04c95c948bc\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 186140 af7b0135284c9bffd16a6a03b2c36703\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 64960 abc799e9e887480fc993bdba504af466\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 91866 cfb606d8378283313f5009faa2dec564\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 73208 6ee86c16449e975666de4454ca001fb4\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 131262 a8beec1ae2763a39f4224e6457d79a68\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 146000 ea7aad15118b9e3df627d9e41f641c25\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 1289340 b3f36e7e2fb3fdba00a5af1153c4f407\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 89352 372324ef9477c4a6f3f9bc31ef297a57\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 460514 62959156fab7500c76d9f11ebae51d52\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 81706 fbbc1993212b37307d15fbac473a1568\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 201704 e920981af86ee031bcf12fdf0d58f044\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 60694 c1e8663d26f5090f64350e56967f1b4b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 173246 532692f310673efbd4329d0661811370\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 61726 78e20ba263aad29b73f92ce156ba12a7\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 84298 fe5eceddccc659692e8c95149da13dd9\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 66892 efb07a08a44037d73c7e98525dcbab56\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 131436 e9a07a3d73999fe64e97ec4f15754f00\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 143896 0885dad9ce7cfb900e80f664256ce3c7\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 1318388 8c5fee9fe04a1d4d5cd50e31066c592d\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 89348 f12babd06a10b951388d6618288b081d\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 455898 ceb7713ec70fe69de2e9e675f34162eb\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 82168 603b21fbba3e4092e21e95f7fc79addb\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 200914 066a5fa912c9a64a2a4f4de12326ded2\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 60786 d11c67185932d0b746584e0406294a3e\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 172640 2de487fc075709f917b2396a053d8bde\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 61574 394a1d2ee087fb9ed2d8bbdd6b54c1c2\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 84204 1c7cccecf78f77db4073669da9f82ef7\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 67206 ce64e680e6c213afea88440bb1d944b6\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 158748 c5daffac1ce8e89ee9002325f63ed078\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 159344 9fb7e6c72d4e07e06e704b127582204a\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 1335326 2e5bf6c9daec4169d467583f70b2652f\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 89362 edd451d9c7efb36480bd396347d33b47\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 482430 c4f6f3ee75b56c4fb436e0a55f008097\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 95278 554caab935dc3d35ed2297dff4b9cd21\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 245012 0a16b0e350544021fd2a3a8879d1372f\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 68806 ea6d4ae9080e63be328418af216cf7fd\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 199412 9063aec6b15eab435032ac249f516a44\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 64060 a367b9c7a4afee60fe4b8e7e98eac1a4\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 100238 e253160984af0fd0f914b453bf604b1d\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 75518 7bfda8e39e560cb747ad8b78ceee7fa8\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 134486 d031b1b700640b4e254e9ba9950c0a9c\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 142010 d0fd459614fb1e4bb411b5ff1220e6a9\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 1213582 cd49f178b2202d58d3eb471a3c791e49\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 89356 8e603c181d789500185720f8e35da971\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 428108 356af6cc775d8bafe2a028c43a33b89c\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 83266 e87d03878c6db3b236edbe0616e1c839\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 211652 121558486b173d309bccbe304b8ec550\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 64092 69c588ea021fc09582f299ec80ce5ebf\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 173032 01fd0f15a60c39f2180c0290b8b4f015\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 58806 e21d86723683a97d0f9812d820b39da7\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 87886 eef2eaa5c992cd9849f865c5b88de7aa\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 69614 8f28b615e8a75bb0a6e04da3131c39bb\n\nUpdated packages for Ubuntu 8.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.diff.gz\n Size/MD5: 858566 abe6f3bf8714b16dd084cd583b5aa350\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.dsc\n Size/MD5: 1671 e03526558ccf9a954c92a3e257e66351\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz\n Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-3ubuntu0.4_all.deb\n Size/MD5: 2148728 a0785e0f46d4268e3906483b821241bb\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 146234 7c1e6b679b00982416953a085acb5f39\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 165978 0415c29a760df4dbf38e3b82e93aaf54\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 1474040 289fcb9189903998fe6adb217d111257\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 92554 db275139f0715242c7f339b0005f7f65\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 510612 ad1d674ce1ffc4f39dfc6d75d8c80282\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 92862 99ee34c7a17ce0cb980ba620cbc97e67\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 237266 eb87e828f93d628e7dab9de7a657566d\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 68946 43644b68a2aa3219a07dcb85f7a45371\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 107696 5be51db685dc9d9536765a0771e52223\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 196660 e36a1e5bc9fd0b173bbd0fca05b79d0b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 67914 098fd941dbdb7c32ce12f983dbbd6ed9\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 94504 4bbe57034a98573f623870361380055d\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 76670 6759a5aad2f5ba13b5b0354dc025aa0c\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 136816 71232407545e52025735e7e630496f84\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 150618 e413fd35cb127f765870211bc25a47ec\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 1413034 f1f3fb8a55ee8ba77c9b6aac5ad9aff4\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 92570 98ed6b6053fff58ac3a600f4b51b7cd0\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 472690 7cf30b9521b99808b48879295b579d07\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 86424 76aefeea8bbaecc66933de53158503fe\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 213602 a6d796c92390bc1b9ff794ae4204f974\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 63886 8a7affbe90bd3c31e1bb360f4f93ce90\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 102054 15234247c475c7ac05549b3e0ac04e8a\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 183124 34b361091e4883adf77658c04f431edb\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 64676 72cd11a2060ebd4524dfb4345d6ac3b0\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 87766 bd091590f2ebf42a256b00c00ca08704\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 70558 37b76c195ee928457ddb7f859ee19b80\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 136772 173deb07bb07502e6d16adc880d27209\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 148130 beebf3d09c4c0f5b605a1719d87d3f62\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 1443468 4236ad375d51fe23404e21b1979103cf\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 92538 c696e177873d8255183b7cc50576eb48\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 463248 680eff30a2fd36ab52900ad3b7d58192\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 86530 2d5c2d44148bcc30b1fc0862c26bbc88\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 206758 d08cdf41d7ee2bacd847639b5f5b8676\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 63948 c42df041a5ed4079b03fad6d1fd16a5d\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 101826 1bfed64995fab3d278fd7e382be0f207\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 182666 c40bbef2b97460a08eb18a64767c9f8f\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 64188 1421cd4073a447d334eea471a2dd548f\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 86954 b9b8f522b5881cc111124d368dcc0d6f\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 70346 f77d255277ff6ea8964c3992dded5118\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 157076 4501c9b76ba4cd09cce27ef2ce1a74ad\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 161396 9f6134a5f7e29859b46f41fa1f6c23a8\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 1472026 4f1e6fbc7c474bd9ddedce81c307e52f\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 92578 3b7a1d729048d6c66629e03a8230cb8b\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 492848 c791a13ad685af0293c3b8b0397adb25\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 96700 4980c34839066b9866eacb06fb385d23\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 245612 c4f47729971c422bdf47cbc86669999b\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 70360 4904070348252bd4bdd692d85af4249a\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 110768 2c18038848b99c2f90b87a0c8af7a2e5\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 202494 7c9671f7bdb178be8f1bbc8445ab00a9\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 66680 36a33a9765740aa2eab16419017562b0\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 98830 bfafb479fdc24c38cda9ab334c7c059e\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 77096 ffc6213bd7623df1b396d14a72d4e830\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 140360 97dcf304de4a27ebac536e0092b7fc1b\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 144848 64545260134ceba4c1fa36bbb5dbb3e7\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 1332818 cfbeb843bc41b29bc39c9f472cc6f388\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 92562 18978f9e7ff1ce581359bffaa3183cae\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 433500 135cfb8e8a08c6086ee81a2401f5caea\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 87970 205855c848f241acd5262a11ca7bbc7a\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 221618 1475ec81f68851111b85bb0bb0ab6fbf\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 67506 5742f0bd5b8775f8aa948f8fda02456b\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 100974 b9c4cb0e343eb63dbda925b29888186d\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 182710 be662df46e52c604f0ef9aee39287bd4\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 60936 d39a4e432ed22e23cc7342986b59cad2\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 91922 62f5f68fe447a9e1367457ba4ac1033e\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 72734 e3a771cb836f6fc6b40402befbdfdf20\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.diff.gz\n Size/MD5: 884759 6834e06b9b7420e013639e5f0177dde7\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.dsc\n Size/MD5: 1671 2df8fc05d522a39465b516106eb1c720\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz\n Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5ubuntu2.3_all.deb\n Size/MD5: 2149012 143718b601a3a99b8ebd05937ecaed25\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 146656 2d86ade2be3e079d940e8919217802e7\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 166316 faec7da08e9aa386f72e349c7408bf10\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 1479408 de4a5e28107e556683c959c1a0cfa819\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 93046 a88830b71b66d9071ecf9e43422c1d3e\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 512336 6623911d29c86d0da61a57ac3f5443fa\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 93766 c1fe58d664c3021eb0f3b39a21f292f6\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 237514 15434edb948a81df6827c54e7cfc493a\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 69208 f38a09c9ce73b663053b0c16e562d53e\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 108010 397c0979124621bde63b49d55df1951b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 198894 971764b78a61757018f675faaf8d13c2\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 68258 7abb3d320bbaac22e6d91c8ddf808ced\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 94832 c3b98b57230bdd7b7f6ebb83418b398f\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 76946 85b0519be431be8228d1b8930ca82032\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 137258 6722093f41aea33c126c60594e91aa89\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 150922 b01712adff6c2dd19bbb578691b55a82\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 1417102 87153ec02650a379e068d91412027243\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 93044 d29e99de8b3cd37a2f66411cb62f69e6\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 473744 d7f752135e4a924139b89e5873901aa1\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 87338 441b4cbdfcf76a714c81f88fc78d45f0\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 213942 12b948c395cf70a2fea94cc8fc195228\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 64306 bab53b895c90f98f7964e66768e8e020\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 102364 0892484a20867e24c567a57fa9bdabbe\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 185436 c7716a56e5e00c6b34c37d619c3e2fd3\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 65034 673f5afa510e0b6c9718ca2b0b1d8634\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 88118 4d16b24b0c8de073394fcd16efbd471b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 70886 7c57638b2967e79f0b35ed27baca2c5c\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 137092 88eac351aa4c04cabeb5004ba0488a89\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 148518 5c4bcb387e8ceae4642e955c9073b936\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 1448176 04dc34d8d656fdd5cabfd522a2862fcb\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 93040 696bfd471bba2b1f3cb7d5c0538068d0\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 464142 11481d506c939a4595c5d235768692e5\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 87422 41b6c7fb1aed7ddfd0732af69c393ee5\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 207106 86e5df0b876d7a0fc53ff75dffcced9e\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 64392 783c9e473eb37ca0368c9a52aa92d343\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 102218 548d6f447c103522fa6616dbea42e75a\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 184990 325f5322d631683068bc6ddc6af35940\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 64550 b6b3f9ad2c07f8f7597c484fc14315be\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 87292 bcdb18ceb438927ab77150be9c4176f9\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 70680 eb8483a9164d278a76774413d9660ddb\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 157362 3603a529157befb84af0edad2c3bb7dc\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 161722 7ba5b2cd8023ffb44230d435aad75f4c\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 1476674 1db714f8b53e25bdc2301cdfa99551bf\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 93054 82c6e84e63e5c5a561dfc55a5bbee018\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 494652 9251f6d55d90fbf9bb28ee930cef7aed\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 97626 05a2eef51dafed34f8689bde6d025d51\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 245924 2e85a1edc5ea735861525a91a37bcca6\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 70818 aa62de270b7d513cd8bd5831c63e4d20\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 111146 d4464357b86e371914cc23251c2c1780\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 204756 dd5364842f6604199e2d7698334771ff\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 67072 5144031c10eebd19c85b9bed8186b5a7\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 99180 54eca3303b1097ee902e2ef84f0220e7\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 77438 a18355513e1155b4dc997881878ce816\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 140558 5c0e1c57333b16f654ed94502e54d354\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 145012 bc16c76d7e202efb7f392185f9a34ecf\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 1337686 00ce5bdd2e53fd6059205375458ba917\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 93054 29490c704727e89faf1079f1b517606e\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 434466 9047f19cc6730c592a0f9ac99abd31e4\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 88702 55bf696f05f0d9b72b630d35422ed905\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 221790 bf2fb8e80cf389bee1a7b9edbcacb3d0\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 67822 4c2219ff77a59d8bcc8c78fb07e5b0e7\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 101378 d7720e20362e7870e6d205a924b7e486\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 184808 7d8827058a213b3216c16cfe15d26bf1\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 61274 1b5b021b7e019641010877555e99058d\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 92206 8baa9bba468967c26e6a2c87ffa8dfbb\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 73024 607a1edca12d6130393158fc82b86b28\n\n", sources: [ { db: "NVD", id: "CVE-2007-5901", }, { db: "CERT/CC", id: "VU#895609", }, { db: "CERT/CC", id: "VU#374121", }, { db: "JVNDB", id: "JVNDB-2007-001143", }, { db: "CNNVD", id: "CNNVD-200712-059", }, { db: "BID", id: "26750", }, { db: "VULHUB", id: "VHN-29263", }, { db: "VULMON", id: "CVE-2007-5901", }, { db: "PACKETSTORM", id: "64729", }, { db: "PACKETSTORM", id: "64848", }, { db: "PACKETSTORM", id: "64746", }, { db: "PACKETSTORM", id: "61598", }, { db: "PACKETSTORM", id: "88174", }, ], trust: 4.5, }, exploit_availability: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { reference: "https://www.scap.org.cn/vuln/vhn-29263", trust: 0.1, type: "unknown", }, ], sources: [ { db: "VULHUB", id: "VHN-29263", }, ], }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2007-5901", trust: 3.3, }, { db: "BID", id: "26750", trust: 2.9, }, { db: "SECUNIA", id: "29451", trust: 1.8, }, { db: "SECUNIA", id: "29516", trust: 1.8, }, { db: "SECUNIA", id: "29464", trust: 1.8, }, { db: "OSVDB", id: "43346", trust: 1.8, }, { db: "VUPEN", id: "ADV-2008-0924", trust: 1.7, }, { db: "SECUNIA", id: "39290", trust: 1.2, }, { db: "CERT/CC", id: "VU#895609", trust: 0.9, }, { db: "CERT/CC", id: "VU#374121", trust: 0.9, }, { db: "USCERT", id: "TA08-079A", trust: 0.8, }, { db: "USCERT", id: "SA08-079A", trust: 0.8, }, { db: "USCERT", id: "TA08-079B", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2007-001143", trust: 0.8, }, { db: "APPLE", id: "APPLE-SA-2008-03-18", trust: 0.6, }, { db: "FEDORA", id: "FEDORA-2008-2637", trust: 0.6, }, { db: "FEDORA", id: "FEDORA-2008-2647", trust: 0.6, }, { db: "NSFOCUS", id: "11249", trust: 0.6, }, { db: "FULLDISC", id: "20071208 MIT KERBEROS 5: MULTIPLE VULNERABILITIES", trust: 0.6, }, { db: "FULLDISC", id: "20071208 VENUSTECH REPORTS OF MIT KRB5 VULNS [CVE-2007-5894 CVE-2007-5901 CVE-2007-5902 CVE-2007-5971 CVE-2007-5972]", trust: 0.6, }, { db: "REDHAT", id: "RHSA-2008:0164", trust: 0.6, }, { db: "GENTOO", id: "GLSA-200803-31", trust: 0.6, }, { db: "MANDRIVA", id: "MDVSA-2008:069", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-200712-059", trust: 0.6, }, { db: "PACKETSTORM", id: "64848", trust: 0.2, }, { db: "PACKETSTORM", id: "64729", trust: 0.2, }, { db: "PACKETSTORM", id: "88174", trust: 0.2, }, { db: "SECUNIA", id: "29428", trust: 0.2, }, { db: "VULHUB", id: "VHN-29263", trust: 0.1, }, { db: "VUPEN", id: "2008/0924", trust: 0.1, }, { db: "VULMON", id: "CVE-2007-5901", trust: 0.1, }, { db: "PACKETSTORM", id: "64746", trust: 0.1, }, { db: "PACKETSTORM", id: "61598", trust: 0.1, }, ], sources: [ { db: "CERT/CC", id: "VU#895609", }, { db: "CERT/CC", id: "VU#374121", }, { db: "VULHUB", id: "VHN-29263", }, { db: "VULMON", id: "CVE-2007-5901", }, { db: "BID", id: "26750", }, { db: "JVNDB", id: "JVNDB-2007-001143", }, { db: "PACKETSTORM", id: "64729", }, { db: "PACKETSTORM", id: "64848", }, { db: "PACKETSTORM", id: "64746", }, { db: "PACKETSTORM", id: "61598", }, { db: "PACKETSTORM", id: "88174", }, { db: "CNNVD", id: "CNNVD-200712-059", }, { db: "NVD", id: "CVE-2007-5901", }, ], }, id: "VAR-200712-0605", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-29263", }, ], trust: 0.01, }, last_update_date: "2024-07-23T20:30:10.502000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Update 2008-002", trust: 0.8, url: "http://support.apple.com/kb/ht1249", }, { title: "Security Update 2008-002", trust: 0.8, url: "http://docs.info.apple.com/article.html?artnum=307562-ja", }, { title: "krb5-1.6.1-17AXS3.1", trust: 0.8, url: "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=218", }, { title: "krb5-1.5-29.1AX", trust: 0.8, url: "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=121", }, { title: "Top Page", trust: 0.8, url: "http://web.mit.edu/kerberos/", }, { title: "RHSA-2008:0164", trust: 0.8, url: "https://rhn.redhat.com/errata/rhsa-2008-0164.html", }, { title: "RHSA-2008:0164", trust: 0.8, url: "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2008-0164j.html", }, { title: "Ubuntu Security Notice: krb5 vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=usn-924-1", }, { title: "Debian CVElist Bug Report Logs: krb5: Venustech AD-LAB CVEs (not serious)", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=254938ac7fccafd1a3da98bebb95dabd", }, ], sources: [ { db: "VULMON", id: "CVE-2007-5901", }, { db: "JVNDB", id: "JVNDB-2007-001143", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-399", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-29263", }, { db: "JVNDB", id: "JVNDB-2007-001143", }, { db: "NVD", id: "CVE-2007-5901", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.7, url: "http://www.securityfocus.com/bid/26750", }, { trust: 2.1, url: "http://seclists.org/fulldisclosure/2007/dec/0321.html", }, { trust: 2.1, url: "http://bugs.gentoo.org/show_bug.cgi?id=199214", }, { trust: 1.9, url: "http://security.gentoo.org/glsa/glsa-200803-31.xml", }, { trust: 1.8, url: "http://lists.apple.com/archives/security-announce/2008/mar/msg00001.html", }, { trust: 1.8, url: "http://docs.info.apple.com/article.html?artnum=307562", }, { trust: 1.8, url: "https://issues.rpath.com/browse/rpl-2012", }, { trust: 1.8, url: "https://www.redhat.com/archives/fedora-package-announce/2008-march/msg00537.html", }, { trust: 1.8, url: "https://www.redhat.com/archives/fedora-package-announce/2008-march/msg00544.html", }, { trust: 1.8, url: "http://seclists.org/fulldisclosure/2007/dec/0176.html", }, { trust: 1.8, url: "http://www.mandriva.com/security/advisories?name=mdvsa-2008:069", }, { trust: 1.8, url: "http://osvdb.org/43346", }, { trust: 1.8, url: "http://www.redhat.com/support/errata/rhsa-2008-0164.html", }, { trust: 1.8, url: "http://secunia.com/advisories/29451", }, { trust: 1.8, url: "http://secunia.com/advisories/29464", }, { trust: 1.8, url: "http://secunia.com/advisories/29516", }, { trust: 1.6, url: "about vulnerability notes", }, { trust: 1.6, url: "contact us about this vulnerability", }, { trust: 1.6, url: "provide a vendor statement", }, { trust: 1.2, url: "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11451", }, { trust: 1.2, url: "http://secunia.com/advisories/39290", }, { trust: 1.2, url: "http://ubuntu.com/usn/usn-924-1", }, { trust: 1.2, url: "http://www.vupen.com/english/advisories/2008/0924/references", }, { trust: 1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5901", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnta08-079a/index.html", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnta08-079b/index.html", }, { trust: 0.8, url: "http://jvn.jp/tr/trta08-079a/index.html", }, { trust: 0.8, url: "http://jvn.jp/tr/trta08-079b/index.html", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-5901", }, { trust: 0.8, url: "http://www.us-cert.gov/cas/techalerts/ta08-079a.html", }, { trust: 0.8, url: "http://www.us-cert.gov/cas/alerts/sa08-079a.html", }, { trust: 0.8, url: "http://www.us-cert.gov/cas/techalerts/ta08-079b.html", }, { trust: 0.6, url: "http://www.frsirt.com/english/advisories/2008/0924/references", }, { trust: 0.6, url: "http://www.nsfocus.net/vulndb/11249", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5901", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5971", }, { trust: 0.3, url: "http://bugs.gentoo.org/show_bug.cgi?id=199205", }, { trust: 0.3, url: "http://bugs.gentoo.org/show_bug.cgi?id=199211", }, { trust: 0.3, url: "http://bugs.gentoo.org/show_bug.cgi?id=199212", }, { trust: 0.3, url: "http://web.mit.edu/kerberos/", }, { trust: 0.3, url: "http://rhn.redhat.com/errata/rhsa-2008-0164.html", }, { trust: 0.3, url: "http://rhn.redhat.com/errata/rhsa-2008-0180.html", }, { trust: 0.3, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5971", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0947", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0062", }, { trust: 0.2, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0947", }, { trust: 0.2, url: "http://secunia.com/", }, { trust: 0.2, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0062", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0063", }, { trust: 0.2, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0063", }, { trust: 0.2, url: "http://lists.grok.org.uk/full-disclosure-charter.html", }, { trust: 0.2, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5894", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5972", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5902", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/399.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://usn.ubuntu.com/924-1/", }, { trust: 0.1, url: "http://www.mandriva.com/security/", }, { trust: 0.1, url: "http://web.mit.edu/kerberos/advisories/mitkrb5-sa-2008-002.txt", }, { trust: 0.1, url: "http://www.mandriva.com/security/advisories", }, { trust: 0.1, url: "http://web.mit.edu/kerberos/advisories/mitkrb5-sa-2008-001.txt", }, { trust: 0.1, url: "http://bugs.gentoo.org.", }, { trust: 0.1, url: "http://creativecommons.org/licenses/by-sa/2.5", }, { trust: 0.1, url: "http://security.gentoo.org/", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/id/895609", }, { trust: 0.1, url: "http://secunia.com/product/556/", }, { trust: 0.1, url: "http://secunia.com/secunia_security_advisories/", }, { trust: 0.1, url: "http://secunia.com/advisories/29428/", }, { trust: 0.1, url: "https://psi.secunia.com/?page=changelog", }, { trust: 0.1, url: "https://psi.secunia.com/", }, { trust: 0.1, url: "http://web.mit.edu/kerberos/www/advisories/mitkrb5-sa-2008-001.txt", }, { trust: 0.1, url: "http://web.mit.edu/kerberos/advisories/2008-001-patch.txt", }, { trust: 0.1, url: "http://web.mit.edu/kerberos/www/advisories/mitkrb5-sa-2008-002.txt", }, { trust: 0.1, url: "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/id/374121", }, { trust: 0.1, url: "http://secunia.com/about_secunia_advisories/", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5972", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5894", }, { trust: 0.1, url: "http://www.venustech.com.cn)", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5902", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.dsc", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-3ubuntu0.4_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.dsc", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-0629", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.diff.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.diff.gz", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.diff.gz", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.dsc", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1.orig.tar.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.3~beta1-2ubuntu1.4_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5ubuntu2.3_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, ], sources: [ { db: "CERT/CC", id: "VU#895609", }, { db: "CERT/CC", id: "VU#374121", }, { db: "VULHUB", id: "VHN-29263", }, { db: "VULMON", id: "CVE-2007-5901", }, { db: "BID", id: "26750", }, { db: "JVNDB", id: "JVNDB-2007-001143", }, { db: "PACKETSTORM", id: "64729", }, { db: "PACKETSTORM", id: "64848", }, { db: "PACKETSTORM", id: "64746", }, { db: "PACKETSTORM", id: "61598", }, { db: "PACKETSTORM", id: "88174", }, { db: "CNNVD", id: "CNNVD-200712-059", }, { db: "NVD", id: "CVE-2007-5901", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CERT/CC", id: "VU#895609", }, { db: "CERT/CC", id: "VU#374121", }, { db: "VULHUB", id: "VHN-29263", }, { db: "VULMON", id: "CVE-2007-5901", }, { db: "BID", id: "26750", }, { db: "JVNDB", id: "JVNDB-2007-001143", }, { db: "PACKETSTORM", id: "64729", }, { db: "PACKETSTORM", id: "64848", }, { db: "PACKETSTORM", id: "64746", }, { db: "PACKETSTORM", id: "61598", }, { db: "PACKETSTORM", id: "88174", }, { db: "CNNVD", id: "CNNVD-200712-059", }, { db: "NVD", id: "CVE-2007-5901", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2008-03-19T00:00:00", db: "CERT/CC", id: "VU#895609", }, { date: "2008-03-18T00:00:00", db: "CERT/CC", id: "VU#374121", }, { date: "2007-12-06T00:00:00", db: "VULHUB", id: "VHN-29263", }, { date: "2007-12-06T00:00:00", db: "VULMON", id: "CVE-2007-5901", }, { date: "2007-12-06T00:00:00", db: "BID", id: "26750", }, { date: "2008-04-03T00:00:00", db: "JVNDB", id: "JVNDB-2007-001143", }, { date: "2008-03-19T23:35:04", db: "PACKETSTORM", id: "64729", }, { date: "2008-03-24T22:48:28", db: "PACKETSTORM", id: "64848", }, { date: "2008-03-20T20:39:31", db: "PACKETSTORM", id: "64746", }, { date: "2007-12-08T01:06:55", db: "PACKETSTORM", id: "61598", }, { date: "2010-04-07T22:25:37", db: "PACKETSTORM", id: "88174", }, { date: "2007-12-05T00:00:00", db: "CNNVD", id: "CNNVD-200712-059", }, { date: "2007-12-06T02:46:00", db: "NVD", id: "CVE-2007-5901", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2011-07-22T00:00:00", db: "CERT/CC", id: "VU#895609", }, { date: "2011-07-22T00:00:00", db: "CERT/CC", id: "VU#374121", }, { date: "2017-09-29T00:00:00", db: "VULHUB", id: "VHN-29263", }, { date: "2017-09-29T00:00:00", db: "VULMON", id: "CVE-2007-5901", }, { date: "2015-04-13T21:56:00", db: "BID", id: "26750", }, { date: "2008-10-29T00:00:00", db: "JVNDB", id: "JVNDB-2007-001143", }, { date: "2007-12-06T00:00:00", db: "CNNVD", id: "CNNVD-200712-059", }, { date: "2017-09-29T01:29:43.957000", db: "NVD", id: "CVE-2007-5901", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-200712-059", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "MIT Kerberos Multiple Memory Corruption Vulnerabilities", sources: [ { db: "BID", id: "26750", }, { db: "CNNVD", id: "CNNVD-200712-059", }, ], trust: 0.9, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "resource management error", sources: [ { db: "CNNVD", id: "CNNVD-200712-059", }, ], trust: 0.6, }, }
var-200803-0028
Vulnerability from variot
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values.". Vulnerabilities in the MIT Kerberos libgssrpc library may allow an attacker to cause a denial of service or potentially execute arbitrary code. It adopts a client/server structure, and both the client and the server can authenticate each other (that is, double verification), which can prevent eavesdropping and replay attack, etc. ), which can prevent eavesdropping, prevent replay attacks, etc. If a Kerberos 4 message is truncated, the missing part of the message is replaced with what was previously on the stack, and some parts of the principal name are read from the string in the message. These strings are limited to 40 bytes or the next ASCII NUL found in the buffer. If the KDC returns an error message indicating that the master name was not found in the database, it will include the master name in the error message, which may contain previous stack contents. =========================================================== Ubuntu Security Notice USN-587-1 March 19, 2008 krb5 vulnerabilities CVE-2008-0062, CVE-2008-0063, CVE-2008-0947 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: libkadm55 1.4.3-5ubuntu0.7 libkrb53 1.4.3-5ubuntu0.7
Ubuntu 6.10: libkadm55 1.4.3-9ubuntu1.6 libkrb53 1.4.3-9ubuntu1.6
Ubuntu 7.04: libkadm55 1.4.4-5ubuntu3.4 libkrb53 1.4.4-5ubuntu3.4
Ubuntu 7.10: libkadm55 1.6.dfsg.1-7ubuntu0.1 libkrb53 1.6.dfsg.1-7ubuntu0.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
It was discovered that krb5 did not correctly handle certain krb4 requests. (CVE-2008-0947)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.7.diff.gz
Size/MD5: 1460317 0090e30287f3448ed9babac78c39d5ca
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.7.dsc
Size/MD5: 848 237125b6b35a1a059e5573d10fd7c18e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3.orig.tar.gz
Size/MD5: 7279788 43fe621ecb849a83ee014dfb856c54af
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-5ubuntu0.7_all.deb
Size/MD5: 853222 dfd657a08b13ce0f3916e49ab8e3ce28
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_amd64.deb
Size/MD5: 190904 e9e05267f551177f3c7cae46fdda9565
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_amd64.deb
Size/MD5: 768706 79270ab27ac164fc4c76822e1dc0be2c
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_amd64.deb
Size/MD5: 425714 d8467d288bf46cdfa35ba74e6aa0ff02
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_amd64.deb
Size/MD5: 80378 b2d795bc82f8f962ceff0afdd11060da
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_amd64.deb
Size/MD5: 223230 73161771034af58dc6d0cd0c4be72fa8
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_amd64.deb
Size/MD5: 60376 f0712ab86caf1d9d9e52ff3750afeddd
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_amd64.deb
Size/MD5: 135158 34b51b738a69c2aeb9df20e0af93e9bc
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_amd64.deb
Size/MD5: 85274 265b8ad9968001e5c984743650d635ac
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_amd64.deb
Size/MD5: 67600 bd5c7020310f1bd70f8dc98864c2961c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_amd64.deb
Size/MD5: 129906 0f0383de4d51d8581a260021c3332f72
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_i386.deb
Size/MD5: 165730 8128a78d17cd98c4ccfa086b390af167
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_i386.deb
Size/MD5: 647222 96672590753337d39b1aadc24dac0531
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_i386.deb
Size/MD5: 381120 af9c45400c55b68778f3b769c238548d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_i386.deb
Size/MD5: 72298 754b91046e7e47bb0f2aa58cd2ca3797
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_i386.deb
Size/MD5: 187240 d7e5a8b1a077776309282bc328aab885
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_i386.deb
Size/MD5: 54326 1137dd0e4209cf7edb38ff327feb342d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_i386.deb
Size/MD5: 121564 9e36fe3a9567176b2e224a45e55017a0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_i386.deb
Size/MD5: 75920 cd8854a9ae911eaa1c82eaa945b3d175
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_i386.deb
Size/MD5: 58720 eaf05e05f40183c066e294bec431bc61
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_i386.deb
Size/MD5: 119078 67a73b248bf33afee23ffb885f5d2e18
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_powerpc.deb
Size/MD5: 177716 b834ad9d37a2e3dfa44d086c6dcbfbc9
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_powerpc.deb
Size/MD5: 752002 22dd063609b942c4996c56a3f74b266c
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_powerpc.deb
Size/MD5: 395914 b4fde9f81a08aa112f48b38f1d7faf9c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_powerpc.deb
Size/MD5: 80530 7e55073ee6b67ba12f0ed48d0137e73c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_powerpc.deb
Size/MD5: 220582 482d21e5007a1876bf6af64e434b4942
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_powerpc.deb
Size/MD5: 59574 4f47514f7992a292c162f40f8a174ee6
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_powerpc.deb
Size/MD5: 135962 0e23ea255a84c3a580e0d7e6b0da9546
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_powerpc.deb
Size/MD5: 85120 e07cf29268ba053833122cca9ed79d8d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_powerpc.deb
Size/MD5: 65990 3c4f25017e0760f4dd10404e604087a8
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_powerpc.deb
Size/MD5: 134952 7096226ce8ce15dd20c6ed933888d56e
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_sparc.deb
Size/MD5: 165278 5c8580725c8a200f24173d38dfce388e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_sparc.deb
Size/MD5: 678538 4002d8655a43f5784d5e9c95bc5b4f76
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_sparc.deb
Size/MD5: 368726 5ee45e24f0ac54d79a55c20674b2887f
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_sparc.deb
Size/MD5: 73042 672530bb7218c04a67e23d1053757050
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_sparc.deb
Size/MD5: 197404 ea257178102f6b7732ef12538ead3e24
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_sparc.deb
Size/MD5: 56304 855c59021874c714bd4e2605de10d5a6
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_sparc.deb
Size/MD5: 124374 7d8f7f84b2c1648b63129ba342389d75
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_sparc.deb
Size/MD5: 76922 142ed0e2c119d596c5437ac8f9042064
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_sparc.deb
Size/MD5: 62350 db681a03624a21a34425fea9f6fa9ade
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_sparc.deb
Size/MD5: 120620 ebe2ddf8dc131cf6e3322e1cb125f2f3
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-9ubuntu1.6.diff.gz
Size/MD5: 1481707 dc6dd5cd6d4a125e2fa70b9ebc3f8b12
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-9ubuntu1.6.dsc
Size/MD5: 883 8fdcf0af1cc631c882a44ae0214e0b6f
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3.orig.tar.gz
Size/MD5: 7279788 43fe621ecb849a83ee014dfb856c54af
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-9ubuntu1.6_all.deb
Size/MD5: 853934 f3a7a044bedb974b32a46708774ec894
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 190826 7772b734a889ea97cf052de39072cead
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 1073390 bedf0987fe159bc38c30663ad966d0ac
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 772708 5cc8e489a0f6fcca17c3e0d8b9588879
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 428050 11b4c2211b18453bd2a662a297569f49
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 81790 06f349106755cc19cfb3f29fcc7228f8
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 224408 59491e595a544a84463a6deec8305f66
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 61620 f58dcb4c09e4c96f3db5bfc8172fdffa
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 139116 31943a9766f657fd47ac1aded48d49d6
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 87426 1033408d2692b38926947f8ae85e1515
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 68116 291db335b868748c933a7c67e6add6a7
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_amd64.deb
Size/MD5: 130628 a2cb3cd3ee9ede8c3c10e695fd8148af
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 173062 e15aa9368fc4e4ef4562a23cc1780484
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 1024998 798f81a00c59842cbc2c8ea8cd4b9a5e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 673152 671e72c1eb7645dfda924c77949610dd
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 404172 445f952e23f810f6de10773a01fd68ae
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 75380 0b3cd4b087f56ebdd527d61194cf7fc0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 196506 bff3435e0da9aecff7a26d73e712937f
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 57136 3fafa3cd2cd2792e740c4d6976a881de
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 129352 7e190df154981717bf711697c5042cd4
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 80102 94a76cc7807e9d6598b4a452a7fbb738
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 61928 b7fdd344e683ce45be88f8fa43290175
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_i386.deb
Size/MD5: 122208 eb1ec6653d6d790e23dbcc14cd98f5f7
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 180126 f8e5d077ee06234bbb9881beb9d49f36
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 1076974 4752e5e87fdcd67fcb0f1ee2c35ddf80
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 758400 73ed6c35fbdcf1866a65a6198df8ca82
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 399112 1fdd3a0a2a45bd410a1f4e72713a0e1e
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 82420 446cda40d1590c088e2fc83118a58e13
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 223182 8e6f5f3062fe3cfb113db73bc8a1a89e
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 61826 b4ad931a1a1d48b668a972893502cd67
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 141210 8892626a667e0010a0cba8fe19df958f
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 87318 c7306114bbb195c221962abc469a1d42
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 67222 b99ea3def960bdc849376c508e263f0d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_powerpc.deb
Size/MD5: 136888 1c651e27011fa9c25ea87960b40ffe1b
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 167176 0f2f57754f3e012257a6fef890a23767
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 957816 2ef6010c70801e7b0dd5e633a08e3fac
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 685238 a68016ffc9abcd0eab3f7f1ae323e83e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 374074 d5ff62adb392f5be8b29c2e1056f6f92
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 75210 9611a07b489b518605a9550b27b3dd7c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 203684 89d989c5db437eba6e9e56fc9bf7dc93
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 58980 b9d7f11d5c491595c90006ae7c039935
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 129664 acf15ad70331066092154952cbd7754a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 80428 8409c34ee32612d48e8936618118bab7
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 63612 64b2987c2aee57159bc092c5fe37a25b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_sparc.deb
Size/MD5: 122730 95db549e03f3bc30995d566f8ea7edac
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.4-5ubuntu3.4.diff.gz
Size/MD5: 1589880 e20eef948656a29a255b557af6e7817b
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.4-5ubuntu3.4.dsc
Size/MD5: 968 971223b33ae8631f013c20a3c8867805
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.4.orig.tar.gz
Size/MD5: 11017910 a675e5953bb8a29b5c6eb6f4ab0bb32a
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.4-5ubuntu3.4_all.deb
Size/MD5: 1806176 c34d13b6877a21c426a85719a6ecf6a0
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 194368 2b6345b614c38e353a3ec4abd2957e6d
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 1076886 d4e2d9d77afd78df99d96a6541730527
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 772608 c3f93d5b94e84df6faac86b701f9836c
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 436580 f7e6430bf6f628592596b44e7341af30
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 83772 ad232225b5bbc88f1e0f5bd55916de24
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 226770 34e47342c392be9006254e15fc0258e3
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 62258 c71fecc4d7bd6e3191c08a19cbf07aa5
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 141840 33ec180078e9b8e1f80fca5f26c1d558
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 88380 64572d633f1a84999b2205bd6958206c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 68890 dcabc2bcaac75b7e226c9090a82207a0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_amd64.deb
Size/MD5: 132614 f129069e4dd68ccf7801c717603713ef
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 176870 9e0e200bdff3119ef8488f9a5bf62e7c
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 1031008 8a80209f195b2eb787236e0dcd8aaa23
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 672020 7b5b4e1643b5802b2bbfab006d0e6d7a
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 412036 213c308bef9eaa6762ab755da6e7442a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 77328 295e5ed2c0c2366fc6b3d343607ae431
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 199040 1b0a50f1bf8e421d9838acea254c6c26
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 57780 96ae66401532d513b4333c3429f6e2eb
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 131900 fc29493488e6311a94cfa5ec2c5ac7a8
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 81008 0c2bd14ee6534cad097d5d80200cc94a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 62650 8d1f1316f52fe066626f0fde07f8b990
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_i386.deb
Size/MD5: 124088 de985ccf04486e2043c2324affbb18af
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 194590 f63db5ccc5825220d5014b1d7eda0ebe
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 1082008 3501eca4bc0d14b39fbc662ee20ab7cb
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 757006 169816425e730c69266d39518fb718f8
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 429982 24a79674c75e6f9731d34468ad86e27c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 90254 936f19b572498c2de200fd3e323657de
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 240274 eb844e20839937a3ccad330429ba1840
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 65452 dffc482a088d83a0100e78e69f332bb8
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 153794 308fc25b452cb374f7b45a472784761b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 96692 9566a692d6f8a6d47e9f60e25d13927d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 70680 4949b60728fc08134113f744738a293c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_powerpc.deb
Size/MD5: 150262 dbf317c0added0c3faae6710b8026fc8
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 170940 967a1344994914065dc904da571a2aef
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 965784 bd503df54b8c9afcb4e5a6a375ce7fa8
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 683396 939cb2731116dc8718ea4ebc996b5c7e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 380910 5b46d8169ecc2409caad5dd4feacdc2b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 79084 e3da961bcea67ff2c217008d141075cf
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 210904 688aeb4162f4dcf86768ddd299cf6625
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 60996 e20fcf5e2b4bab548fe8e0836aff86eb
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 135846 55612458a19bd82331991bbb672f74e9
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 84546 f1fc527ed376549516113ae94ca7d0fb
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 65282 7726043628cc103faccb839be0def042
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_sparc.deb
Size/MD5: 127130 edddba0066c5bab862847c750a231a51
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.1-7ubuntu0.1.diff.gz
Size/MD5: 1674637 40fa0c4bdf307c7e5d9509be9870434e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.1-7ubuntu0.1.dsc
Size/MD5: 1044 2c6766c8721cf2e3caa259cdb5badf10
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.1.orig.tar.gz
Size/MD5: 14474321 8f8d6a494380f01a7a0a9236162afa52
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.1-7ubuntu0.1_all.deb
Size/MD5: 2076606 1c021446b5f479717a4998df0f87f205
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 165034 78f040deebe1683f8966347e9896fce8
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 1308970 04db0004a99e7e0d01b37d922f47df1e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 88606 6509d222135bfaa05ebf79db1f63c2a7
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 493016 54a329e5f8464d5f519ac225f4d5d778
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 87824 cac8d5d1297bb71c52a877cf0b85c393
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 228534 d6c15467cf49d74831ac0ea494eec6f9
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 65864 563aaa90bffe6ff07ff8db56cff826f8
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 185182 e1f4910f7b6fca6655696a0bb7169d7b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 91334 c1c20f704f98f19212cfa70ac9edf193
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 72950 de7748ddb5f7cd3f0744eb77770fa3e0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_amd64.deb
Size/MD5: 137592 99c3b6d671ae7f0439f379d5b2688659
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 148364 a3e27e81c7e81f627d05c708faae402d
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 1266912 2696e89ea8cf6e857e36ee740fb65ea0
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 88624 9970f2076c76427dd0cbf217b6a6bba0
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 462068 bd3623332d7737858d0fe5918ef8838d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 81192 d4a4e0e7358f626abc0dbb81575071f6
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 199624 5a24164123aaea818f2d40c41186fdf7
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 61098 8cc21c42ff5dd534f7158c4c750a498e
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 172178 319f2ba5ea41bb97a125049f17154ac4
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 83634 049a305ea62a45ec23b65dbcd04e85fb
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 66538 a0c51897ca2c55ee7ec2447465121f5e
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_i386.deb
Size/MD5: 128624 df48b843cf7ab20fc4696d36bba2fe6e
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 162676 0c11613a3d49190eb92074c27833f4c6
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 1320150 c2a537a9acf0ebf7b08764506136d37e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 88634 eedc4522ba18dfed6fd2483cf8dd0379
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 482868 4d015493346726e61cd0cf9525e2b1e5
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 94492 50526cbb8952316a7b9195edcf148fd3
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 241802 99608692096cfa0e88372013a1b41517
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 68960 fc1d60376ba03106488b098f4b5ea624
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 198522 24b5f7bb74e3d978888dd1cdd065f881
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 99412 ca441f559a1e11b55c3ef52c54ede8ca
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 74666 0657bf76d80f969330c5391d65291baa
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_powerpc.deb
Size/MD5: 155750 967a3ce3bc4fe5383a2a4f6a54ac686a
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 145672 b78635a0dbdb4d4d76c7e6d7ee4cb2fa
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 1200060 c280c5257a62a657ba79ac09ed62e4ff
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 88620 9b75ff80509a5b3435f7d6f30b19ac9b
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 431168 3c7606d6ced441110ab47b16de3542fc
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 83030 cc47e0b9c435c5802a2352cb203c435c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 211104 bed40b53469b42c5a65a1f0640ae4d2f
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 64404 13877024ad747d0ce0a696210217f170
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 172948 8fd8903c9b1caa12ebe73c7c6f86de98
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 87474 c3f94c62f987a7a6d50f9d5344e59cff
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 69196 97040973c460c004ee83b7ba19ddfc88
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_sparc.deb
Size/MD5: 131692 c12abe7485457bcd0ebe5cf3ecfcc850
. It is theoretically possible for the exposed information to include secret key data on some platforms.
For the stable distribution (etch), these problems have been fixed in version 1.4.4-7etch5.
For the old stable distribution (sarge), these problems have been fixed in version krb5 1.3.6-2sarge6.
We recommend that you upgrade your krb5 packages.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian 3.1 (oldstable)
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6.orig.tar.gz Size/MD5 checksum: 6526510 7974d0fc413802712998d5fc5eec2919 http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge6.diff.gz Size/MD5 checksum: 673705 93382126a3c73ac44ed7daa7d85f166d http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge6.dsc Size/MD5 checksum: 782 0391aaf485ef1636ef18c6ba183c3fbe
Architecture independent packages:
http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.3.6-2sarge6_all.deb Size/MD5 checksum: 718916 ca2fb37b53a19207f1e1f1de90c4c1f3
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_amd64.deb Size/MD5 checksum: 137834 d43e9d3f3ef65fe8c8cbbb7b5dcbd144 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_amd64.deb Size/MD5 checksum: 177730 947fb82dd795f9272935ea4cb027e543 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_amd64.deb Size/MD5 checksum: 124864 4f1d0aa9d18013023f4a9f2b9a10db65 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_amd64.deb Size/MD5 checksum: 104886 15037693de0d9dc27460d713b547872a http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_amd64.deb Size/MD5 checksum: 63606 c4cfe2b01bfe0b579b216210817c4fa3 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_amd64.deb Size/MD5 checksum: 369420 c8d1eaf98400880ff82f727fe20f90cd http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_amd64.deb Size/MD5 checksum: 82806 30230dfe2605b88fdeac8811d408acdb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_amd64.deb Size/MD5 checksum: 57048 741292984684fddae11e130dcd388161 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_amd64.deb Size/MD5 checksum: 652378 d8f3493f4354e0b3717ffc72d6592b88 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_amd64.deb Size/MD5 checksum: 216990 0df13c59411cf57b86bd94e250cf458e
arm architecture (ARM)
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_arm.deb Size/MD5 checksum: 115684 ef39b71c5ecf4187e24d27c1111c9a54 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_arm.deb Size/MD5 checksum: 633330 08566aa29ab8d56e26070137a16731a4 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_arm.deb Size/MD5 checksum: 158874 4f60129aa092ea3d750deb168299abe7 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_arm.deb Size/MD5 checksum: 54134 e23173f4ad3a59af03fbab0369a714a9 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_arm.deb Size/MD5 checksum: 58252 255394fcc06d13b6dabc2e87c91dac02 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_arm.deb Size/MD5 checksum: 198848 aaba0529c817ff11728515f5a116f71b http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_arm.deb Size/MD5 checksum: 126814 85d31333aa01c4ab1f7b14ffaaa4c08b http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_arm.deb Size/MD5 checksum: 74940 706b7cbfb01d66cbdb371a9019b3f725 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_arm.deb Size/MD5 checksum: 329190 a661364db9bd2d5c5340a0c6a5c939f4 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_arm.deb Size/MD5 checksum: 93938 04dc96993c79d0113a0626a4439c8cbf
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_hppa.deb Size/MD5 checksum: 125154 afd4a9608fff5b1b3e793881bb2c9c2c http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_hppa.deb Size/MD5 checksum: 64286 b85cf8b5680c12c093ff34150623a3a0 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_hppa.deb Size/MD5 checksum: 59368 3df43bbb40e060d0522495ff3e78412d http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_hppa.deb Size/MD5 checksum: 669644 50027bd1d314e911c4a91647989fad1e http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_hppa.deb Size/MD5 checksum: 104948 a013d1818ed8d6dd7d75a8ac11e795f9 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_hppa.deb Size/MD5 checksum: 187304 401a8e21722c104f3d3aae86cf3640e9 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_hppa.deb Size/MD5 checksum: 383876 d50afad26c9a0416fe47dfdf5ff649f4 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_hppa.deb Size/MD5 checksum: 81992 b6c84f121f66616f578b13a3f0c654ca http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_hppa.deb Size/MD5 checksum: 139202 4972377b638f980ad757128f14132874 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_hppa.deb Size/MD5 checksum: 224154 8a8436e210dd8892487ea482a1de6522
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_i386.deb Size/MD5 checksum: 116324 445bced4eb764a78e51b68e4d7558363 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_i386.deb Size/MD5 checksum: 574784 40fa136876b3219e55de089340c0c85e http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_i386.deb Size/MD5 checksum: 52890 a6ae74be5b338ab7f215d0846353833e http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_i386.deb Size/MD5 checksum: 165726 4b2485d3b8a50cd61ffcd2e0748d70fe http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_i386.deb Size/MD5 checksum: 349416 2f33d4592484a2adf276fd29cfe9d728 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_i386.deb Size/MD5 checksum: 127878 7232e14b8bc1d78fa4346b4ed393a3b9 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_i386.deb Size/MD5 checksum: 95656 00f7666dac13adf2a7bfc81c9d801f2f http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_i386.deb Size/MD5 checksum: 191526 d8613e5a3d87838ee7155f54c1c12f3d http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_i386.deb Size/MD5 checksum: 57762 2baa509aad5f6b837753e5a3e65e63f1 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_i386.deb Size/MD5 checksum: 75890 5e52830c36794bb8ed2cdd14611ec690
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_ia64.deb Size/MD5 checksum: 134332 473be671406f747295c4a94d3f2ca3c5 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_ia64.deb Size/MD5 checksum: 289396 c95c79f18a2a8cb78131a35073c09ebe http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_ia64.deb Size/MD5 checksum: 890018 a9ca82650f5f96ac66d2b4436b0d1345 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_ia64.deb Size/MD5 checksum: 167350 f448dced91316668c1d33d6a0776eb2c http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_ia64.deb Size/MD5 checksum: 240384 5dc95c9ea35a7b052041e177114c5acf http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_ia64.deb Size/MD5 checksum: 79982 8980a39a06eeca5ef5adb623786742a2 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_ia64.deb Size/MD5 checksum: 73692 039a88dc8793fa4de6e461408cde62bd http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_ia64.deb Size/MD5 checksum: 105008 273a9dbaf7a4882f39ebd9de527f76fb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_ia64.deb Size/MD5 checksum: 502382 97f1d32991c1778752bad887f4029990 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_ia64.deb Size/MD5 checksum: 165288 7d2e3c354cc50db22fc34a396902690f
m68k architecture (Motorola Mc680x0)
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_m68k.deb Size/MD5 checksum: 71116 2f35c57d9f24856b013e27b0eef24a25 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_m68k.deb Size/MD5 checksum: 516020 203205bb2e6f66161c2aa98746687190 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_m68k.deb Size/MD5 checksum: 49768 39d4529ec4e27e2fdc75de762c5643fa http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_m68k.deb Size/MD5 checksum: 107660 0659ab018fbf062504348fc63ef97cc6 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_m68k.deb Size/MD5 checksum: 147864 b86ebef3ec1541aeabc20be31e503049 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_m68k.deb Size/MD5 checksum: 305872 1fc4f6385b5196c1c892731eac06f5b3 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_m68k.deb Size/MD5 checksum: 122106 c60b71edc9196adda91d40c4b84a908e http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_m68k.deb Size/MD5 checksum: 174180 6d750c072a8d641bd661ea5c688199f3 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_m68k.deb Size/MD5 checksum: 53478 74055ea66e27e24d79c824691da8fe0f http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_m68k.deb Size/MD5 checksum: 88692 074a5c747c652e7ce8d911077ca5586c
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_mips.deb Size/MD5 checksum: 145108 f432457761497dcfd8e1ba6fe7ac43fa http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_mips.deb Size/MD5 checksum: 164386 512e3b183ffc5f121f82981f32235377 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_mips.deb Size/MD5 checksum: 57750 d827cf9980ed4eba196dedf93e7d9b5d http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_mips.deb Size/MD5 checksum: 680860 b4718176172f14d54d2a4662ae28e534 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_mips.deb Size/MD5 checksum: 128738 a9592a522e7cc0f6db4c121ac04db438 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_mips.deb Size/MD5 checksum: 65060 9b5613121aff8f341cb2dc3786b28d78 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_mips.deb Size/MD5 checksum: 103404 eb3ca8cddb900bd4dfdb10b67ca9622c http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_mips.deb Size/MD5 checksum: 225708 d09d386a5705b48584ffd51b0127883d http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_mips.deb Size/MD5 checksum: 355178 359ca6a220b6a9e7af7b949e7a64fb5d http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_mips.deb Size/MD5 checksum: 80956 407fec89580608afebb4ff89d95bdf72
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_mipsel.deb Size/MD5 checksum: 146678 76f8820a81a1c068ab60348f1302d087 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_mipsel.deb Size/MD5 checksum: 103808 db8b0c06f58646093ca80554061cc0d1 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_mipsel.deb Size/MD5 checksum: 65266 c27b18832cafb60109ba97e529706a53 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_mipsel.deb Size/MD5 checksum: 226540 0ddfa3be4f63eeb0066682928c193996 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_mipsel.deb Size/MD5 checksum: 82060 2479f67cadc3533fb499507fc1977b5d http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_mipsel.deb Size/MD5 checksum: 355120 d1644230bb4cc0788a04f5f0c8eb961c http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_mipsel.deb Size/MD5 checksum: 58164 5dcd7db602701983272b2fbb0db88864 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_mipsel.deb Size/MD5 checksum: 130098 472042e34a7ac48352205df510767ddd http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_mipsel.deb Size/MD5 checksum: 165632 3074194d27a16bd4e737a9462d6a217a http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_mipsel.deb Size/MD5 checksum: 682776 b0046283d8860fc6c8fe968b335ff463
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_powerpc.deb Size/MD5 checksum: 61758 9496fefe85772ad549b84ae523c56e77 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_powerpc.deb Size/MD5 checksum: 217812 c5aa73b8513a3698002cc3cedfeff012 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_powerpc.deb Size/MD5 checksum: 105320 3677c003bd4c271bbe3daef5cf8f52df http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_powerpc.deb Size/MD5 checksum: 143838 61244dbf640bd19ee1cc738ee7b44b34 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_powerpc.deb Size/MD5 checksum: 57018 9afa2ba534be545b9d76d1f69c8e5468 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_powerpc.deb Size/MD5 checksum: 165746 74c29add119101782727226dc9200db0 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_powerpc.deb Size/MD5 checksum: 634906 93dd67378ead6cb763cc304516cbf632 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_powerpc.deb Size/MD5 checksum: 353104 c5b16a1f26d01435b2bcb540b5b97730 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_powerpc.deb Size/MD5 checksum: 82702 f728717a6a25b233526ad69934e376f4 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_powerpc.deb Size/MD5 checksum: 126246 da0e3adca803929ae44fad884949cbe2
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_s390.deb Size/MD5 checksum: 214176 9c4b2684ce790d6544d078efde32f5d3 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_s390.deb Size/MD5 checksum: 132996 1ed627f09d5b25bb3eaaaa4148207d7f http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_s390.deb Size/MD5 checksum: 63428 332d6f0c94eabdca1df666a3ec0c6184 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_s390.deb Size/MD5 checksum: 57214 f518a8dd4336c3916bb8c533bd8b6301 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_s390.deb Size/MD5 checksum: 624898 27ed5f1406b97c3a429ed6cc41a5421a http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_s390.deb Size/MD5 checksum: 99652 0e49258823390960faaf06522ab8f1cc http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_s390.deb Size/MD5 checksum: 376188 ec0fdc218fbe9c53fa5aaec87667b5a7 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_s390.deb Size/MD5 checksum: 82370 3a26a1e22c24add8b16498a641444a77 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_s390.deb Size/MD5 checksum: 180336 34967e4eb80a75b18a23a9f3bf05bb5f http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_s390.deb Size/MD5 checksum: 121318 883136f99bce1a8f9f413dc3d68f5762
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_sparc.deb Size/MD5 checksum: 576786 3c142ce93bd9b408ea9a6d6046e3d067 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_sparc.deb Size/MD5 checksum: 58950 91be8dfc1160f334f0ed514eaeddb3c4 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_sparc.deb Size/MD5 checksum: 53520 89ceeef920ad596b129365a1f6876818 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_sparc.deb Size/MD5 checksum: 73596 cca4a24557097c3be9dc611d686d0688 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_sparc.deb Size/MD5 checksum: 93348 0a954f5b7f637eeaea3b656699314b99 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_sparc.deb Size/MD5 checksum: 114068 e7a1986874465f458987516f27a705d1 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_sparc.deb Size/MD5 checksum: 157712 2c8a0b75fc4982ee9265d2dd8cab2cc4 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_sparc.deb Size/MD5 checksum: 126780 d6faa238b06d1ff65c6b20b54c7b4fac http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_sparc.deb Size/MD5 checksum: 194584 39322280b333988d5cce973c7c00cdad http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_sparc.deb Size/MD5 checksum: 330436 27d8b24e5a2bbb57d8078c7b1d391d53
Debian 4.0 (stable)
Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch5.dsc Size/MD5 checksum: 876 e8f30ac6b710091985a2b669632ca174 http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4.orig.tar.gz Size/MD5 checksum: 11017910 a675e5953bb8a29b5c6eb6f4ab0bb32a http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch5.diff.gz Size/MD5 checksum: 1590551 c7d7bfb6aa34876ec8b5d0767ed65c2d
Architecture independent packages:
http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.4.4-7etch5_all.deb Size/MD5 checksum: 1806352 0e3b03d93b1a62a41f9d004d3f6a69eb
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 76136 61c8f8b99cd2c5e08fe20121d5a33119 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 461032 12fe64d352941f674f01b875532ec91f http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 91648 ee8cf04beb8687f4afc0684fbed232e9 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 1087614 dc627be2679028513f541ab0db184758 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 245650 57d128cab47e74d75ad56da8b81866fe http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 154868 4cac528d66a64df26a385bb15552061c http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 136110 a0d904994baba8064c640014e238020c http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 216328 7e96a8117e5397282f9027dc99fee308 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 89690 a14489d539fc5274175e92b8c1f99cc4 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 65866 c153e17e3514e566d1b719bd4941c3f2 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_alpha.deb Size/MD5 checksum: 1017046 543b2403aee468ad0a1692708de9a587
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 83852 4e7e51683f130dfdbaaaa2b6bbdfd70b http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 61474 5ed45d3180ad5cda0839f53d8d9fc716 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 768634 4f227f866f481d0a11a90b1a41d14bbb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 141926 5944b339ff70c630a2d04026dc8a436c http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 68170 d5b5cc9a99c26889dcf685f88cc92a9a http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 129822 8f01b6b85827382fcb2ac54b561a1ec0 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 222262 b16ea5bddeb302c73844a465d5b27020 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 1072208 5458abcef1aa9174a703a51d9910bf42 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 190378 b663d232374d5d8ea6a1aeb6596e1e66 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 426424 39665f5600ac062e43d78823f79016a6 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_amd64.deb Size/MD5 checksum: 86108 786e35f5915b137445eb034ef1f53eee
arm architecture (ARM)
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_arm.deb Size/MD5 checksum: 1013602 3087dae461053141fd9099ba1bf1f520 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_arm.deb Size/MD5 checksum: 63418 6d76005bc5336972fff07aa9961bcbca http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_arm.deb Size/MD5 checksum: 682712 20f548e7e7fe59ffc450c46c58b73fd1 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_arm.deb Size/MD5 checksum: 136110 b1774fea7cea371790dc1d7b9a293395 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_arm.deb Size/MD5 checksum: 173154 785af0fd07d78658edb4a4c25082ca22 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_arm.deb Size/MD5 checksum: 59834 e369f2b68c8090e91191718d207da76d http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_arm.deb Size/MD5 checksum: 206238 c69f58637e68a2d455750e32b5b770c0 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_arm.deb Size/MD5 checksum: 390054 b972d264ad97b69120ee4e4d898f3055 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_arm.deb Size/MD5 checksum: 81426 82979ab1f34edf407dc1a32f4be2a911 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_arm.deb Size/MD5 checksum: 123540 f9534a82bfa054018029c9a3934fc121 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_arm.deb Size/MD5 checksum: 78826 62163e751d27902012a16758fbbf67e0
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 1050680 8ea8f26032837464c794e615623ac59e http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 87564 ec92090e89dc2c03500c52cbd188e4c3 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 441724 6cc26ce6c3e4fa233222786b15bc08ac http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 64206 fa4e68946117f10d2dbbcea75fabe5d0 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 132802 23e6e453b5943c8df76fd87a18fe2182 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 85370 9011819683422a091d363e0d0064e82e http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 815220 652f24a16193c3d8bf9f128000888850 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 145028 88cb8fd42c037cca495bb200a8d5bacd http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 69692 0ce8e82456cc62420ba31f7ce0aa3a39 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 201216 b7aa6c970117a632b2e60d14829ba7b7 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_hppa.deb Size/MD5 checksum: 232082 7a823371e31f4b3e937a4e9d7a83d09b
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_i386.deb Size/MD5 checksum: 80306 8c8461beb8bd866080134bf1a25ef557 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_i386.deb Size/MD5 checksum: 62446 22a83f7567df841b9f34ffc133534a64 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_i386.deb Size/MD5 checksum: 133360 5e72e490c20ac03f49b7fd6921047048 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_i386.deb Size/MD5 checksum: 680166 991c24aa3b8e2d82f07e49865d70119b http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_i386.deb Size/MD5 checksum: 408376 f375a2157e2b1de2eadecbb2f03c8637 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_i386.deb Size/MD5 checksum: 174112 f9efe4ee2c52dba6806f548d778e0f53 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_i386.deb Size/MD5 checksum: 58050 b99734e1b92043a8cc816c588b04fce5 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_i386.deb Size/MD5 checksum: 196558 0b03b5d3920efa1c5efbf8cbe3901f15 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_i386.deb Size/MD5 checksum: 124206 21cc6d63e1eeaeb9deb70e227d61d84b http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_i386.deb Size/MD5 checksum: 1037936 a1a2470171c5403563ed285be9caaa9a http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_i386.deb Size/MD5 checksum: 78598 80b9f57c39a90e17b67480271ec8cc2a
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 305920 940370e13598d9c00b123f97aa3f09ad http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 164602 6dd81cf1a5487ad63e2ab3cf1ce342f1 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 112994 4ccb79847d301064e5e6496f2577b5e5 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 80324 88cc01f93ed8fe3b9c9861176050f004 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 105592 8745ddb42d7cb7afb95ef4f946a26c60 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 1088562 0d2cdc97965b7827a78bca972aed38fd http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 91338 40c9d44d05f3262c1a5d6950c4255e16 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 269600 4acf36a3831bd4d2bb0af4d9130d0f27 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 1043576 6e487c186d462bc98b8ccdfbb5891324 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 190500 4cc37a9cd6bb13da4ca73f87b60738d3 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_ia64.deb Size/MD5 checksum: 592208 ac3bd63fc244d99757d33c8b8fa8f745
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_mips.deb Size/MD5 checksum: 71184 99f78076e71ddc74b7809de695945048 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_mips.deb Size/MD5 checksum: 128534 d08156f659ccfaa953e612ab0f1be1e0 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_mips.deb Size/MD5 checksum: 86416 a0ccc69288f43974099646a0b4df2702 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_mips.deb Size/MD5 checksum: 807408 caa736a161edf63d4b7b0200642293cc http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_mips.deb Size/MD5 checksum: 81794 820abd7cda885cfbcd651eeb819b6ea2 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_mips.deb Size/MD5 checksum: 176908 eb82211002e6f5fa451b8c6fc72cd8c5 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_mips.deb Size/MD5 checksum: 230468 6498dab212c73d4c618a77b105d40302 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_mips.deb Size/MD5 checksum: 389766 cb2be7e8aa8890f3011c7721474048cb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_mips.deb Size/MD5 checksum: 145004 1d8436cb03bf8df56127ab37a1787096 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_mips.deb Size/MD5 checksum: 62920 610d234fcd0e209b0d2e6c0f3be39f6b http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_mips.deb Size/MD5 checksum: 1112710 5b98f43fa267c04b32bc96927ad868a2
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 87478 dce62567d27548de56ad38615fd5a8fe http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 71596 8cfffdf23386228753133a6d675a75dc http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 131106 22011c6b9dfeaf6318baffbb40b4b005 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 63834 9a2e78369d8fa1d0d8688eb48e443518 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 810348 c36eb2099ac9fd31e57d5693ec8eb92b http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 82652 3699856d5fe3d28c74e0e66469d05859 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 1087382 a5cac22f1da48cbb4c80f7f736b70b2f http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 179494 4a1d3e8cc558c330b9f4a6bded87913b http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 145716 1f45bb37dd7e13ea4c6b21f52c43c657 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 232788 88bc4c67b09b541769a7a00abc5d2688 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_mipsel.deb Size/MD5 checksum: 391848 05272bb8eb78e5e3fa374c9cb6597403
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 222776 d87408739c95de5b207a88550278a0d0 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 1083104 a5a89067cd381199a75e9751be977884 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 143844 488e4411a9d507c14961e8c1a867a18b http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 84364 fd1d52f855615c98fc8d207dcea36d2f http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 137308 16ac4ae9b3a4eec6e584d4b9902771ed http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 399370 2c4951062f1fa124af1a36a8b0c1e761 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 86864 33e72918f1ae2f968537d4e3328237b8 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 67384 3547b618672d7e775018128fa421551d http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 753506 cdc2c41be06d280160c3f7ee8b7f3417 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 61930 dad1ac368a357004137a4beaf0a4f8ba http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_powerpc.deb Size/MD5 checksum: 179574 499b4b287b5726f7a8afea620d5606c5
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_s390.deb Size/MD5 checksum: 63392 7e446e33886543cc1432026dbde49ea8 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_s390.deb Size/MD5 checksum: 87886 02735411cb4acaa71b8aa72bf7d9683d http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_s390.deb Size/MD5 checksum: 438990 5aacff7c6ec54f708cb98fa0718bfcc0 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_s390.deb Size/MD5 checksum: 129266 31c153db1328ee93b97e64bdb01a3cc3 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_s390.deb Size/MD5 checksum: 195506 d3175c75393ac80363919b170e1446e0 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_s390.deb Size/MD5 checksum: 1073530 ac4c767b43f20d304e9683ebfddf3a68 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_s390.deb Size/MD5 checksum: 224438 5a59744997773137c0409af842e7fdf0 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_s390.deb Size/MD5 checksum: 68782 57ed0962a4cf4f2f7c7d60edf52449ed http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_s390.deb Size/MD5 checksum: 140470 8fd23a0ec4c4b5c81c48d7b0228a5fa8 http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_s390.deb Size/MD5 checksum: 82118 7a84a0ceeb5110380a231be90d6f36ce http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_s390.deb Size/MD5 checksum: 733368 6a3ea5e404cebc11888aaad6fdc2cedd
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 131724 561314d157da780fc7de7c06524e8a3c http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 77124 6de298978f0404514a0b16d863efa276 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 961534 754258b22c1eaf83c3167775c3138a58 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 372674 20c48448253a262988a3ca876cfb2931 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 123040 00e2f8c76353547804f9ff516de1f65d http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 680434 6bf7c8d82d481a8d6d9d784f5ed617ec http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 58242 f7e89e959e30e2bd36ac3ce1191a7711 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 63800 21beab0b247e7bdeea2004876f388c59 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 166710 b5127d835935bee8ce49a1154e5fa2eb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 200282 49524ee10fb4d4e7be223a1f25dffba7 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_sparc.deb Size/MD5 checksum: 78204 2462352e5493e856bd8a784ca49f95f0
These files will probably be moved into the stable distribution on its next update.
A flaw was discovered in how the Kerberos krb5kdc handled Kerberos v4 protocol packets.
This issue only affects krb5kdc when it has Kerberos v4 protocol compatibility enabled, which is a compiled-in default in all Kerberos versions that Mandriva Linux ships prior to Mandriva Linux 2008.0.
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt
Updated Packages:
Mandriva Linux 2007.1: 64c3f5c31177dcacc99b021ec6ed1271 2007.1/i586/ftp-client-krb5-1.5.2-6.6mdv2007.1.i586.rpm 11b4194bc9edba8c0951e44660ba9955 2007.1/i586/ftp-server-krb5-1.5.2-6.6mdv2007.1.i586.rpm 23794e6e0cb1d46a329c42a04f672c5f 2007.1/i586/krb5-server-1.5.2-6.6mdv2007.1.i586.rpm 0fbb29bd81c8452d937d30fbbda62242 2007.1/i586/krb5-workstation-1.5.2-6.6mdv2007.1.i586.rpm 8f4eea60bf4ea3bfc776f1c117ceb26d 2007.1/i586/libkrb53-1.5.2-6.6mdv2007.1.i586.rpm fd5b1da0a056d995011d2b1a692e4292 2007.1/i586/libkrb53-devel-1.5.2-6.6mdv2007.1.i586.rpm ca79ccbe3f286b9069f0ae028d9816f7 2007.1/i586/telnet-client-krb5-1.5.2-6.6mdv2007.1.i586.rpm 8a7c84f1fe1bbb5338723f28d12a9f21 2007.1/i586/telnet-server-krb5-1.5.2-6.6mdv2007.1.i586.rpm 22830790ad7715479b7d4fbecc6c1e7f 2007.1/SRPMS/krb5-1.5.2-6.6mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: fc02060b7c1da08c33952e6c14fb5627 2007.1/x86_64/ftp-client-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm 513fca34bdd1f2a5643a8e6adeb62e0e 2007.1/x86_64/ftp-server-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm 4f42d639753a885212e6d62bfe84a121 2007.1/x86_64/krb5-server-1.5.2-6.6mdv2007.1.x86_64.rpm 6b2ca028321fb08199be20a4aedef4a0 2007.1/x86_64/krb5-workstation-1.5.2-6.6mdv2007.1.x86_64.rpm 4d453dc2a579e74e29dfc052197fedc1 2007.1/x86_64/lib64krb53-1.5.2-6.6mdv2007.1.x86_64.rpm b22d9f1b515df1a5270d2d4c373b7dd3 2007.1/x86_64/lib64krb53-devel-1.5.2-6.6mdv2007.1.x86_64.rpm 21b245649de9e38e43782bd1a18922a7 2007.1/x86_64/telnet-client-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm 1322374ab1c15b5c1392ee4ae5f915e7 2007.1/x86_64/telnet-server-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm 22830790ad7715479b7d4fbecc6c1e7f 2007.1/SRPMS/krb5-1.5.2-6.6mdv2007.1.src.rpm
Mandriva Linux 2008.0: 3ee5a309927b830bf8559a872161384b 2008.0/i586/ftp-client-krb5-1.6.2-7.1mdv2008.0.i586.rpm 1835baa43ab27aac2493dc7821bafa8a 2008.0/i586/ftp-server-krb5-1.6.2-7.1mdv2008.0.i586.rpm 5e8369c201ac4678a7bc46590107e45f 2008.0/i586/krb5-1.6.2-7.1mdv2008.0.i586.rpm 94277e76faf2b75553c2e6250e428a43 2008.0/i586/krb5-server-1.6.2-7.1mdv2008.0.i586.rpm 695d5b85347b906401433fa55177be1a 2008.0/i586/krb5-workstation-1.6.2-7.1mdv2008.0.i586.rpm 4696cbae0ce644c265b74ff4ce59a865 2008.0/i586/libkrb53-1.6.2-7.1mdv2008.0.i586.rpm cc8122a1c6a3449fc41d3022bbdffeb2 2008.0/i586/libkrb53-devel-1.6.2-7.1mdv2008.0.i586.rpm d5e75835b35e81a3f7d038e501dabd1c 2008.0/i586/telnet-client-krb5-1.6.2-7.1mdv2008.0.i586.rpm 072b5ba782fbd1659ed8bde15bd11b5a 2008.0/i586/telnet-server-krb5-1.6.2-7.1mdv2008.0.i586.rpm cfd133fde8cc72b038ea61dc94405701 2008.0/SRPMS/krb5-1.6.2-7.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 7a8c1c390b1d1a0b2a8fe28e8fb6a458 2008.0/x86_64/ftp-client-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm 9b312bd49bd858d00d00ec299866a275 2008.0/x86_64/ftp-server-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm 19f7d0590227c4cc636ee5528db8027a 2008.0/x86_64/krb5-1.6.2-7.1mdv2008.0.x86_64.rpm 6a84bc19cb8e32f7331ce4c1ed36dc9d 2008.0/x86_64/krb5-server-1.6.2-7.1mdv2008.0.x86_64.rpm dabaf97b9b36316dc2b69e9edc953793 2008.0/x86_64/krb5-workstation-1.6.2-7.1mdv2008.0.x86_64.rpm 2810bbed78b7480ff48b021a798cb5a1 2008.0/x86_64/lib64krb53-1.6.2-7.1mdv2008.0.x86_64.rpm 734b018e6b05204767d07a7d53ef2c3c 2008.0/x86_64/lib64krb53-devel-1.6.2-7.1mdv2008.0.x86_64.rpm 787fb5ea70eff84b91eea5d68c1e956d 2008.0/x86_64/telnet-client-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm d6224c005bc7c818c117e3fc61643840 2008.0/x86_64/telnet-server-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm cfd133fde8cc72b038ea61dc94405701 2008.0/SRPMS/krb5-1.6.2-7.1mdv2008.0.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUSE Security Announcement
Package: krb5
Announcement ID: SUSE-SA:2008:016
Date: Wed, 19 Mar 2008 10:00:00 +0000
Affected Products: SUSE LINUX 10.1
openSUSE 10.2
openSUSE 10.3
SUSE Linux Enterprise Desktop 10 SP1
SLE SDK 10 SP1
SUSE Linux Enterprise Server 10 SP1
Vulnerability Type: remote code execution
Severity (1-10): 7
SUSE Default Package: no
Cross-References: CVE-2008-0062
CVE-2008-0063
CVE-2008-0947
CVE-2008-0948
Content of This Advisory:
1) Security Vulnerability Resolved:
Problem Description
2) Solution or Work-Around
3) Special Instructions and Notes
4) Package Location and Checksums
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
6) Authenticity Verification and Additional Information
1) Problem Description and Brief Discussion
The krb5 package is the implementation of the Kerberos protocol suite from MIT. This update fixes three vulnerabilities, two of them are only possible if krb4 support is enabled: - CVE-2008-0062: null/dangling pointer (krb4) - CVE-2008-0063: operations on uninitialized buffer content, possible information leak (krb4) - CVE-2008-0947/8: out-of-bound array access in kadmind's RPC lib
2) Solution or Work-Around
Please install the new packages.
3) Special Instructions and Notes
Please restart the kerberos services.
4) Package Location and Checksums
The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command
rpm -Fhv <file.rpm>
to apply the update, replacing with the filename of the downloaded RPM package.
x86 Platform:
openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-1.6.2-22.4.i586.rpm 53f6c9b454e27c47ec4cb32679757c48 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-apps-clients-1.6.2-22.4.i586.rpm 66ee0e785595b000842c5cd2c9162c55 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-apps-servers-1.6.2-22.4.i586.rpm f3fba89b56860b8f46691c69bba8b3c7 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-client-1.6.2-22.4.i586.rpm 193a8298aa8bb866e19e0c48f23e523e http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-devel-1.6.2-22.4.i586.rpm a9b01b5c846e02c588664cddcae4c5c6 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-server-1.6.2-22.4.i586.rpm ff536136c01b5f900aebe6fdc1ec62e6
openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-1.5.1-23.14.i586.rpm 5764e87b834c6a5b8a467fa6aa8ec40e ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-apps-clients-1.5.1-23.14.i586.rpm 94db70009c4c6e099a9807584c701686 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-apps-servers-1.5.1-23.14.i586.rpm 5881c8be92dc3eb215a1e837b6468922 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-client-1.5.1-23.14.i586.rpm c45980b430614c2371dd1ad4f8d21a34 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-devel-1.5.1-23.14.i586.rpm 1c6a45d60e5eabffedc2c1e3e755ac73 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-server-1.5.1-23.14.i586.rpm 03793b23aced1c01d9e2817648d7c777
SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-1.4.3-19.30.6.i586.rpm 51d1c53aaf25a36dd1e2e74662cbabd9 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-apps-clients-1.4.3-19.30.6.i586.rpm 6b4d89a932988685993dba1e87aea95f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-apps-servers-1.4.3-19.30.6.i586.rpm c7ff44ef5a8453d5223da71d670fdea4 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-client-1.4.3-19.30.6.i586.rpm bc0456ed7708ee3ffdc2501e849e9dbe ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-devel-1.4.3-19.30.6.i586.rpm 9942cbbfd032ea80d8a20daa34ce5374 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-server-1.4.3-19.30.6.i586.rpm d4596d47caafa6ea4ee4b4f4e218f831
Power PC Platform:
openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-1.6.2-22.4.ppc.rpm f0d1399edebb3e1d715d84568065130a http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-apps-clients-1.6.2-22.4.ppc.rpm 8e444214994c1e7297b5332d96967ec0 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-apps-servers-1.6.2-22.4.ppc.rpm 2eecfe960c969bf3a3dcce2fcab010f0 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-client-1.6.2-22.4.ppc.rpm 8052a7d7a942545a46fa5e962c562ab8 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-devel-1.6.2-22.4.ppc.rpm 6a118f48123ebfc23715bf797bf8b7d0 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-server-1.6.2-22.4.ppc.rpm fd8f73d6d8757d9ce3dea43997b56b0c
openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-1.5.1-23.14.ppc.rpm 04289bb24041d226f27eb92025b25463 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-apps-clients-1.5.1-23.14.ppc.rpm 731ea1ef473c0d1c8990a8045a9fe587 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-apps-servers-1.5.1-23.14.ppc.rpm f911f86a0d2e8c9da16930525bd8b163 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-client-1.5.1-23.14.ppc.rpm a4c560015bbaddcbc88603e1e194146e ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-devel-1.5.1-23.14.ppc.rpm 64d0f163ebff972f2e70c6cc4d760555 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-server-1.5.1-23.14.ppc.rpm 8b06dc5e5ac5b3fa410559017403378a
SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-1.4.3-19.30.6.ppc.rpm ae1652f3ea622c5c91b0fd1d47b066ef ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-apps-clients-1.4.3-19.30.6.ppc.rpm a389841f387e37732c80d9d5095f9ae6 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-apps-servers-1.4.3-19.30.6.ppc.rpm cb6b4e402570e45767c5ae7a5c26e34c ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-client-1.4.3-19.30.6.ppc.rpm 3a2c13bc932e84f7a451f3a2c77c99f0 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-devel-1.4.3-19.30.6.ppc.rpm b34f9511e269e0dfc2896ac88cf41cce ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-server-1.4.3-19.30.6.ppc.rpm 0263cbb8f0f41e50dacfed082eca0835
x86-64 Platform:
openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-1.6.2-22.4.x86_64.rpm 6df39c9ddfb04cd4889b5f4bb271213a http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-32bit-1.6.2-22.4.x86_64.rpm 77ba221640964cc90ad8e0010ad5c07e http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-apps-clients-1.6.2-22.4.x86_64.rpm fccb50e18045baa2c78165f20eb13eec http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-apps-servers-1.6.2-22.4.x86_64.rpm 3bfd6270a31f2a6a35728bcd274ae327 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-client-1.6.2-22.4.x86_64.rpm 53b3634e9e92255b62a932ed6d30742d http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-devel-1.6.2-22.4.x86_64.rpm 54071b2e12004117b0599f53c4a6027b http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-devel-32bit-1.6.2-22.4.x86_64.rpm 07069062d1e7b140c6774cc2aaa821d5 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-server-1.6.2-22.4.x86_64.rpm b07d395220662db193b6f54753931ccc
openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-1.5.1-23.14.x86_64.rpm 3f2d8918cf5da2cab839bf2c72af1495 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-32bit-1.5.1-23.14.x86_64.rpm 4348a17ec69b6c64c69e11f74fa88a08 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-apps-clients-1.5.1-23.14.x86_64.rpm 433ffcced3ede0163628854ae3296baf ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-apps-servers-1.5.1-23.14.x86_64.rpm c24ab880f1314c1d25f3e9561b204c10 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-client-1.5.1-23.14.x86_64.rpm 6022c2534c50718a2a4fd18fde346daf ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-devel-1.5.1-23.14.x86_64.rpm d82a0204e6e0f5e9d6bcd8f60aa4fbde ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-devel-32bit-1.5.1-23.14.x86_64.rpm 17dc2896ebc7f252e39fc8e23a41abc1 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-server-1.5.1-23.14.x86_64.rpm 45596c22ec6d0c1eebf42f683e4e0cd4
SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-1.4.3-19.30.6.x86_64.rpm 684c7d1363494a7854afd3755bdb2a20 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-32bit-1.4.3-19.30.6.x86_64.rpm b8552a99f0785f1eee434f6d7293731a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-apps-clients-1.4.3-19.30.6.x86_64.rpm 060fac873ba1bc13e4b5b813ae6a6cd2 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-apps-servers-1.4.3-19.30.6.x86_64.rpm 28235a5328a8a982e2a1784793a17863 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-client-1.4.3-19.30.6.x86_64.rpm 056f5e479561d2b831e3dd969261f8de ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-devel-1.4.3-19.30.6.x86_64.rpm d81c85af0ca1812c273bbd1c6ddf3cb1 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-devel-32bit-1.4.3-19.30.6.x86_64.rpm d17b2d40649a83e28afd6a7a3dec96d6 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-server-1.4.3-19.30.6.x86_64.rpm dd8096c153fb51bdd67352cbe8a51953
Sources:
openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/krb5-1.6.2-22.4.src.rpm 6ead1c530f58e6255b1c9ba1b78eb3ae
openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/krb5-1.5.1-23.14.src.rpm add4417c6743a6dd26f35182e85ee956
SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/krb5-1.4.3-19.30.6.src.rpm 2185d5b60fe733640f16a3a561ec6888
Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web:
SUSE Linux Enterprise Server 10 SP1 http://support.novell.com/techcenter/psdb/a1cba9b24d53ae5d2b80a81acd449edb.html
SLE SDK 10 SP1 http://support.novell.com/techcenter/psdb/a1cba9b24d53ae5d2b80a81acd449edb.html
SUSE Linux Enterprise Desktop 10 SP1 http://support.novell.com/techcenter/psdb/a1cba9b24d53ae5d2b80a81acd449edb.html
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
Please read our weekly security report.
6) Authenticity Verification and Additional Information
-
Announcement authenticity verification:
SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature.
To verify the signature of the announcement, save it as text into a file and run the command
gpg --verify
replacing with the name of the file where you saved the announcement. The output for a valid signature looks like:
gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team security@suse.de"
where is replaced by the date the document was signed.
If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command
gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
-
Package authenticity verification:
SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with.
There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package:
1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement
1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command
rpm -v --checksig <file.rpm>
to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA.
This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement.
2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command
md5sum <filename.rpm>
after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by security@suse.de), the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified.
-
SUSE runs two security mailing lists to which any interested party may subscribe:
opensuse-security@opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security+subscribe@opensuse.org.
opensuse-security-announce@opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security-announce+subscribe@opensuse.org.
===================================================================== SUSE's security contact is security@suse.com or security@suse.de. The security@suse.de public key is listed below. =====================================================================
The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text.
SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
VMware Security Advisory
Advisory ID: VMSA-2008-0009 Synopsis: Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues Issue date: 2008-06-04 Updated on: 2008-06-04 (initial release of advisory) CVE numbers: CVE-2007-5671 CVE-2008-0967 CVE-2008-2097 CVE-2008-2100 CVE-2006-1721 CVE-2008-0553 CVE-2007-5378 CVE-2007-4772 CVE-2008-0888 CVE-2008-0062 CVE-2008-0063 CVE-2008-0948
- Summary:
Several critical security vulnerabilities have been addressed in patches in ESX and in the newest releases of VMware's hosted product line.
- Relevant releases:
VMware Workstation 6.0.3 and earlier, VMware Workstation 5.5.6 and earlier, VMware Player 2.0.3 and earlier, VMware Player 1.0.6 and earlier, VMware ACE 2.0.3 and earlier, VMware ACE 1.0.5 and earlier, VMware Server 1.0.5 and earlier, VMware Fusion 1.1.1 and earlier
VMware ESXi 3.5 without patches ESXe350-200805501-I-SG, ESXe350-200805502-T-SG, ESXe350-200805503-C-SG
VMware ESX 3.5 without patches ESX350-200805515-SG, ESX350-200805508-SG, ESX350-200805501-BG, ESX350-200805504-SG, ESX350-200805506-SG, ESX350-200805505-SG, ESX350-200805507-SG
VMware ESX 3.0.2 without patches ESX-1004727, ESX-1004821, ESX-1004216, ESX-1004726, ESX-1004722, ESX-1004724, ESX-1004719, ESX-1004219
VMware ESX 3.0.1 without patches ESX-1004186, ESX-1004728, ESX-1004725, ESX-1004721, ESX-1004723, ESX-1004190, ESX-1004189
VMware ESX 2.5.5 without update patch 8 VMware ESX 2.5.4 without update patch 19
NOTES: Hosted products VMware Workstation 5.x, VMware Player 1.x, and VMware ACE 1.x will reach end of general support 2008-11-09. Customers should plan to upgrade to the latest version of their respective products.
ESX 3.0.1 is in Extended Support and its end of extended
support (Security and Bug fixes) is 2008-07-31. Users should plan
to upgrade to at least 3.0.2 update 1 and preferably the newest
release available before the end of extended support.
ESX 2.5.4 is in Extended Support and its end of extended support
(Security and Bug fixes) is 2008-10-08. Users should plan to upgrade
to at least 2.5.5 and preferably the newest release available before
the end of extended support.
- Problem description:
a. VMware Tools Local Privilege Escalation on Windows-based guest OS
The VMware Tools Package provides support required for shared folders
(HGFS) and other features.
An input validation error is present in the Windows-based VMware
HGFS.sys driver. Exploitation of this flaw might result in
arbitrary code execution on the guest system by an unprivileged
guest user. It doesn't matter on what host the Windows guest OS
is running, as this is a guest driver vulnerability and not a
vulnerability on the host.
The HGFS.sys driver is present in the guest operating system if the
VMware Tools package is loaded. Even if the host has HGFS disabled
and has no shared folders, Windows-based guests may be affected. This
is regardless if a host supports HGFS.
This issue could be mitigated by removing the VMware Tools package
from Windows based guests. However this is not recommended as it
would impact usability of the product.
NOTE: Installing the new hosted release or ESX patches will not
remediate the issue. The VMware Tools packages will need
to be updated on each Windows-based guest followed by a
reboot of the guest system.
VMware would like to thank iDefense and Stephen Fewer of Harmony
Security for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2007-5671 to this issue.
VMware Product Running Replace with/
Product Version on Apply Patch
============ ======== ======= =================
Workstation 6.x Windows not affected
Workstation 6.x Linux not affected
Workstation 5.x Windows 5.5.6 build 80404 or later
Workstation 5.x Linux 5.5.6 build 80404 or later
Player 2.x Windows not affected
Player 2.x Linux not affected
Player 1.x Windows 1.0.6 build 80404 or later
Player 1.x Linux 1.0.6 build 80404 or later
ACE 2.x Windows not affected
ACE 1.x Windows 1.0.5 build 79846 or later
Server 1.x Windows 1.0.5 build 80187 or later
Server 1.x Linux 1.0.5 build 80187 or later
Fusion 1.x Mac OS/X not affected
ESXi 3.5 ESXi not affected
ESX 3.5 ESX not affected
ESX 3.0.2 ESX ESX-1004727
ESX 3.0.1 ESX ESX-1004186
ESX 2.5.5 ESX ESX 2.5.5 upgrade patch 5 or later
ESX 2.5.4 ESX ESX 2.5.4 upgrade patch 16 or later
b. Privilege escalation on ESX or Linux based hosted operating systems
This update fixes a security issue related to local exploitation of
an untrusted library path vulnerability in vmware-authd. In order to
exploit this vulnerability, an attacker must have local access and
the ability to execute the set-uid vmware-authd binary on an affected
system. Exploitation of this flaw might result in arbitrary code
execution on the Linux host system by an unprivileged user.
VMware would like to thank iDefense for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2008-0967 to this issue.
VMware Product Running Replace with/
Product Version on Apply Patch
============ ======== ======= =================
Workstation 6.x Windows not affected
Workstation 6.x Linux 6.0.4 build 93057
Workstation 5.x Windows not affected
Workstation 5.x Linux 5.5.7 build 91707
Player 2.x Windows not affected
Player 2.x Linux 2.0.4 build 93057
Player 1.x Windows not affected
Player 1.x Linux 1.0.7 build 91707
ACE 2.x Windows not affected
ACE 1.x Windows not affected
Server 1.x Windows not affected
Server 1.x Linux 1.0.6 build 91891
Fusion 1.x Mac OS/X not affected
ESXi 3.5 ESXi ESXe350-200805501-I-SG
ESX 3.5 ESX ESX350-200805515-SG
ESX 3.0.2 ESX ESX-1004821
ESX 3.0.1 ESX ESX-1004728
ESX 2.5.5 ESX ESX 2.5.5 update patch 8
ESX 2.5.4 ESX ESX 2.5.4 update patch 19
c. Openwsman Invalid Content-Length Vulnerability
Openwsman is a system management platform that implements the Web
Services Management protocol (WS-Management). It is installed and
running by default. It is used in the VMware Management Service
Console and in ESXi.
The openwsman management service on ESX 3.5 and ESXi 3.5 is vulnerable
to a privilege escalation vulnerability, which may allow users with
non-privileged ESX or Virtual Center accounts to gain root privileges.
To exploit this vulnerability, an attacker would need a local ESX
account or a VirtualCenter account with the Host.Cim.CimInteraction
permission.
Systems with no local ESX accounts and no VirtualCenter accounts with
the Host.Cim.CimInteraction permission are not vulnerable.
This vulnerability cannot be exploited by users without valid login
credentials.
Discovery: Alexander Sotirov, VMware Security Research
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2008-2097 to this issue.
VMware Product Running Replace with/
Product Version on Apply Patch
============ ======== ======= =================
hosted any any not affected
ESXi 3.5 ESXi ESXe350-200805501-I-SG
ESX 3.5 ESX ESX350-200805508-SG
ESX 3.0.2 ESX not affected
ESX 3.0.1 ESX not affected
ESX 2.5.5 ESX not affected
ESX 2.5.4 ESX not affected
NOTE: VMware hosted products are not affected by this issue.
d. VMware VIX Application Programming Interface (API) Memory Overflow Vulnerabilities
The VIX API (also known as "Vix") is an API that lets users write scripts
and programs to manipulate virtual machines.
Multiple buffer overflow vulnerabilities are present in the VIX API.
Exploitation of these vulnerabilities might result in code execution on
the host system or on the service console in ESX Server from the guest
operating system.
The VIX API can be enabled and disabled using the "vix.inGuest.enable"
setting in the VMware configuration file. This default value for this
setting is "disabled". This configuration setting is present in the
following products:
VMware Workstation 6.0.2 and higher
VMware ACE 6.0.2 and higher
VMware Server 1.06 and higher
VMware Fusion 1.1.2 and higher
ESX Server 3.0 and higher
ESX Server 3.5 and higher
In previous versions of VMware products where the VIX API was introduced,
the VIX API couldn't be disabled.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2008-2100 to this issue.
VMware Product Running Replace with/
Product Version on Apply Patch
============ ======== ======= =================
VIX API 1.1.x Windows VMware-vix-1.1.4-93057.exe
VIX API 1.1.x Linux VMware-vix-1.1.4-93057.i386.tar.gz
VIX API 1.1.x Linux64 VMware-vix-1.1.4-93057.x86_64.tar.gz
Workstation 6.x Windows 6.0.4 build 93057
Workstation 6.x Linux 6.0.4 build 93057
Workstation 5.x Windows 5.5.7 build 91707
Workstation 5.x Linux 5.5.7 build 91707
Player 2.x Windows 2.0.4 build 93057
Player 2.x Linux 2.0.4 build 93057
Player 1.x Windows 1.0.6 build 91707
Player 1.x Linux 1.0.6 build 91707
ACE 2.x Windows 2.0.4 build 93057
ACE 1.x Windows not affected
Server 1.x Windows 1.0.6 build 91891
Server 1.x Linux 1.0.6 build 91891
Fusion 1.x Mac OS/X 1.1.2 build 87978 or later
ESXi 3.5 ESXi ESXe350-200805501-I-SG,
ESXe350-200805502-T-SG
ESX 3.5 ESX ESX350-200805501-BG
ESX 3.0.2 ESX ESX-1004216, ESX-1004726, ESX-1004727
ESX 3.0.1 ESX ESX-1004186, ESX-1004725
ESX 2.5.5 ESX not affected
ESX 2.5.4 ESX not affected
II Service Console rpm updates
NOTE: ESXi and hosted products are not affected by any service console security updates
a. Security update for cyrus-sasl
Updated cyrus-sasl package for the ESX Service Console corrects a security
issue found in the DIGEST-MD5 authentication mechanism of Cyrus'
implementation of Simple Authentication and Security Layer (SASL).
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-1721 to this issue.
RPMs Updated:
cyrus-sasl-2.1.15-15.i386.rpm
cyrus-sasl-md5-2.1.15-1.i386.rpm
VMware Product Running Replace with/
Product Version on Apply Patch
============ ======== ======= =================
hosted any any not affected
ESXi 3.5 ESXi not affected
ESX 3.5 ESX ESX350-200805504-SG
ESX 3.0.2 ESX ESX-1004722
ESX 3.0.1 ESX ESX-1004721
ESX 2.5.5 ESX not affected
ESX 2.5.4 ESX not affected
b. Security update for tcltk
An input validation flaw was discovered in Tk's GIF image handling. A
code-size value read from a GIF image was not properly validated before
being used, leading to a buffer overflow. A specially crafted GIF file
could use this to cause a crash or, potentially, execute code with the
privileges of the application using the Tk graphical toolkit.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2008-0553 to this issue.
A buffer overflow flaw was discovered in Tk's animated GIF image handling.
An animated GIF containing an initial image smaller than subsequent images
could cause a crash or, potentially, execute code with the privileges of
the application using the Tk library.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2007-5378 to this issue.
A flaw first discovered in the Tcl regular expression engine used in the
PostgreSQL database server, resulted in an infinite loop when processing
certain regular expressions.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2007-4772 to this issue.
RPM Updated:
tcl-8.3.5-92.8.i386.rpm
VMware Product Running Replace with/
Product Version on Apply Patch
============ ======== ======= =================
hosted any any not affected
ESXi 3.5 ESXi not affected
ESX 3.5 ESX ESX350-200805506-SG
ESX 3.0.2 ESX ESX-1004724
ESX 3.0.1 ESX ESX-1004723
ESX 2.5.5 ESX ESX 2.5.5 Upgrade Patch 8
ESX 2.5.4 ESX ESX 2.5.4 Upgrade Patch 19
c. Security update for unzip
This patch includes a moderate security update to the service console that
fixes a flaw in unzip. An attacker could execute malicious code with a
user's privileges if the user ran unzip on a file designed to leverage
this flaw.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2008-0888 to this issue.
RPM Updated:
Unzip-5.50-36.EL3.i386.rpm
VMware Product Running Replace with/
Product Version on Apply Patch
============ ======== ======= =================
hosted any any not affected
ESXi 3.5 ESXi not affected
ESX 3.5 ESX ESX350-200805505-SG
ESX 3.0.2 ESX ESX-1004719
ESX 3.0.1 ESX ESX-1004190
ESX 2.5.5 ESX ESX 2.5.5 Upgrade Patch 8
ESX 2.5.4 ESX ESX 2.5.4 Upgrade Patch 19
d.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2008-0062 to this issue.
NOTE: ESX doesn't contain the krb5kdc binary and is not vulnerable
to this issue.
NOTE: ESX doesn't contain the krb5kdc binary and is not vulnerable
to this issue.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2008-0948 to this issue.
RPM Updated:
krb5-libs-1.2.7-68.i386.rpm
VMware Product Running Replace with/
Product Version on Apply Patch
============ ======== ======= =================
hosted any any not affected
ESXi 3.5 ESXi not affected
ESX 3.5 ESX ESX350-200805507-SG
ESX 3.0.2 ESX ESX-1004219
ESX 3.0.1 ESX ESX-1004189
ESX 2.5.5 ESX ESX 2.5.5 Upgrade Patch 8
ESX 2.5.4 ESX ESX 2.5.4 Upgrade Patch 19
- Solution:
Please review the release notes for your product and version and verify the md5sum of your downloaded file.
VMware Workstation 6.0.4
http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
Windows binary md5sum: f50a05831e94c19d98f363c752fca5f9
RPM Installation file for 32-bit Linux md5sum: e7793b14b995d3b505f093c84e849421
tar Installation file for 32-bit Linux md5sum: a0a8e1d8188f4be03357872a57a767ab
RPM Installation file for 64-bit Linux md5sum: 960d753038a268b8f101f4b853c0257e
tar Installation file for 64-bit Linux md5sum: 4697ec8a9d6c1152d785f3b77db9d539
VMware Workstation 5.5.7
http://www.vmware.com/download/ws/ws5.html Release notes: http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
Windows binary: md5sum: 4c6a6653b7296240197aac048591c659
Compressed Tar archive for 32-bit Linux md5sum: 8fc15d72031489cf5cd5d47b966787e6
Linux RPM version for 32-bit Linux md5sum: f0872fe447ac654a583af16b2f4bba3f
VMware Player 2.0.4 and 1.0.7
http://www.vmware.com/download/player/ Release notes Player 1.x: http://www.vmware.com/support/player/doc/releasenotes_player.html Release notes Player 2.0 http://www.vmware.com/support/player2/doc/releasenotes_player2.html
2.0.4 Windows binary md5sum: a117664a8bfa7336b846117e5fc048dd
VMware Player 2.0.4 for Linux (.rpm) md5sum: de6ab6364a0966b68eadda2003561cd2
VMware Player 2.0.4 for Linux (.tar) md5sum: 9e1c2bfda6b22a3fc195a86aec11903a
VMware Player 2.0.4 - 64-bit (.rpm) md5sum: 997e5ceffe72f9ce9146071144dacafa
VMware Player 2.0.4 - 64-bit (.tar) md5sum: 18eb4ee49dd7e33ec155ef69d7d259ef
1.0.7 Windows binary md5sum: 51114b3b433dc1b3bf3e434aebbf2b9c
Player 1.0.7 for Linux (.rpm) md5sum: 3b5f97a37df3b984297fa595a5cdba9c
Player 1.0.7 for Linux (.tar) md5sum: b755739144944071492a16fa20f86a51
VMware ACE
http://www.vmware.com/download/ace/ Release notes 2.0: http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
VMware-workstation-6.0.4-93057.exe md5sum: f50a05831e94c19d98f363c752fca5f9
VMware-ACE-Management-Server-Appliance-2.0.4-93057.zip md5sum: d2ae2246f3d87268cf84c1421d94e86c
VMware-ACE-Management-Server-2.0.4-93057.exe md5sum: 41b31b3392d5da2cef77a7bb28654dbf
VMware-ACE-Management-Server-2.0.4-93057.i386-rhel4.rpm md5sum: 9920be4c33773df53a1728b41af4b109
VMware-ACE-Management-Server-2.0.4-93057.i386-sles9.rpm md5sum: 4ec4c37203db863e8844460b5e80920b
Release notes 1.x: http://www.vmware.com/support/ace/doc/releasenotes_ace.html
VMware-ACE-1.0.6-89199.exe md5sum: 110f6e24842a0d154d9ec55ef9225f4f
VMware Server 1.0.6
http://www.vmware.com/download/server/ Release notes: http://www.vmware.com/support/server/doc/releasenotes_server.html
VMware Server for Windows 32-bit and 64-bit md5sum: 3e00d5cfae123d875e4298bddabf12f5
VMware Server Windows client package md5sum: 64f3fc1b4520626ae465237d7ec4773e
VMware Server for Linux md5sum: 46ea876bfb018edb6602a921f6597245
VMware Server for Linux rpm md5sum: 9d2f0af908aba443ef80bec8f7ef3485
Management Interface md5sum: 1b3daabbbb49a036fe49f53f812ef64b
VMware Server Linux client package md5sum: 185e5b174659f366fcb38b1c4ad8d3c6
VMware Fusion 1.1.3
http://www.vmware.com/download/fusion/ Release notes: http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html md5sum: D15A3DFD3E7B11FC37AC684586086D
VMware VIX 1.1.4
http://www.vmware.com/support/developer/vix-api/ Release notes: http://www.vmware.com/support/pubs/vix-api/VIXAPI-1.1.4-Release-Notes.html VMware-vix-1.1.4-93057.exe md5sum: 2efb74618c7ead627ecb3b3033e3f9f6
VMware-vix-1.1.4-93057.i386.tar.gz md5sum: 988df2b2bbc975a6fc11f27ad1519832
VMware-vix-1.1.4-93057.x86_64.tar.gz md5sum: a64f951c6fb5b2795a29a5a7607059c0
ESXi
VMware ESXi 3.5 patch ESXe350-200805501-O-SG (authd, openwsman, VIX) http://download3.vmware.com/software/esx/ESXe350-200805501-O-SG.zip md5sum: 4ce06985d520e94243db1e0504a56d8c http://kb.vmware.com/kb/1005073 http://kb.vmware.com/kb/1004173 http://kb.vmware.com/kb/1004172
NOTE: ESXe350-200805501-O-SG contains the following patch bundles: ESXe350-200805501-I-SG, ESXe350-200805502-T-SG, ESXe350-200805503-C-SG
ESX
VMware ESX 3.5 patch ESX350-200805515-SG (authd) http://download3.vmware.com/software/esx/ESX350-200805515-SG.zip md5sum: 324b50ade230bcd5079a76e3636163c5 http://kb.vmware.com/kb/1004170
VMware ESX 3.5 patch ESX350-200805508-SG (openwsman) http://download3.vmware.com/software/esx/ESX350-200805508-SG.zip md5sum: 3ff8c06d4a9dd406f64f89c51bf26d12 http://kb.vmware.com/kb/1004644
VMware ESX 3.5 patch ESX350-200805501-BG (VIX) http://download3.vmware.com/software/esx/ESX350-200805501-BG.zip md5sum: 31a620aa249c593c30015b5b6f8c8650 http://kb.vmware.com/kb/1004637
VMware ESX 3.5 patch ESX350-200805504-SG (cyrus-sasl) http://download3.vmware.com/software/esx/ESX350-200805504-SG.zip md5sum: 4c1b1a8dcb09a636b55c64c290f7de51 http://kb.vmware.com/kb/1004640
VMware ESX 3.5 patch ESX350-200805506-SG (tcltk) http://download3.vmware.com/software/esx/ESX350-200805506-SG.zip md5sum: af279eef8fdeddb7808630da1ae717b1 http://kb.vmware.com/kb/1004642
VMware ESX 3.5 patch ESX350-200805505-SG (unzip) http://download3.vmware.com/software/esx/ESX350-200805505-SG.zip md5sum: 07af82d9fd97cccb89d9b90c6ecc41c6 http://kb.vmware.com/kb/1004641
VMware ESX 3.5 patch ESX350-200805507-SG (krb5) http://download3.vmware.com/software/esx/ESX350-200805507-SG.zip md5sum: 5d35a1c470daf13c9f4df5bdc9438748 http://kb.vmware.com/kb/1004643
VMware ESX 3.0.2 patch ESX-1004727 (HGFS,VIX) http://download3.vmware.com/software/vi/ESX-1004727.tgz md5sum: 31a67b0fa3449747887945f8d370f19e http://kb.vmware.com/kb/1004727
VMware ESX 3.0.2 patch ESX-1004821 (authd) http://download3.vmware.com/software/vi/ESX-1004821.tgz md5sum: 5c147bedd07245c903d44257522aeba1 http://kb.vmware.com/kb/1004821
VMware ESX 3.0.2 patch ESX-1004216 (VIX) http://download3.vmware.com/software/vi/ESX-1004216.tgz md5sum: 0784ef70420d28a9a5d6113769f6669a http://kb.vmware.com/kb/1004216
VMware ESX 3.0.2 patch ESX-1004726 (VIX) http://download3.vmware.com/software/vi/ESX-1004726.tgz md5sum: 44f03b274867b534cd274ccdf4630b86 http://kb.vmware.com/kb/1004726
VMware ESX 3.0.2 patch ESX-1004722 (cyrus-sasl) http://download3.vmware.com/software/vi/ESX-1004722.tgz md5sum: 99dc71aed5bab7711f573b6d322123d6 http://kb.vmware.com/kb/1004722
VMware ESX 3.0.2 patch ESX-1004724 (tcltk) http://download3.vmware.com/software/vi/ESX-1004724.tgz md5sum: fd9a160ca7baa5fc443f2adc8120ecf7 http://kb.vmware.com/kb/1004724
VMware ESX 3.0.2 patch ESX-1004719 (unzip) http://download3.vmware.com/software/vi/ESX-1004719.tgz md5sum: f0c37b9f6be3399536d60f6c6944de82 http://kb.vmware.com/kb/1004719
VMware ESX 3.0.2 patch ESX-1004219 (krb5) http://download3.vmware.com/software/vi/ESX-1004219.tgz md5sum: 7c68279762f407a7a5ee151a650ebfd4 http://kb.vmware.com/kb/1004219
VMware ESX 3.0.1 patch ESX-1004186 (HGFS,VIX) http://download3.vmware.com/software/vi/ESX-1004186.tgz md5sum: f64389a8b97718eccefadce1a14d1198 http://kb.vmware.com/kb/1004186
VMware ESX 3.0.1 patch ESX-1004728 (authd) http://download3.vmware.com/software/vi/ESX-1004728.tgz md5sum: 1f01bb819805b855ffa2ec1040eff5ca http://kb.vmware.com/kb/1004728
VMware ESX 3.0.1 patch ESX-1004725 (VIX) http://download3.vmware.com/software/vi/ESX-1004725.tgz md5sum: 9fafb04c6d3f6959e623832f539d2dc8 http://kb.vmware.com/kb/1004725
VMware ESX 3.0.1 patch ESX-1004721 (cyrus-sasl) http://download3.vmware.com/software/vi/ESX-1004721.tgz md5sum: 48190819b0f5afddefcb8d209d12b585 http://kb.vmware.com/kb/1004721
VMware ESX 3.0.1 patch ESX-1004723 (tcltk) http://download3.vmware.com/software/vi/ESX-1004723.tgz md5sum: c34ca0a5886e0c0917a93a97c331fd7d http://kb.vmware.com/kb/1004723
VMware ESX 3.0.1 patch ESX-1004190 (unzip) http://download3.vmware.com/software/vi/ESX-1004190.tgz md5sum: 05187b9f534048c79c62741367cc0dd2 http://kb.vmware.com/kb/1004190
VMware ESX 3.0.1 patch ESX-1004189 (krb5) http://download3.vmware.com/software/vi/ESX-1004189.tgz md5sum: 21b620530b99009f469c872e73a439e8 http://kb.vmware.com/kb/1004189
VMware ESX 2.5.5 Upgrade Patch 8 http://download3.vmware.com/software/esx/esx-2.5.5-90521-upgrade.tar.gz md5sum: 392b6947fc3600ca0e8e7788cd5bbb6e http://vmware.com/support/esx25/doc/esx-255-200805-patch.html
VMware ESX 2.5.4 Upgrade Patch 19 http://download3.vmware.com/software/esx/esx-2.5.4-90520-upgrade.tar.gz md5sum: 442788fd0bccb0d994c75b268bd12760 http://vmware.com/support/esx25/doc/esx-254-200805-patch.html
- References:
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5671 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0967 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2097 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2100 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1721 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0553 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5378 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0888 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0948
- Change log:
2008-06-04 VMSA-2008-0009 Initial release
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce@lists.vmware.com
- bugtraq@securityfocus.com
- full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFIRs08S2KysvBH1xkRCMxFAJ0WJX76quFzCV+avwupq3Lu72UKigCfRftj CZvxoXw/sZxDCSDjVzYAhrA= =s04s -----END PGP SIGNATURE----- .
II.
III. Solution
Install updates from your vendor
Check with your vendors for patches or updates. For information about a vendor, please see the systems affected section in vulnerability notes VU#895609 and VU#374121 or contact your vendor directly. Administrators who compile MIT Kerberos from source should refer to MIT Security Advisory 2008-002 for more information.
IV. References
-
US-CERT Vulnerability Note VU#895609 - http://www.kb.cert.org/vuls/id/895609
-
US-CERT Vulnerability Note VU#374121 - http://www.kb.cert.org/vuls/id/374121
-
MIT krb5 Security Advisory 2008-002 - http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt2
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA08-079B.html>
Feedback can be directed to US-CERT Technical Staff.
Produced 2008 by US-CERT, a government organization.
Background
MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. kadmind is the MIT Kerberos 5 administration daemon, KDC is the Key Distribution Center.
-
Jeff Altman (Secure Endpoints) discovered a buffer overflow in the RPC library server code, used in the kadmin server, caused when too many file descriptors are opened (CVE-2008-0947).
-
Venustech AD-LAB discovered multiple vulnerabilities in the GSSAPI library: usage of a freed variable in the gss_indicate_mechs() function (CVE-2007-5901) and a double free() vulnerability in the gss_krb5int_make_seal_token_v3() function (CVE-2007-5971). These bugs can only be triggered when Kerberos 4 support is enabled. This bug can only be triggered in configurations that allow large numbers of open file descriptors in a process.
Workaround
Kerberos 4 support can be disabled via disabling the "krb4" USE flag and recompiling the ebuild, or setting "v4_mode=none" in the [kdcdefaults] section of /etc/krb5/kdc.conf. This will only work around the KDC related vulnerabilities.
Resolution
All MIT Kerberos 5 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-crypt/mit-krb5-1.6.3-r1"
References
[ 1 ] CVE-2007-5901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894 [ 2 ] CVE-2007-5971 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971 [ 3 ] CVE-2008-0062 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062 [ 4 ] CVE-2008-0063 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063 [ 5 ] CVE-2008-0947 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200803-31.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200803-0028", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: null, scope: null, trust: 1.6, vendor: "mit kerberos team", version: null, }, { model: null, scope: null, trust: 1.6, vendor: "ubuntu", version: null, }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "7", }, { model: "linux", scope: "eq", trust: 1, vendor: "suse", version: "10.1", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "3.1", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "4.0", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "8", }, { model: "opensuse", scope: "eq", trust: 1, vendor: "opensuse", version: "10.3", }, { model: "mac os x", scope: "lt", trust: 1, vendor: "apple", version: "10.4.11", }, { model: "linux enterprise software development kit", scope: "eq", trust: 1, vendor: "suse", version: "10", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "7.04", }, { model: "kerberos 5", scope: "lte", trust: 1, vendor: "mit", version: "1.6.3", }, { model: "mac os x", scope: "gte", trust: 1, vendor: "apple", version: "10.5.0", }, { model: "mac os x", scope: "lt", trust: 1, vendor: "apple", version: "10.5.2", }, { model: "linux enterprise desktop", scope: "eq", trust: 1, vendor: "suse", version: "10", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "6.06", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "6.10", }, { model: "mac os x server", scope: "lt", trust: 1, vendor: "apple", version: "10.4.11", }, { model: "linux enterprise server", scope: "eq", trust: 1, vendor: "suse", version: "10", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "7.10", }, { model: "mac os x server", scope: "gte", trust: 1, vendor: "apple", version: "10.5.0", }, { model: "opensuse", scope: "eq", trust: 1, vendor: "opensuse", version: "10.2", }, { model: "mac os x server", scope: "lt", trust: 1, vendor: "apple", version: "10.5.2", }, { model: null, scope: null, trust: 0.8, vendor: "apple computer", version: null, }, { model: "apple mac os x server", scope: null, trust: 0.8, vendor: "アップル", version: null, }, { model: "red hat enterprise linux", scope: null, trust: 0.8, vendor: "レッドハット", version: null, }, { model: "red hat linux advanced workstation", scope: null, trust: 0.8, vendor: "レッドハット", version: null, }, { model: "apple mac os x", scope: null, trust: 0.8, vendor: "アップル", version: null, }, { model: "rhel desktop workstation", scope: "eq", trust: 0.8, vendor: "レッドハット", version: "5 (client)", }, { model: "turbolinux server", scope: null, trust: 0.8, vendor: "ターボリナックス", version: null, }, { model: "red hat enterprise linux desktop", scope: null, trust: 0.8, vendor: "レッドハット", version: null, }, { model: "kerberos", scope: null, trust: 0.8, vendor: "mit kerberos", version: null, }, { model: "asianux server", scope: null, trust: 0.8, vendor: "サイバートラスト株式会社", version: null, }, { model: "mac os x", scope: "eq", trust: 0.6, vendor: "apple", version: "10.4.11", }, { model: "mac os x server", scope: "eq", trust: 0.6, vendor: "apple", version: "10.5.2", }, { model: "mac os x", scope: "eq", trust: 0.6, vendor: "apple", version: "10.5.2", }, { model: "mac os x server", scope: "eq", trust: 0.6, vendor: "apple", version: "10.4.11", }, ], sources: [ { db: "CERT/CC", id: "VU#895609", }, { db: "CERT/CC", id: "VU#374121", }, { db: "JVNDB", id: "JVNDB-2008-001183", }, { db: "CNNVD", id: "CNNVD-200803-310", }, { db: "NVD", id: "CVE-2008-0063", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.6.3", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.4.11", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.5.2", versionStartIncluding: "10.5.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.4.11", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.5.2", versionStartIncluding: "10.5.0", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:suse:linux_enterprise_server:10:sp1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:suse:linux:10.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2008-0063", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Ken Raeburn", sources: [ { db: "CNNVD", id: "CNNVD-200803-310", }, ], trust: 0.6, }, cve: "CVE-2008-0063", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "None", baseScore: 4.3, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2008-0063", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "VHN-30188", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2008-0063", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2008-0063", trust: 1.8, value: "HIGH", }, { author: "CARNEGIE MELLON", id: "VU#895609", trust: 0.8, value: "10.10", }, { author: "CARNEGIE MELLON", id: "VU#374121", trust: 0.8, value: "2.87", }, { author: "CNNVD", id: "CNNVD-200803-310", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-30188", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CERT/CC", id: "VU#895609", }, { db: "CERT/CC", id: "VU#374121", }, { db: "VULHUB", id: "VHN-30188", }, { db: "JVNDB", id: "JVNDB-2008-001183", }, { db: "CNNVD", id: "CNNVD-200803-310", }, { db: "NVD", id: "CVE-2008-0063", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka \"Uninitialized stack values.\". Vulnerabilities in the MIT Kerberos libgssrpc library may allow an attacker to cause a denial of service or potentially execute arbitrary code. It adopts a client/server structure, and both the client and the server can authenticate each other (that is, double verification), which can prevent eavesdropping and replay attack, etc. ), which can prevent eavesdropping, prevent replay attacks, etc. If a Kerberos 4 message is truncated, the missing part of the message is replaced with what was previously on the stack, and some parts of the principal name are read from the string in the message. These strings are limited to 40 bytes or the next ASCII NUL found in the buffer. If the KDC returns an error message indicating that the master name was not found in the database, it will include the master name in the error message, which may contain previous stack contents. =========================================================== \nUbuntu Security Notice USN-587-1 March 19, 2008\nkrb5 vulnerabilities\nCVE-2008-0062, CVE-2008-0063, CVE-2008-0947\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 6.10\nUbuntu 7.04\nUbuntu 7.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n libkadm55 1.4.3-5ubuntu0.7\n libkrb53 1.4.3-5ubuntu0.7\n\nUbuntu 6.10:\n libkadm55 1.4.3-9ubuntu1.6\n libkrb53 1.4.3-9ubuntu1.6\n\nUbuntu 7.04:\n libkadm55 1.4.4-5ubuntu3.4\n libkrb53 1.4.4-5ubuntu3.4\n\nUbuntu 7.10:\n libkadm55 1.6.dfsg.1-7ubuntu0.1\n libkrb53 1.6.dfsg.1-7ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nIt was discovered that krb5 did not correctly handle certain krb4\nrequests. (CVE-2008-0947)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.7.diff.gz\n Size/MD5: 1460317 0090e30287f3448ed9babac78c39d5ca\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.7.dsc\n Size/MD5: 848 237125b6b35a1a059e5573d10fd7c18e\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3.orig.tar.gz\n Size/MD5: 7279788 43fe621ecb849a83ee014dfb856c54af\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-5ubuntu0.7_all.deb\n Size/MD5: 853222 dfd657a08b13ce0f3916e49ab8e3ce28\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_amd64.deb\n Size/MD5: 190904 e9e05267f551177f3c7cae46fdda9565\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_amd64.deb\n Size/MD5: 768706 79270ab27ac164fc4c76822e1dc0be2c\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_amd64.deb\n Size/MD5: 425714 d8467d288bf46cdfa35ba74e6aa0ff02\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_amd64.deb\n Size/MD5: 80378 b2d795bc82f8f962ceff0afdd11060da\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_amd64.deb\n Size/MD5: 223230 73161771034af58dc6d0cd0c4be72fa8\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_amd64.deb\n Size/MD5: 60376 f0712ab86caf1d9d9e52ff3750afeddd\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_amd64.deb\n Size/MD5: 135158 34b51b738a69c2aeb9df20e0af93e9bc\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_amd64.deb\n Size/MD5: 85274 265b8ad9968001e5c984743650d635ac\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_amd64.deb\n Size/MD5: 67600 bd5c7020310f1bd70f8dc98864c2961c\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_amd64.deb\n Size/MD5: 129906 0f0383de4d51d8581a260021c3332f72\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_i386.deb\n Size/MD5: 165730 8128a78d17cd98c4ccfa086b390af167\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_i386.deb\n Size/MD5: 647222 96672590753337d39b1aadc24dac0531\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_i386.deb\n Size/MD5: 381120 af9c45400c55b68778f3b769c238548d\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_i386.deb\n Size/MD5: 72298 754b91046e7e47bb0f2aa58cd2ca3797\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_i386.deb\n Size/MD5: 187240 d7e5a8b1a077776309282bc328aab885\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_i386.deb\n Size/MD5: 54326 1137dd0e4209cf7edb38ff327feb342d\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_i386.deb\n Size/MD5: 121564 9e36fe3a9567176b2e224a45e55017a0\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_i386.deb\n Size/MD5: 75920 cd8854a9ae911eaa1c82eaa945b3d175\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_i386.deb\n Size/MD5: 58720 eaf05e05f40183c066e294bec431bc61\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_i386.deb\n Size/MD5: 119078 67a73b248bf33afee23ffb885f5d2e18\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_powerpc.deb\n Size/MD5: 177716 b834ad9d37a2e3dfa44d086c6dcbfbc9\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_powerpc.deb\n Size/MD5: 752002 22dd063609b942c4996c56a3f74b266c\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_powerpc.deb\n Size/MD5: 395914 b4fde9f81a08aa112f48b38f1d7faf9c\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_powerpc.deb\n Size/MD5: 80530 7e55073ee6b67ba12f0ed48d0137e73c\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_powerpc.deb\n Size/MD5: 220582 482d21e5007a1876bf6af64e434b4942\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_powerpc.deb\n Size/MD5: 59574 4f47514f7992a292c162f40f8a174ee6\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_powerpc.deb\n Size/MD5: 135962 0e23ea255a84c3a580e0d7e6b0da9546\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_powerpc.deb\n Size/MD5: 85120 e07cf29268ba053833122cca9ed79d8d\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_powerpc.deb\n Size/MD5: 65990 3c4f25017e0760f4dd10404e604087a8\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_powerpc.deb\n Size/MD5: 134952 7096226ce8ce15dd20c6ed933888d56e\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_sparc.deb\n Size/MD5: 165278 5c8580725c8a200f24173d38dfce388e\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_sparc.deb\n Size/MD5: 678538 4002d8655a43f5784d5e9c95bc5b4f76\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_sparc.deb\n Size/MD5: 368726 5ee45e24f0ac54d79a55c20674b2887f\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_sparc.deb\n Size/MD5: 73042 672530bb7218c04a67e23d1053757050\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_sparc.deb\n Size/MD5: 197404 ea257178102f6b7732ef12538ead3e24\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_sparc.deb\n Size/MD5: 56304 855c59021874c714bd4e2605de10d5a6\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_sparc.deb\n Size/MD5: 124374 7d8f7f84b2c1648b63129ba342389d75\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_sparc.deb\n Size/MD5: 76922 142ed0e2c119d596c5437ac8f9042064\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_sparc.deb\n Size/MD5: 62350 db681a03624a21a34425fea9f6fa9ade\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_sparc.deb\n Size/MD5: 120620 ebe2ddf8dc131cf6e3322e1cb125f2f3\n\nUpdated packages for Ubuntu 6.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-9ubuntu1.6.diff.gz\n Size/MD5: 1481707 dc6dd5cd6d4a125e2fa70b9ebc3f8b12\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-9ubuntu1.6.dsc\n Size/MD5: 883 8fdcf0af1cc631c882a44ae0214e0b6f\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3.orig.tar.gz\n Size/MD5: 7279788 43fe621ecb849a83ee014dfb856c54af\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-9ubuntu1.6_all.deb\n Size/MD5: 853934 f3a7a044bedb974b32a46708774ec894\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 190826 7772b734a889ea97cf052de39072cead\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 1073390 bedf0987fe159bc38c30663ad966d0ac\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 772708 5cc8e489a0f6fcca17c3e0d8b9588879\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 428050 11b4c2211b18453bd2a662a297569f49\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 81790 06f349106755cc19cfb3f29fcc7228f8\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 224408 59491e595a544a84463a6deec8305f66\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 61620 f58dcb4c09e4c96f3db5bfc8172fdffa\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 139116 31943a9766f657fd47ac1aded48d49d6\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 87426 1033408d2692b38926947f8ae85e1515\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 68116 291db335b868748c933a7c67e6add6a7\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_amd64.deb\n Size/MD5: 130628 a2cb3cd3ee9ede8c3c10e695fd8148af\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 173062 e15aa9368fc4e4ef4562a23cc1780484\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 1024998 798f81a00c59842cbc2c8ea8cd4b9a5e\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 673152 671e72c1eb7645dfda924c77949610dd\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 404172 445f952e23f810f6de10773a01fd68ae\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 75380 0b3cd4b087f56ebdd527d61194cf7fc0\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 196506 bff3435e0da9aecff7a26d73e712937f\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 57136 3fafa3cd2cd2792e740c4d6976a881de\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 129352 7e190df154981717bf711697c5042cd4\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 80102 94a76cc7807e9d6598b4a452a7fbb738\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 61928 b7fdd344e683ce45be88f8fa43290175\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_i386.deb\n Size/MD5: 122208 eb1ec6653d6d790e23dbcc14cd98f5f7\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 180126 f8e5d077ee06234bbb9881beb9d49f36\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 1076974 4752e5e87fdcd67fcb0f1ee2c35ddf80\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 758400 73ed6c35fbdcf1866a65a6198df8ca82\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 399112 1fdd3a0a2a45bd410a1f4e72713a0e1e\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 82420 446cda40d1590c088e2fc83118a58e13\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 223182 8e6f5f3062fe3cfb113db73bc8a1a89e\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 61826 b4ad931a1a1d48b668a972893502cd67\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 141210 8892626a667e0010a0cba8fe19df958f\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 87318 c7306114bbb195c221962abc469a1d42\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 67222 b99ea3def960bdc849376c508e263f0d\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_powerpc.deb\n Size/MD5: 136888 1c651e27011fa9c25ea87960b40ffe1b\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 167176 0f2f57754f3e012257a6fef890a23767\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 957816 2ef6010c70801e7b0dd5e633a08e3fac\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 685238 a68016ffc9abcd0eab3f7f1ae323e83e\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 374074 d5ff62adb392f5be8b29c2e1056f6f92\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 75210 9611a07b489b518605a9550b27b3dd7c\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 203684 89d989c5db437eba6e9e56fc9bf7dc93\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 58980 b9d7f11d5c491595c90006ae7c039935\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 129664 acf15ad70331066092154952cbd7754a\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 80428 8409c34ee32612d48e8936618118bab7\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 63612 64b2987c2aee57159bc092c5fe37a25b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_sparc.deb\n Size/MD5: 122730 95db549e03f3bc30995d566f8ea7edac\n\nUpdated packages for Ubuntu 7.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.4-5ubuntu3.4.diff.gz\n Size/MD5: 1589880 e20eef948656a29a255b557af6e7817b\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.4-5ubuntu3.4.dsc\n Size/MD5: 968 971223b33ae8631f013c20a3c8867805\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.4.orig.tar.gz\n Size/MD5: 11017910 a675e5953bb8a29b5c6eb6f4ab0bb32a\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.4-5ubuntu3.4_all.deb\n Size/MD5: 1806176 c34d13b6877a21c426a85719a6ecf6a0\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 194368 2b6345b614c38e353a3ec4abd2957e6d\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 1076886 d4e2d9d77afd78df99d96a6541730527\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 772608 c3f93d5b94e84df6faac86b701f9836c\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 436580 f7e6430bf6f628592596b44e7341af30\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 83772 ad232225b5bbc88f1e0f5bd55916de24\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 226770 34e47342c392be9006254e15fc0258e3\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 62258 c71fecc4d7bd6e3191c08a19cbf07aa5\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 141840 33ec180078e9b8e1f80fca5f26c1d558\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 88380 64572d633f1a84999b2205bd6958206c\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 68890 dcabc2bcaac75b7e226c9090a82207a0\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_amd64.deb\n Size/MD5: 132614 f129069e4dd68ccf7801c717603713ef\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 176870 9e0e200bdff3119ef8488f9a5bf62e7c\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 1031008 8a80209f195b2eb787236e0dcd8aaa23\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 672020 7b5b4e1643b5802b2bbfab006d0e6d7a\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 412036 213c308bef9eaa6762ab755da6e7442a\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 77328 295e5ed2c0c2366fc6b3d343607ae431\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 199040 1b0a50f1bf8e421d9838acea254c6c26\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 57780 96ae66401532d513b4333c3429f6e2eb\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 131900 fc29493488e6311a94cfa5ec2c5ac7a8\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 81008 0c2bd14ee6534cad097d5d80200cc94a\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 62650 8d1f1316f52fe066626f0fde07f8b990\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_i386.deb\n Size/MD5: 124088 de985ccf04486e2043c2324affbb18af\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 194590 f63db5ccc5825220d5014b1d7eda0ebe\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 1082008 3501eca4bc0d14b39fbc662ee20ab7cb\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 757006 169816425e730c69266d39518fb718f8\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 429982 24a79674c75e6f9731d34468ad86e27c\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 90254 936f19b572498c2de200fd3e323657de\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 240274 eb844e20839937a3ccad330429ba1840\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 65452 dffc482a088d83a0100e78e69f332bb8\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 153794 308fc25b452cb374f7b45a472784761b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 96692 9566a692d6f8a6d47e9f60e25d13927d\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 70680 4949b60728fc08134113f744738a293c\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_powerpc.deb\n Size/MD5: 150262 dbf317c0added0c3faae6710b8026fc8\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 170940 967a1344994914065dc904da571a2aef\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 965784 bd503df54b8c9afcb4e5a6a375ce7fa8\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 683396 939cb2731116dc8718ea4ebc996b5c7e\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 380910 5b46d8169ecc2409caad5dd4feacdc2b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 79084 e3da961bcea67ff2c217008d141075cf\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 210904 688aeb4162f4dcf86768ddd299cf6625\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 60996 e20fcf5e2b4bab548fe8e0836aff86eb\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 135846 55612458a19bd82331991bbb672f74e9\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 84546 f1fc527ed376549516113ae94ca7d0fb\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 65282 7726043628cc103faccb839be0def042\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_sparc.deb\n Size/MD5: 127130 edddba0066c5bab862847c750a231a51\n\nUpdated packages for Ubuntu 7.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.1-7ubuntu0.1.diff.gz\n Size/MD5: 1674637 40fa0c4bdf307c7e5d9509be9870434e\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.1-7ubuntu0.1.dsc\n Size/MD5: 1044 2c6766c8721cf2e3caa259cdb5badf10\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.1.orig.tar.gz\n Size/MD5: 14474321 8f8d6a494380f01a7a0a9236162afa52\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.1-7ubuntu0.1_all.deb\n Size/MD5: 2076606 1c021446b5f479717a4998df0f87f205\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 165034 78f040deebe1683f8966347e9896fce8\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 1308970 04db0004a99e7e0d01b37d922f47df1e\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 88606 6509d222135bfaa05ebf79db1f63c2a7\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 493016 54a329e5f8464d5f519ac225f4d5d778\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 87824 cac8d5d1297bb71c52a877cf0b85c393\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 228534 d6c15467cf49d74831ac0ea494eec6f9\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 65864 563aaa90bffe6ff07ff8db56cff826f8\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 185182 e1f4910f7b6fca6655696a0bb7169d7b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 91334 c1c20f704f98f19212cfa70ac9edf193\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 72950 de7748ddb5f7cd3f0744eb77770fa3e0\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_amd64.deb\n Size/MD5: 137592 99c3b6d671ae7f0439f379d5b2688659\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 148364 a3e27e81c7e81f627d05c708faae402d\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 1266912 2696e89ea8cf6e857e36ee740fb65ea0\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 88624 9970f2076c76427dd0cbf217b6a6bba0\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 462068 bd3623332d7737858d0fe5918ef8838d\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 81192 d4a4e0e7358f626abc0dbb81575071f6\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 199624 5a24164123aaea818f2d40c41186fdf7\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 61098 8cc21c42ff5dd534f7158c4c750a498e\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 172178 319f2ba5ea41bb97a125049f17154ac4\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 83634 049a305ea62a45ec23b65dbcd04e85fb\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 66538 a0c51897ca2c55ee7ec2447465121f5e\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_i386.deb\n Size/MD5: 128624 df48b843cf7ab20fc4696d36bba2fe6e\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 162676 0c11613a3d49190eb92074c27833f4c6\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 1320150 c2a537a9acf0ebf7b08764506136d37e\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 88634 eedc4522ba18dfed6fd2483cf8dd0379\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 482868 4d015493346726e61cd0cf9525e2b1e5\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 94492 50526cbb8952316a7b9195edcf148fd3\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 241802 99608692096cfa0e88372013a1b41517\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 68960 fc1d60376ba03106488b098f4b5ea624\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 198522 24b5f7bb74e3d978888dd1cdd065f881\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 99412 ca441f559a1e11b55c3ef52c54ede8ca\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 74666 0657bf76d80f969330c5391d65291baa\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_powerpc.deb\n Size/MD5: 155750 967a3ce3bc4fe5383a2a4f6a54ac686a\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 145672 b78635a0dbdb4d4d76c7e6d7ee4cb2fa\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 1200060 c280c5257a62a657ba79ac09ed62e4ff\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 88620 9b75ff80509a5b3435f7d6f30b19ac9b\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 431168 3c7606d6ced441110ab47b16de3542fc\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 83030 cc47e0b9c435c5802a2352cb203c435c\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 211104 bed40b53469b42c5a65a1f0640ae4d2f\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 64404 13877024ad747d0ce0a696210217f170\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 172948 8fd8903c9b1caa12ebe73c7c6f86de98\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 87474 c3f94c62f987a7a6d50f9d5344e59cff\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 69196 97040973c460c004ee83b7ba19ddfc88\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_sparc.deb\n Size/MD5: 131692 c12abe7485457bcd0ebe5cf3ecfcc850\n\n. It is theoretically possible for the exposed\ninformation to include secret key data on some platforms. \n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.4.4-7etch5. \n\nFor the old stable distribution (sarge), these problems have been fixed\nin version krb5 1.3.6-2sarge6. \n\nWe recommend that you upgrade your krb5 packages. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\nDebian 3.1 (oldstable)\n- ----------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6.orig.tar.gz\n Size/MD5 checksum: 6526510 7974d0fc413802712998d5fc5eec2919\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge6.diff.gz\n Size/MD5 checksum: 673705 93382126a3c73ac44ed7daa7d85f166d\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge6.dsc\n Size/MD5 checksum: 782 0391aaf485ef1636ef18c6ba183c3fbe\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.3.6-2sarge6_all.deb\n Size/MD5 checksum: 718916 ca2fb37b53a19207f1e1f1de90c4c1f3\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_amd64.deb\n Size/MD5 checksum: 137834 d43e9d3f3ef65fe8c8cbbb7b5dcbd144\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_amd64.deb\n Size/MD5 checksum: 177730 947fb82dd795f9272935ea4cb027e543\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_amd64.deb\n Size/MD5 checksum: 124864 4f1d0aa9d18013023f4a9f2b9a10db65\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_amd64.deb\n Size/MD5 checksum: 104886 15037693de0d9dc27460d713b547872a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_amd64.deb\n Size/MD5 checksum: 63606 c4cfe2b01bfe0b579b216210817c4fa3\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_amd64.deb\n Size/MD5 checksum: 369420 c8d1eaf98400880ff82f727fe20f90cd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_amd64.deb\n Size/MD5 checksum: 82806 30230dfe2605b88fdeac8811d408acdb\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_amd64.deb\n Size/MD5 checksum: 57048 741292984684fddae11e130dcd388161\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_amd64.deb\n Size/MD5 checksum: 652378 d8f3493f4354e0b3717ffc72d6592b88\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_amd64.deb\n Size/MD5 checksum: 216990 0df13c59411cf57b86bd94e250cf458e\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_arm.deb\n Size/MD5 checksum: 115684 ef39b71c5ecf4187e24d27c1111c9a54\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_arm.deb\n Size/MD5 checksum: 633330 08566aa29ab8d56e26070137a16731a4\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_arm.deb\n Size/MD5 checksum: 158874 4f60129aa092ea3d750deb168299abe7\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_arm.deb\n Size/MD5 checksum: 54134 e23173f4ad3a59af03fbab0369a714a9\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_arm.deb\n Size/MD5 checksum: 58252 255394fcc06d13b6dabc2e87c91dac02\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_arm.deb\n Size/MD5 checksum: 198848 aaba0529c817ff11728515f5a116f71b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_arm.deb\n Size/MD5 checksum: 126814 85d31333aa01c4ab1f7b14ffaaa4c08b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_arm.deb\n Size/MD5 checksum: 74940 706b7cbfb01d66cbdb371a9019b3f725\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_arm.deb\n Size/MD5 checksum: 329190 a661364db9bd2d5c5340a0c6a5c939f4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_arm.deb\n Size/MD5 checksum: 93938 04dc96993c79d0113a0626a4439c8cbf\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_hppa.deb\n Size/MD5 checksum: 125154 afd4a9608fff5b1b3e793881bb2c9c2c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_hppa.deb\n Size/MD5 checksum: 64286 b85cf8b5680c12c093ff34150623a3a0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_hppa.deb\n Size/MD5 checksum: 59368 3df43bbb40e060d0522495ff3e78412d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_hppa.deb\n Size/MD5 checksum: 669644 50027bd1d314e911c4a91647989fad1e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_hppa.deb\n Size/MD5 checksum: 104948 a013d1818ed8d6dd7d75a8ac11e795f9\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_hppa.deb\n Size/MD5 checksum: 187304 401a8e21722c104f3d3aae86cf3640e9\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_hppa.deb\n Size/MD5 checksum: 383876 d50afad26c9a0416fe47dfdf5ff649f4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_hppa.deb\n Size/MD5 checksum: 81992 b6c84f121f66616f578b13a3f0c654ca\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_hppa.deb\n Size/MD5 checksum: 139202 4972377b638f980ad757128f14132874\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_hppa.deb\n Size/MD5 checksum: 224154 8a8436e210dd8892487ea482a1de6522\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_i386.deb\n Size/MD5 checksum: 116324 445bced4eb764a78e51b68e4d7558363\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_i386.deb\n Size/MD5 checksum: 574784 40fa136876b3219e55de089340c0c85e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_i386.deb\n Size/MD5 checksum: 52890 a6ae74be5b338ab7f215d0846353833e\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_i386.deb\n Size/MD5 checksum: 165726 4b2485d3b8a50cd61ffcd2e0748d70fe\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_i386.deb\n Size/MD5 checksum: 349416 2f33d4592484a2adf276fd29cfe9d728\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_i386.deb\n Size/MD5 checksum: 127878 7232e14b8bc1d78fa4346b4ed393a3b9\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_i386.deb\n Size/MD5 checksum: 95656 00f7666dac13adf2a7bfc81c9d801f2f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_i386.deb\n Size/MD5 checksum: 191526 d8613e5a3d87838ee7155f54c1c12f3d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_i386.deb\n Size/MD5 checksum: 57762 2baa509aad5f6b837753e5a3e65e63f1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_i386.deb\n Size/MD5 checksum: 75890 5e52830c36794bb8ed2cdd14611ec690\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_ia64.deb\n Size/MD5 checksum: 134332 473be671406f747295c4a94d3f2ca3c5\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_ia64.deb\n Size/MD5 checksum: 289396 c95c79f18a2a8cb78131a35073c09ebe\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_ia64.deb\n Size/MD5 checksum: 890018 a9ca82650f5f96ac66d2b4436b0d1345\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_ia64.deb\n Size/MD5 checksum: 167350 f448dced91316668c1d33d6a0776eb2c\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_ia64.deb\n Size/MD5 checksum: 240384 5dc95c9ea35a7b052041e177114c5acf\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_ia64.deb\n Size/MD5 checksum: 79982 8980a39a06eeca5ef5adb623786742a2\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_ia64.deb\n Size/MD5 checksum: 73692 039a88dc8793fa4de6e461408cde62bd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_ia64.deb\n Size/MD5 checksum: 105008 273a9dbaf7a4882f39ebd9de527f76fb\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_ia64.deb\n Size/MD5 checksum: 502382 97f1d32991c1778752bad887f4029990\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_ia64.deb\n Size/MD5 checksum: 165288 7d2e3c354cc50db22fc34a396902690f\n\nm68k architecture (Motorola Mc680x0)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_m68k.deb\n Size/MD5 checksum: 71116 2f35c57d9f24856b013e27b0eef24a25\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_m68k.deb\n Size/MD5 checksum: 516020 203205bb2e6f66161c2aa98746687190\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_m68k.deb\n Size/MD5 checksum: 49768 39d4529ec4e27e2fdc75de762c5643fa\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_m68k.deb\n Size/MD5 checksum: 107660 0659ab018fbf062504348fc63ef97cc6\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_m68k.deb\n Size/MD5 checksum: 147864 b86ebef3ec1541aeabc20be31e503049\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_m68k.deb\n Size/MD5 checksum: 305872 1fc4f6385b5196c1c892731eac06f5b3\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_m68k.deb\n Size/MD5 checksum: 122106 c60b71edc9196adda91d40c4b84a908e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_m68k.deb\n Size/MD5 checksum: 174180 6d750c072a8d641bd661ea5c688199f3\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_m68k.deb\n Size/MD5 checksum: 53478 74055ea66e27e24d79c824691da8fe0f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_m68k.deb\n Size/MD5 checksum: 88692 074a5c747c652e7ce8d911077ca5586c\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_mips.deb\n Size/MD5 checksum: 145108 f432457761497dcfd8e1ba6fe7ac43fa\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_mips.deb\n Size/MD5 checksum: 164386 512e3b183ffc5f121f82981f32235377\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_mips.deb\n Size/MD5 checksum: 57750 d827cf9980ed4eba196dedf93e7d9b5d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_mips.deb\n Size/MD5 checksum: 680860 b4718176172f14d54d2a4662ae28e534\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_mips.deb\n Size/MD5 checksum: 128738 a9592a522e7cc0f6db4c121ac04db438\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_mips.deb\n Size/MD5 checksum: 65060 9b5613121aff8f341cb2dc3786b28d78\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_mips.deb\n Size/MD5 checksum: 103404 eb3ca8cddb900bd4dfdb10b67ca9622c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_mips.deb\n Size/MD5 checksum: 225708 d09d386a5705b48584ffd51b0127883d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_mips.deb\n Size/MD5 checksum: 355178 359ca6a220b6a9e7af7b949e7a64fb5d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_mips.deb\n Size/MD5 checksum: 80956 407fec89580608afebb4ff89d95bdf72\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_mipsel.deb\n Size/MD5 checksum: 146678 76f8820a81a1c068ab60348f1302d087\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_mipsel.deb\n Size/MD5 checksum: 103808 db8b0c06f58646093ca80554061cc0d1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_mipsel.deb\n Size/MD5 checksum: 65266 c27b18832cafb60109ba97e529706a53\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_mipsel.deb\n Size/MD5 checksum: 226540 0ddfa3be4f63eeb0066682928c193996\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_mipsel.deb\n Size/MD5 checksum: 82060 2479f67cadc3533fb499507fc1977b5d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_mipsel.deb\n Size/MD5 checksum: 355120 d1644230bb4cc0788a04f5f0c8eb961c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_mipsel.deb\n Size/MD5 checksum: 58164 5dcd7db602701983272b2fbb0db88864\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_mipsel.deb\n Size/MD5 checksum: 130098 472042e34a7ac48352205df510767ddd\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_mipsel.deb\n Size/MD5 checksum: 165632 3074194d27a16bd4e737a9462d6a217a\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_mipsel.deb\n Size/MD5 checksum: 682776 b0046283d8860fc6c8fe968b335ff463\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_powerpc.deb\n Size/MD5 checksum: 61758 9496fefe85772ad549b84ae523c56e77\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_powerpc.deb\n Size/MD5 checksum: 217812 c5aa73b8513a3698002cc3cedfeff012\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_powerpc.deb\n Size/MD5 checksum: 105320 3677c003bd4c271bbe3daef5cf8f52df\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_powerpc.deb\n Size/MD5 checksum: 143838 61244dbf640bd19ee1cc738ee7b44b34\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_powerpc.deb\n Size/MD5 checksum: 57018 9afa2ba534be545b9d76d1f69c8e5468\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_powerpc.deb\n Size/MD5 checksum: 165746 74c29add119101782727226dc9200db0\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_powerpc.deb\n Size/MD5 checksum: 634906 93dd67378ead6cb763cc304516cbf632\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_powerpc.deb\n Size/MD5 checksum: 353104 c5b16a1f26d01435b2bcb540b5b97730\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_powerpc.deb\n Size/MD5 checksum: 82702 f728717a6a25b233526ad69934e376f4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_powerpc.deb\n Size/MD5 checksum: 126246 da0e3adca803929ae44fad884949cbe2\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_s390.deb\n Size/MD5 checksum: 214176 9c4b2684ce790d6544d078efde32f5d3\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_s390.deb\n Size/MD5 checksum: 132996 1ed627f09d5b25bb3eaaaa4148207d7f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_s390.deb\n Size/MD5 checksum: 63428 332d6f0c94eabdca1df666a3ec0c6184\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_s390.deb\n Size/MD5 checksum: 57214 f518a8dd4336c3916bb8c533bd8b6301\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_s390.deb\n Size/MD5 checksum: 624898 27ed5f1406b97c3a429ed6cc41a5421a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_s390.deb\n Size/MD5 checksum: 99652 0e49258823390960faaf06522ab8f1cc\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_s390.deb\n Size/MD5 checksum: 376188 ec0fdc218fbe9c53fa5aaec87667b5a7\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_s390.deb\n Size/MD5 checksum: 82370 3a26a1e22c24add8b16498a641444a77\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_s390.deb\n Size/MD5 checksum: 180336 34967e4eb80a75b18a23a9f3bf05bb5f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_s390.deb\n Size/MD5 checksum: 121318 883136f99bce1a8f9f413dc3d68f5762\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_sparc.deb\n Size/MD5 checksum: 576786 3c142ce93bd9b408ea9a6d6046e3d067\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_sparc.deb\n Size/MD5 checksum: 58950 91be8dfc1160f334f0ed514eaeddb3c4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_sparc.deb\n Size/MD5 checksum: 53520 89ceeef920ad596b129365a1f6876818\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_sparc.deb\n Size/MD5 checksum: 73596 cca4a24557097c3be9dc611d686d0688\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_sparc.deb\n Size/MD5 checksum: 93348 0a954f5b7f637eeaea3b656699314b99\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_sparc.deb\n Size/MD5 checksum: 114068 e7a1986874465f458987516f27a705d1\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_sparc.deb\n Size/MD5 checksum: 157712 2c8a0b75fc4982ee9265d2dd8cab2cc4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_sparc.deb\n Size/MD5 checksum: 126780 d6faa238b06d1ff65c6b20b54c7b4fac\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_sparc.deb\n Size/MD5 checksum: 194584 39322280b333988d5cce973c7c00cdad\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_sparc.deb\n Size/MD5 checksum: 330436 27d8b24e5a2bbb57d8078c7b1d391d53\n\nDebian 4.0 (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch5.dsc\n Size/MD5 checksum: 876 e8f30ac6b710091985a2b669632ca174\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4.orig.tar.gz\n Size/MD5 checksum: 11017910 a675e5953bb8a29b5c6eb6f4ab0bb32a\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch5.diff.gz\n Size/MD5 checksum: 1590551 c7d7bfb6aa34876ec8b5d0767ed65c2d\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.4.4-7etch5_all.deb\n Size/MD5 checksum: 1806352 0e3b03d93b1a62a41f9d004d3f6a69eb\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 76136 61c8f8b99cd2c5e08fe20121d5a33119\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 461032 12fe64d352941f674f01b875532ec91f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 91648 ee8cf04beb8687f4afc0684fbed232e9\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 1087614 dc627be2679028513f541ab0db184758\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 245650 57d128cab47e74d75ad56da8b81866fe\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 154868 4cac528d66a64df26a385bb15552061c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 136110 a0d904994baba8064c640014e238020c\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 216328 7e96a8117e5397282f9027dc99fee308\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 89690 a14489d539fc5274175e92b8c1f99cc4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 65866 c153e17e3514e566d1b719bd4941c3f2\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_alpha.deb\n Size/MD5 checksum: 1017046 543b2403aee468ad0a1692708de9a587\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 83852 4e7e51683f130dfdbaaaa2b6bbdfd70b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 61474 5ed45d3180ad5cda0839f53d8d9fc716\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 768634 4f227f866f481d0a11a90b1a41d14bbb\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 141926 5944b339ff70c630a2d04026dc8a436c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 68170 d5b5cc9a99c26889dcf685f88cc92a9a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 129822 8f01b6b85827382fcb2ac54b561a1ec0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 222262 b16ea5bddeb302c73844a465d5b27020\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 1072208 5458abcef1aa9174a703a51d9910bf42\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 190378 b663d232374d5d8ea6a1aeb6596e1e66\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 426424 39665f5600ac062e43d78823f79016a6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_amd64.deb\n Size/MD5 checksum: 86108 786e35f5915b137445eb034ef1f53eee\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 1013602 3087dae461053141fd9099ba1bf1f520\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 63418 6d76005bc5336972fff07aa9961bcbca\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 682712 20f548e7e7fe59ffc450c46c58b73fd1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 136110 b1774fea7cea371790dc1d7b9a293395\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 173154 785af0fd07d78658edb4a4c25082ca22\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 59834 e369f2b68c8090e91191718d207da76d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 206238 c69f58637e68a2d455750e32b5b770c0\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 390054 b972d264ad97b69120ee4e4d898f3055\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 81426 82979ab1f34edf407dc1a32f4be2a911\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 123540 f9534a82bfa054018029c9a3934fc121\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_arm.deb\n Size/MD5 checksum: 78826 62163e751d27902012a16758fbbf67e0\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 1050680 8ea8f26032837464c794e615623ac59e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 87564 ec92090e89dc2c03500c52cbd188e4c3\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 441724 6cc26ce6c3e4fa233222786b15bc08ac\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 64206 fa4e68946117f10d2dbbcea75fabe5d0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 132802 23e6e453b5943c8df76fd87a18fe2182\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 85370 9011819683422a091d363e0d0064e82e\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 815220 652f24a16193c3d8bf9f128000888850\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 145028 88cb8fd42c037cca495bb200a8d5bacd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 69692 0ce8e82456cc62420ba31f7ce0aa3a39\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 201216 b7aa6c970117a632b2e60d14829ba7b7\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_hppa.deb\n Size/MD5 checksum: 232082 7a823371e31f4b3e937a4e9d7a83d09b\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 80306 8c8461beb8bd866080134bf1a25ef557\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 62446 22a83f7567df841b9f34ffc133534a64\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 133360 5e72e490c20ac03f49b7fd6921047048\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 680166 991c24aa3b8e2d82f07e49865d70119b\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 408376 f375a2157e2b1de2eadecbb2f03c8637\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 174112 f9efe4ee2c52dba6806f548d778e0f53\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 58050 b99734e1b92043a8cc816c588b04fce5\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 196558 0b03b5d3920efa1c5efbf8cbe3901f15\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 124206 21cc6d63e1eeaeb9deb70e227d61d84b\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 1037936 a1a2470171c5403563ed285be9caaa9a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_i386.deb\n Size/MD5 checksum: 78598 80b9f57c39a90e17b67480271ec8cc2a\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 305920 940370e13598d9c00b123f97aa3f09ad\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 164602 6dd81cf1a5487ad63e2ab3cf1ce342f1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 112994 4ccb79847d301064e5e6496f2577b5e5\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 80324 88cc01f93ed8fe3b9c9861176050f004\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 105592 8745ddb42d7cb7afb95ef4f946a26c60\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 1088562 0d2cdc97965b7827a78bca972aed38fd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 91338 40c9d44d05f3262c1a5d6950c4255e16\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 269600 4acf36a3831bd4d2bb0af4d9130d0f27\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 1043576 6e487c186d462bc98b8ccdfbb5891324\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 190500 4cc37a9cd6bb13da4ca73f87b60738d3\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_ia64.deb\n Size/MD5 checksum: 592208 ac3bd63fc244d99757d33c8b8fa8f745\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 71184 99f78076e71ddc74b7809de695945048\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 128534 d08156f659ccfaa953e612ab0f1be1e0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 86416 a0ccc69288f43974099646a0b4df2702\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 807408 caa736a161edf63d4b7b0200642293cc\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 81794 820abd7cda885cfbcd651eeb819b6ea2\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 176908 eb82211002e6f5fa451b8c6fc72cd8c5\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 230468 6498dab212c73d4c618a77b105d40302\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 389766 cb2be7e8aa8890f3011c7721474048cb\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 145004 1d8436cb03bf8df56127ab37a1787096\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 62920 610d234fcd0e209b0d2e6c0f3be39f6b\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_mips.deb\n Size/MD5 checksum: 1112710 5b98f43fa267c04b32bc96927ad868a2\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 87478 dce62567d27548de56ad38615fd5a8fe\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 71596 8cfffdf23386228753133a6d675a75dc\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 131106 22011c6b9dfeaf6318baffbb40b4b005\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 63834 9a2e78369d8fa1d0d8688eb48e443518\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 810348 c36eb2099ac9fd31e57d5693ec8eb92b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 82652 3699856d5fe3d28c74e0e66469d05859\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 1087382 a5cac22f1da48cbb4c80f7f736b70b2f\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 179494 4a1d3e8cc558c330b9f4a6bded87913b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 145716 1f45bb37dd7e13ea4c6b21f52c43c657\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 232788 88bc4c67b09b541769a7a00abc5d2688\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_mipsel.deb\n Size/MD5 checksum: 391848 05272bb8eb78e5e3fa374c9cb6597403\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 222776 d87408739c95de5b207a88550278a0d0\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 1083104 a5a89067cd381199a75e9751be977884\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 143844 488e4411a9d507c14961e8c1a867a18b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 84364 fd1d52f855615c98fc8d207dcea36d2f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 137308 16ac4ae9b3a4eec6e584d4b9902771ed\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 399370 2c4951062f1fa124af1a36a8b0c1e761\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 86864 33e72918f1ae2f968537d4e3328237b8\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 67384 3547b618672d7e775018128fa421551d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 753506 cdc2c41be06d280160c3f7ee8b7f3417\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 61930 dad1ac368a357004137a4beaf0a4f8ba\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_powerpc.deb\n Size/MD5 checksum: 179574 499b4b287b5726f7a8afea620d5606c5\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 63392 7e446e33886543cc1432026dbde49ea8\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 87886 02735411cb4acaa71b8aa72bf7d9683d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 438990 5aacff7c6ec54f708cb98fa0718bfcc0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 129266 31c153db1328ee93b97e64bdb01a3cc3\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 195506 d3175c75393ac80363919b170e1446e0\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 1073530 ac4c767b43f20d304e9683ebfddf3a68\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 224438 5a59744997773137c0409af842e7fdf0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 68782 57ed0962a4cf4f2f7c7d60edf52449ed\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 140470 8fd23a0ec4c4b5c81c48d7b0228a5fa8\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 82118 7a84a0ceeb5110380a231be90d6f36ce\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_s390.deb\n Size/MD5 checksum: 733368 6a3ea5e404cebc11888aaad6fdc2cedd\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 131724 561314d157da780fc7de7c06524e8a3c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 77124 6de298978f0404514a0b16d863efa276\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 961534 754258b22c1eaf83c3167775c3138a58\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 372674 20c48448253a262988a3ca876cfb2931\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 123040 00e2f8c76353547804f9ff516de1f65d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 680434 6bf7c8d82d481a8d6d9d784f5ed617ec\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 58242 f7e89e959e30e2bd36ac3ce1191a7711\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 63800 21beab0b247e7bdeea2004876f388c59\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 166710 b5127d835935bee8ce49a1154e5fa2eb\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 200282 49524ee10fb4d4e7be223a1f25dffba7\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_sparc.deb\n Size/MD5 checksum: 78204 2462352e5493e856bd8a784ca49f95f0\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n \n A flaw was discovered in how the Kerberos krb5kdc handled Kerberos v4\n protocol packets. \n \n This issue only affects krb5kdc when it has Kerberos v4 protocol\n compatibility enabled, which is a compiled-in default in all\n Kerberos versions that Mandriva Linux ships prior to Mandriva\n Linux 2008.0. \n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947\n http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt\n http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.1:\n 64c3f5c31177dcacc99b021ec6ed1271 2007.1/i586/ftp-client-krb5-1.5.2-6.6mdv2007.1.i586.rpm\n 11b4194bc9edba8c0951e44660ba9955 2007.1/i586/ftp-server-krb5-1.5.2-6.6mdv2007.1.i586.rpm\n 23794e6e0cb1d46a329c42a04f672c5f 2007.1/i586/krb5-server-1.5.2-6.6mdv2007.1.i586.rpm\n 0fbb29bd81c8452d937d30fbbda62242 2007.1/i586/krb5-workstation-1.5.2-6.6mdv2007.1.i586.rpm\n 8f4eea60bf4ea3bfc776f1c117ceb26d 2007.1/i586/libkrb53-1.5.2-6.6mdv2007.1.i586.rpm\n fd5b1da0a056d995011d2b1a692e4292 2007.1/i586/libkrb53-devel-1.5.2-6.6mdv2007.1.i586.rpm\n ca79ccbe3f286b9069f0ae028d9816f7 2007.1/i586/telnet-client-krb5-1.5.2-6.6mdv2007.1.i586.rpm\n 8a7c84f1fe1bbb5338723f28d12a9f21 2007.1/i586/telnet-server-krb5-1.5.2-6.6mdv2007.1.i586.rpm \n 22830790ad7715479b7d4fbecc6c1e7f 2007.1/SRPMS/krb5-1.5.2-6.6mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n fc02060b7c1da08c33952e6c14fb5627 2007.1/x86_64/ftp-client-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm\n 513fca34bdd1f2a5643a8e6adeb62e0e 2007.1/x86_64/ftp-server-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm\n 4f42d639753a885212e6d62bfe84a121 2007.1/x86_64/krb5-server-1.5.2-6.6mdv2007.1.x86_64.rpm\n 6b2ca028321fb08199be20a4aedef4a0 2007.1/x86_64/krb5-workstation-1.5.2-6.6mdv2007.1.x86_64.rpm\n 4d453dc2a579e74e29dfc052197fedc1 2007.1/x86_64/lib64krb53-1.5.2-6.6mdv2007.1.x86_64.rpm\n b22d9f1b515df1a5270d2d4c373b7dd3 2007.1/x86_64/lib64krb53-devel-1.5.2-6.6mdv2007.1.x86_64.rpm\n 21b245649de9e38e43782bd1a18922a7 2007.1/x86_64/telnet-client-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm\n 1322374ab1c15b5c1392ee4ae5f915e7 2007.1/x86_64/telnet-server-krb5-1.5.2-6.6mdv2007.1.x86_64.rpm \n 22830790ad7715479b7d4fbecc6c1e7f 2007.1/SRPMS/krb5-1.5.2-6.6mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n 3ee5a309927b830bf8559a872161384b 2008.0/i586/ftp-client-krb5-1.6.2-7.1mdv2008.0.i586.rpm\n 1835baa43ab27aac2493dc7821bafa8a 2008.0/i586/ftp-server-krb5-1.6.2-7.1mdv2008.0.i586.rpm\n 5e8369c201ac4678a7bc46590107e45f 2008.0/i586/krb5-1.6.2-7.1mdv2008.0.i586.rpm\n 94277e76faf2b75553c2e6250e428a43 2008.0/i586/krb5-server-1.6.2-7.1mdv2008.0.i586.rpm\n 695d5b85347b906401433fa55177be1a 2008.0/i586/krb5-workstation-1.6.2-7.1mdv2008.0.i586.rpm\n 4696cbae0ce644c265b74ff4ce59a865 2008.0/i586/libkrb53-1.6.2-7.1mdv2008.0.i586.rpm\n cc8122a1c6a3449fc41d3022bbdffeb2 2008.0/i586/libkrb53-devel-1.6.2-7.1mdv2008.0.i586.rpm\n d5e75835b35e81a3f7d038e501dabd1c 2008.0/i586/telnet-client-krb5-1.6.2-7.1mdv2008.0.i586.rpm\n 072b5ba782fbd1659ed8bde15bd11b5a 2008.0/i586/telnet-server-krb5-1.6.2-7.1mdv2008.0.i586.rpm \n cfd133fde8cc72b038ea61dc94405701 2008.0/SRPMS/krb5-1.6.2-7.1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 7a8c1c390b1d1a0b2a8fe28e8fb6a458 2008.0/x86_64/ftp-client-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm\n 9b312bd49bd858d00d00ec299866a275 2008.0/x86_64/ftp-server-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm\n 19f7d0590227c4cc636ee5528db8027a 2008.0/x86_64/krb5-1.6.2-7.1mdv2008.0.x86_64.rpm\n 6a84bc19cb8e32f7331ce4c1ed36dc9d 2008.0/x86_64/krb5-server-1.6.2-7.1mdv2008.0.x86_64.rpm\n dabaf97b9b36316dc2b69e9edc953793 2008.0/x86_64/krb5-workstation-1.6.2-7.1mdv2008.0.x86_64.rpm\n 2810bbed78b7480ff48b021a798cb5a1 2008.0/x86_64/lib64krb53-1.6.2-7.1mdv2008.0.x86_64.rpm\n 734b018e6b05204767d07a7d53ef2c3c 2008.0/x86_64/lib64krb53-devel-1.6.2-7.1mdv2008.0.x86_64.rpm\n 787fb5ea70eff84b91eea5d68c1e956d 2008.0/x86_64/telnet-client-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm\n d6224c005bc7c818c117e3fc61643840 2008.0/x86_64/telnet-server-krb5-1.6.2-7.1mdv2008.0.x86_64.rpm \n cfd133fde8cc72b038ea61dc94405701 2008.0/SRPMS/krb5-1.6.2-7.1mdv2008.0.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n______________________________________________________________________________\n\n SUSE Security Announcement\n\n Package: krb5\n Announcement ID: SUSE-SA:2008:016\n Date: Wed, 19 Mar 2008 10:00:00 +0000\n Affected Products: SUSE LINUX 10.1\n openSUSE 10.2\n openSUSE 10.3\n SUSE Linux Enterprise Desktop 10 SP1\n SLE SDK 10 SP1\n SUSE Linux Enterprise Server 10 SP1\n Vulnerability Type: remote code execution\n Severity (1-10): 7\n SUSE Default Package: no\n Cross-References: CVE-2008-0062\n CVE-2008-0063\n CVE-2008-0947\n CVE-2008-0948\n\n Content of This Advisory:\n 1) Security Vulnerability Resolved:\n Problem Description\n 2) Solution or Work-Around\n 3) Special Instructions and Notes\n 4) Package Location and Checksums\n 5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n 6) Authenticity Verification and Additional Information\n\n______________________________________________________________________________\n\n1) Problem Description and Brief Discussion\n\n The krb5 package is the implementation of the Kerberos protocol suite\n from MIT. \n This update fixes three vulnerabilities, two of them are only possible if\n krb4 support is enabled:\n - CVE-2008-0062: null/dangling pointer (krb4) \n - CVE-2008-0063: operations on uninitialized buffer content,\n possible information leak (krb4) \n - CVE-2008-0947/8: out-of-bound array\n access in kadmind's RPC lib\n\n2) Solution or Work-Around\n\n Please install the new packages. \n\n3) Special Instructions and Notes\n\n Please restart the kerberos services. \n\n4) Package Location and Checksums\n\n The preferred method for installing security updates is to use the YaST\n Online Update (YOU) tool. YOU detects which updates are required and\n automatically performs the necessary steps to verify and install them. \n Alternatively, download the update packages for your distribution manually\n and verify their integrity by the methods listed in Section 6 of this\n announcement. Then install the packages using the command\n\n rpm -Fhv <file.rpm>\n\n to apply the update, replacing <file.rpm> with the filename of the\n downloaded RPM package. \n\n \n x86 Platform:\n \n openSUSE 10.3:\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-1.6.2-22.4.i586.rpm\n 53f6c9b454e27c47ec4cb32679757c48\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-apps-clients-1.6.2-22.4.i586.rpm\n 66ee0e785595b000842c5cd2c9162c55\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-apps-servers-1.6.2-22.4.i586.rpm\n f3fba89b56860b8f46691c69bba8b3c7\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-client-1.6.2-22.4.i586.rpm\n 193a8298aa8bb866e19e0c48f23e523e\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-devel-1.6.2-22.4.i586.rpm\n a9b01b5c846e02c588664cddcae4c5c6\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-server-1.6.2-22.4.i586.rpm\n ff536136c01b5f900aebe6fdc1ec62e6\n \n openSUSE 10.2:\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-1.5.1-23.14.i586.rpm\n 5764e87b834c6a5b8a467fa6aa8ec40e\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-apps-clients-1.5.1-23.14.i586.rpm\n 94db70009c4c6e099a9807584c701686\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-apps-servers-1.5.1-23.14.i586.rpm\n 5881c8be92dc3eb215a1e837b6468922\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-client-1.5.1-23.14.i586.rpm\n c45980b430614c2371dd1ad4f8d21a34\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-devel-1.5.1-23.14.i586.rpm\n 1c6a45d60e5eabffedc2c1e3e755ac73\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-server-1.5.1-23.14.i586.rpm\n 03793b23aced1c01d9e2817648d7c777\n \n SUSE LINUX 10.1:\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-1.4.3-19.30.6.i586.rpm\n 51d1c53aaf25a36dd1e2e74662cbabd9\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-apps-clients-1.4.3-19.30.6.i586.rpm\n 6b4d89a932988685993dba1e87aea95f\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-apps-servers-1.4.3-19.30.6.i586.rpm\n c7ff44ef5a8453d5223da71d670fdea4\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-client-1.4.3-19.30.6.i586.rpm\n bc0456ed7708ee3ffdc2501e849e9dbe\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-devel-1.4.3-19.30.6.i586.rpm\n 9942cbbfd032ea80d8a20daa34ce5374\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-server-1.4.3-19.30.6.i586.rpm\n d4596d47caafa6ea4ee4b4f4e218f831\n \n Power PC Platform:\n \n openSUSE 10.3:\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-1.6.2-22.4.ppc.rpm\n f0d1399edebb3e1d715d84568065130a\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-apps-clients-1.6.2-22.4.ppc.rpm\n 8e444214994c1e7297b5332d96967ec0\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-apps-servers-1.6.2-22.4.ppc.rpm\n 2eecfe960c969bf3a3dcce2fcab010f0\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-client-1.6.2-22.4.ppc.rpm\n 8052a7d7a942545a46fa5e962c562ab8\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-devel-1.6.2-22.4.ppc.rpm\n 6a118f48123ebfc23715bf797bf8b7d0\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-server-1.6.2-22.4.ppc.rpm\n fd8f73d6d8757d9ce3dea43997b56b0c\n \n openSUSE 10.2:\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-1.5.1-23.14.ppc.rpm\n 04289bb24041d226f27eb92025b25463\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-apps-clients-1.5.1-23.14.ppc.rpm\n 731ea1ef473c0d1c8990a8045a9fe587\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-apps-servers-1.5.1-23.14.ppc.rpm\n f911f86a0d2e8c9da16930525bd8b163\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-client-1.5.1-23.14.ppc.rpm\n a4c560015bbaddcbc88603e1e194146e\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-devel-1.5.1-23.14.ppc.rpm\n 64d0f163ebff972f2e70c6cc4d760555\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-server-1.5.1-23.14.ppc.rpm\n 8b06dc5e5ac5b3fa410559017403378a\n \n SUSE LINUX 10.1:\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-1.4.3-19.30.6.ppc.rpm\n ae1652f3ea622c5c91b0fd1d47b066ef\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-apps-clients-1.4.3-19.30.6.ppc.rpm\n a389841f387e37732c80d9d5095f9ae6\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-apps-servers-1.4.3-19.30.6.ppc.rpm\n cb6b4e402570e45767c5ae7a5c26e34c\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-client-1.4.3-19.30.6.ppc.rpm\n 3a2c13bc932e84f7a451f3a2c77c99f0\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-devel-1.4.3-19.30.6.ppc.rpm\n b34f9511e269e0dfc2896ac88cf41cce\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-server-1.4.3-19.30.6.ppc.rpm\n 0263cbb8f0f41e50dacfed082eca0835\n \n x86-64 Platform:\n \n openSUSE 10.3:\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-1.6.2-22.4.x86_64.rpm\n 6df39c9ddfb04cd4889b5f4bb271213a\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-32bit-1.6.2-22.4.x86_64.rpm\n 77ba221640964cc90ad8e0010ad5c07e\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-apps-clients-1.6.2-22.4.x86_64.rpm\n fccb50e18045baa2c78165f20eb13eec\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-apps-servers-1.6.2-22.4.x86_64.rpm\n 3bfd6270a31f2a6a35728bcd274ae327\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-client-1.6.2-22.4.x86_64.rpm\n 53b3634e9e92255b62a932ed6d30742d\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-devel-1.6.2-22.4.x86_64.rpm\n 54071b2e12004117b0599f53c4a6027b\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-devel-32bit-1.6.2-22.4.x86_64.rpm\n 07069062d1e7b140c6774cc2aaa821d5\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-server-1.6.2-22.4.x86_64.rpm\n b07d395220662db193b6f54753931ccc\n \n openSUSE 10.2:\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-1.5.1-23.14.x86_64.rpm\n 3f2d8918cf5da2cab839bf2c72af1495\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-32bit-1.5.1-23.14.x86_64.rpm\n 4348a17ec69b6c64c69e11f74fa88a08\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-apps-clients-1.5.1-23.14.x86_64.rpm\n 433ffcced3ede0163628854ae3296baf\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-apps-servers-1.5.1-23.14.x86_64.rpm\n c24ab880f1314c1d25f3e9561b204c10\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-client-1.5.1-23.14.x86_64.rpm\n 6022c2534c50718a2a4fd18fde346daf\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-devel-1.5.1-23.14.x86_64.rpm\n d82a0204e6e0f5e9d6bcd8f60aa4fbde\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-devel-32bit-1.5.1-23.14.x86_64.rpm\n 17dc2896ebc7f252e39fc8e23a41abc1\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-server-1.5.1-23.14.x86_64.rpm\n 45596c22ec6d0c1eebf42f683e4e0cd4\n \n SUSE LINUX 10.1:\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-1.4.3-19.30.6.x86_64.rpm\n 684c7d1363494a7854afd3755bdb2a20\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-32bit-1.4.3-19.30.6.x86_64.rpm\n b8552a99f0785f1eee434f6d7293731a\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-apps-clients-1.4.3-19.30.6.x86_64.rpm\n 060fac873ba1bc13e4b5b813ae6a6cd2\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-apps-servers-1.4.3-19.30.6.x86_64.rpm\n 28235a5328a8a982e2a1784793a17863\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-client-1.4.3-19.30.6.x86_64.rpm\n 056f5e479561d2b831e3dd969261f8de\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-devel-1.4.3-19.30.6.x86_64.rpm\n d81c85af0ca1812c273bbd1c6ddf3cb1\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-devel-32bit-1.4.3-19.30.6.x86_64.rpm\n d17b2d40649a83e28afd6a7a3dec96d6\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-server-1.4.3-19.30.6.x86_64.rpm\n dd8096c153fb51bdd67352cbe8a51953\n \n Sources:\n \n openSUSE 10.3:\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/krb5-1.6.2-22.4.src.rpm\n 6ead1c530f58e6255b1c9ba1b78eb3ae\n \n openSUSE 10.2:\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/krb5-1.5.1-23.14.src.rpm\n add4417c6743a6dd26f35182e85ee956\n \n SUSE LINUX 10.1:\n ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/krb5-1.4.3-19.30.6.src.rpm\n 2185d5b60fe733640f16a3a561ec6888\n \n Our maintenance customers are notified individually. The packages are\n offered for installation from the maintenance web:\n \n SUSE Linux Enterprise Server 10 SP1\n http://support.novell.com/techcenter/psdb/a1cba9b24d53ae5d2b80a81acd449edb.html\n \n SLE SDK 10 SP1\n http://support.novell.com/techcenter/psdb/a1cba9b24d53ae5d2b80a81acd449edb.html\n \n SUSE Linux Enterprise Desktop 10 SP1\n http://support.novell.com/techcenter/psdb/a1cba9b24d53ae5d2b80a81acd449edb.html\n\n______________________________________________________________________________\n\n5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n\n Please read our weekly security report. \n______________________________________________________________________________\n\n6) Authenticity Verification and Additional Information\n\n - Announcement authenticity verification:\n\n SUSE security announcements are published via mailing lists and on Web\n sites. The authenticity and integrity of a SUSE security announcement is\n guaranteed by a cryptographic signature in each announcement. All SUSE\n security announcements are published with a valid signature. \n\n To verify the signature of the announcement, save it as text into a file\n and run the command\n\n gpg --verify <file>\n\n replacing <file> with the name of the file where you saved the\n announcement. The output for a valid signature looks like:\n\n gpg: Signature made <DATE> using RSA key ID 3D25D3D9\n gpg: Good signature from \"SuSE Security Team <security@suse.de>\"\n\n where <DATE> is replaced by the date the document was signed. \n\n If the security team's key is not contained in your key ring, you can\n import it from the first installation CD. To import the key, use the\n command\n\n gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc\n\n - Package authenticity verification:\n\n SUSE update packages are available on many mirror FTP servers all over the\n world. While this service is considered valuable and important to the free\n and open source software community, the authenticity and the integrity of\n a package needs to be verified to ensure that it has not been tampered\n with. \n\n There are two verification methods that can be used independently from\n each other to prove the authenticity of a downloaded file or RPM package:\n\n 1) Using the internal gpg signatures of the rpm package\n 2) MD5 checksums as provided in this announcement\n\n 1) The internal rpm package signatures provide an easy way to verify the\n authenticity of an RPM package. Use the command\n\n rpm -v --checksig <file.rpm>\n\n to verify the signature of the package, replacing <file.rpm> with the\n filename of the RPM package downloaded. The package is unmodified if it\n contains a valid signature from build@suse.de with the key ID 9C800ACA. \n\n This key is automatically imported into the RPM database (on\n RPMv4-based distributions) and the gpg key ring of 'root' during\n installation. You can also find it on the first installation CD and at\n the end of this announcement. \n\n 2) If you need an alternative means of verification, use the md5sum\n command to verify the authenticity of the packages. Execute the command\n\n md5sum <filename.rpm>\n\n after you downloaded the file from a SUSE FTP server or its mirrors. \n Then compare the resulting md5sum with the one that is listed in the\n SUSE security announcement. Because the announcement containing the\n checksums is cryptographically signed (by security@suse.de), the\n checksums show proof of the authenticity of the package if the\n signature of the announcement is valid. Note that the md5 sums\n published in the SUSE Security Announcements are valid for the\n respective packages only. Newer versions of these packages cannot be\n verified. \n\n - SUSE runs two security mailing lists to which any interested party may\n subscribe:\n\n opensuse-security@opensuse.org\n - General Linux and SUSE security discussion. \n All SUSE security announcements are sent to this list. \n To subscribe, send an e-mail to\n <opensuse-security+subscribe@opensuse.org>. \n\n opensuse-security-announce@opensuse.org\n - SUSE's announce-only mailing list. \n Only SUSE's security announcements are sent to this list. \n To subscribe, send an e-mail to\n <opensuse-security-announce+subscribe@opensuse.org>. \n\n =====================================================================\n SUSE's security contact is <security@suse.com> or <security@suse.de>. \n The <security@suse.de> public key is listed below. \n =====================================================================\n______________________________________________________________________________\n\n The information in this advisory may be distributed or reproduced,\n provided that the advisory is not modified in any way. In particular, the\n clear text signature should show proof of the authenticity of the text. \n\n SUSE Linux Products GmbH provides no warranties of any kind whatsoever\n with respect to the information contained in this security advisory. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0009\nSynopsis: Updates to VMware Workstation, VMware Player,\n VMware ACE, VMware Fusion, VMware Server, VMware\n VIX API, VMware ESX, VMware ESXi resolve critical\n security issues\nIssue date: 2008-06-04\nUpdated on: 2008-06-04 (initial release of advisory)\nCVE numbers: CVE-2007-5671 CVE-2008-0967 CVE-2008-2097\n CVE-2008-2100 CVE-2006-1721 CVE-2008-0553\n CVE-2007-5378 CVE-2007-4772 CVE-2008-0888\n CVE-2008-0062 CVE-2008-0063 CVE-2008-0948\n- -------------------------------------------------------------------\n\n1. Summary:\n\n Several critical security vulnerabilities have been addressed\n in patches in ESX and in the newest releases of VMware's hosted\n product line. \n\n2. Relevant releases:\n\n VMware Workstation 6.0.3 and earlier,\n VMware Workstation 5.5.6 and earlier,\n VMware Player 2.0.3 and earlier,\n VMware Player 1.0.6 and earlier,\n VMware ACE 2.0.3 and earlier,\n VMware ACE 1.0.5 and earlier,\n VMware Server 1.0.5 and earlier,\n VMware Fusion 1.1.1 and earlier\n\n VMware ESXi 3.5 without patches ESXe350-200805501-I-SG,\n ESXe350-200805502-T-SG,\n ESXe350-200805503-C-SG\n\n VMware ESX 3.5 without patches ESX350-200805515-SG, ESX350-200805508-SG,\n ESX350-200805501-BG, ESX350-200805504-SG,\n ESX350-200805506-SG, ESX350-200805505-SG,\n ESX350-200805507-SG\n\n VMware ESX 3.0.2 without patches ESX-1004727, ESX-1004821, ESX-1004216,\n ESX-1004726, ESX-1004722, ESX-1004724,\n ESX-1004719, ESX-1004219\n\n VMware ESX 3.0.1 without patches ESX-1004186, ESX-1004728, ESX-1004725,\n ESX-1004721, ESX-1004723, ESX-1004190,\n ESX-1004189\n\n VMware ESX 2.5.5 without update patch 8\n VMware ESX 2.5.4 without update patch 19\n\nNOTES: Hosted products VMware Workstation 5.x, VMware Player 1.x,\n and VMware ACE 1.x will reach end of general support\n 2008-11-09. Customers should plan to upgrade to the latest\n version of their respective products. \n\n ESX 3.0.1 is in Extended Support and its end of extended\n support (Security and Bug fixes) is 2008-07-31. Users should plan\n to upgrade to at least 3.0.2 update 1 and preferably the newest\n release available before the end of extended support. \n\n ESX 2.5.4 is in Extended Support and its end of extended support\n (Security and Bug fixes) is 2008-10-08. Users should plan to upgrade\n to at least 2.5.5 and preferably the newest release available before\n the end of extended support. \n\n3. Problem description:\n\n a. VMware Tools Local Privilege Escalation on Windows-based guest OS\n\n The VMware Tools Package provides support required for shared folders\n (HGFS) and other features. \n\n An input validation error is present in the Windows-based VMware\n HGFS.sys driver. Exploitation of this flaw might result in\n arbitrary code execution on the guest system by an unprivileged\n guest user. It doesn't matter on what host the Windows guest OS\n is running, as this is a guest driver vulnerability and not a\n vulnerability on the host. \n\n The HGFS.sys driver is present in the guest operating system if the\n VMware Tools package is loaded. Even if the host has HGFS disabled\n and has no shared folders, Windows-based guests may be affected. This\n is regardless if a host supports HGFS. \n\n This issue could be mitigated by removing the VMware Tools package\n from Windows based guests. However this is not recommended as it\n would impact usability of the product. \n\n NOTE: Installing the new hosted release or ESX patches will not\n remediate the issue. The VMware Tools packages will need\n to be updated on each Windows-based guest followed by a\n reboot of the guest system. \n\n VMware would like to thank iDefense and Stephen Fewer of Harmony\n Security for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2007-5671 to this issue. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============ ======== ======= =================\n Workstation 6.x Windows not affected\n Workstation 6.x Linux not affected\n Workstation 5.x Windows 5.5.6 build 80404 or later\n Workstation 5.x Linux 5.5.6 build 80404 or later\n\n Player 2.x Windows not affected\n Player 2.x Linux not affected\n Player 1.x Windows 1.0.6 build 80404 or later\n Player 1.x Linux 1.0.6 build 80404 or later\n\n ACE 2.x Windows not affected\n ACE 1.x Windows 1.0.5 build 79846 or later\n\n Server 1.x Windows 1.0.5 build 80187 or later\n Server 1.x Linux 1.0.5 build 80187 or later\n\n Fusion 1.x Mac OS/X not affected\n\n ESXi 3.5 ESXi not affected\n\n ESX 3.5 ESX not affected\n ESX 3.0.2 ESX ESX-1004727\n ESX 3.0.1 ESX ESX-1004186\n ESX 2.5.5 ESX ESX 2.5.5 upgrade patch 5 or later\n ESX 2.5.4 ESX ESX 2.5.4 upgrade patch 16 or later\n\n\n b. Privilege escalation on ESX or Linux based hosted operating systems\n\n This update fixes a security issue related to local exploitation of\n an untrusted library path vulnerability in vmware-authd. In order to\n exploit this vulnerability, an attacker must have local access and\n the ability to execute the set-uid vmware-authd binary on an affected\n system. Exploitation of this flaw might result in arbitrary code\n execution on the Linux host system by an unprivileged user. \n\n VMware would like to thank iDefense for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2008-0967 to this issue. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============ ======== ======= =================\n Workstation 6.x Windows not affected\n Workstation 6.x Linux 6.0.4 build 93057\n Workstation 5.x Windows not affected\n Workstation 5.x Linux 5.5.7 build 91707\n\n Player 2.x Windows not affected\n Player 2.x Linux 2.0.4 build 93057\n Player 1.x Windows not affected\n Player 1.x Linux 1.0.7 build 91707\n\n ACE 2.x Windows not affected\n ACE 1.x Windows not affected\n\n Server 1.x Windows not affected\n Server 1.x Linux 1.0.6 build 91891\n\n Fusion 1.x Mac OS/X not affected\n\n ESXi 3.5 ESXi ESXe350-200805501-I-SG\n\n ESX 3.5 ESX ESX350-200805515-SG\n ESX 3.0.2 ESX ESX-1004821\n ESX 3.0.1 ESX ESX-1004728\n ESX 2.5.5 ESX ESX 2.5.5 update patch 8\n ESX 2.5.4 ESX ESX 2.5.4 update patch 19\n\n c. Openwsman Invalid Content-Length Vulnerability\n\n Openwsman is a system management platform that implements the Web\n Services Management protocol (WS-Management). It is installed and\n running by default. It is used in the VMware Management Service\n Console and in ESXi. \n\n The openwsman management service on ESX 3.5 and ESXi 3.5 is vulnerable\n to a privilege escalation vulnerability, which may allow users with\n non-privileged ESX or Virtual Center accounts to gain root privileges. \n\n To exploit this vulnerability, an attacker would need a local ESX\n account or a VirtualCenter account with the Host.Cim.CimInteraction\n permission. \n\n Systems with no local ESX accounts and no VirtualCenter accounts with\n the Host.Cim.CimInteraction permission are not vulnerable. \n\n This vulnerability cannot be exploited by users without valid login\n credentials. \n\n Discovery: Alexander Sotirov, VMware Security Research\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2008-2097 to this issue. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============ ======== ======= =================\n hosted any any not affected\n\n ESXi 3.5 ESXi ESXe350-200805501-I-SG\n\n ESX 3.5 ESX ESX350-200805508-SG\n ESX 3.0.2 ESX not affected\n ESX 3.0.1 ESX not affected\n ESX 2.5.5 ESX not affected\n ESX 2.5.4 ESX not affected\n\n NOTE: VMware hosted products are not affected by this issue. \n\n d. VMware VIX Application Programming Interface (API) Memory Overflow\nVulnerabilities\n\n The VIX API (also known as \"Vix\") is an API that lets users write scripts\n and programs to manipulate virtual machines. \n\n Multiple buffer overflow vulnerabilities are present in the VIX API. \n Exploitation of these vulnerabilities might result in code execution on\n the host system or on the service console in ESX Server from the guest\n operating system. \n\n The VIX API can be enabled and disabled using the \"vix.inGuest.enable\"\n setting in the VMware configuration file. This default value for this\n setting is \"disabled\". This configuration setting is present in the\n following products:\n VMware Workstation 6.0.2 and higher\n VMware ACE 6.0.2 and higher\n VMware Server 1.06 and higher\n VMware Fusion 1.1.2 and higher\n ESX Server 3.0 and higher\n ESX Server 3.5 and higher\n In previous versions of VMware products where the VIX API was introduced,\n the VIX API couldn't be disabled. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2008-2100 to this issue. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============ ======== ======= =================\n VIX API 1.1.x Windows VMware-vix-1.1.4-93057.exe\n VIX API 1.1.x Linux VMware-vix-1.1.4-93057.i386.tar.gz\n VIX API 1.1.x Linux64 VMware-vix-1.1.4-93057.x86_64.tar.gz\n\n Workstation 6.x Windows 6.0.4 build 93057\n Workstation 6.x Linux 6.0.4 build 93057\n Workstation 5.x Windows 5.5.7 build 91707\n Workstation 5.x Linux 5.5.7 build 91707\n\n Player 2.x Windows 2.0.4 build 93057\n Player 2.x Linux 2.0.4 build 93057\n Player 1.x Windows 1.0.6 build 91707\n Player 1.x Linux 1.0.6 build 91707\n\n ACE 2.x Windows 2.0.4 build 93057\n ACE 1.x Windows not affected\n\n Server 1.x Windows 1.0.6 build 91891\n Server 1.x Linux 1.0.6 build 91891\n\n Fusion 1.x Mac OS/X 1.1.2 build 87978 or later\n\n ESXi 3.5 ESXi ESXe350-200805501-I-SG,\n ESXe350-200805502-T-SG\n\n ESX 3.5 ESX ESX350-200805501-BG\n ESX 3.0.2 ESX ESX-1004216, ESX-1004726, ESX-1004727\n ESX 3.0.1 ESX ESX-1004186, ESX-1004725\n ESX 2.5.5 ESX not affected\n ESX 2.5.4 ESX not affected\n\n\nII Service Console rpm updates\n\n NOTE: ESXi and hosted products are not affected by any service console\n security updates\n\n a. Security update for cyrus-sasl\n\n Updated cyrus-sasl package for the ESX Service Console corrects a security\n issue found in the DIGEST-MD5 authentication mechanism of Cyrus'\n implementation of Simple Authentication and Security Layer (SASL). \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the name CVE-2006-1721 to this issue. \n\n RPMs Updated:\n cyrus-sasl-2.1.15-15.i386.rpm\n cyrus-sasl-md5-2.1.15-1.i386.rpm\n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============ ======== ======= =================\n hosted any any not affected\n\n ESXi 3.5 ESXi not affected\n\n ESX 3.5 ESX ESX350-200805504-SG\n ESX 3.0.2 ESX ESX-1004722\n ESX 3.0.1 ESX ESX-1004721\n ESX 2.5.5 ESX not affected\n ESX 2.5.4 ESX not affected\n\n b. Security update for tcltk\n\n An input validation flaw was discovered in Tk's GIF image handling. A\n code-size value read from a GIF image was not properly validated before\n being used, leading to a buffer overflow. A specially crafted GIF file\n could use this to cause a crash or, potentially, execute code with the\n privileges of the application using the Tk graphical toolkit. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the name CVE-2008-0553 to this issue. \n\n A buffer overflow flaw was discovered in Tk's animated GIF image handling. \n An animated GIF containing an initial image smaller than subsequent images\n could cause a crash or, potentially, execute code with the privileges of\n the application using the Tk library. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the name CVE-2007-5378 to this issue. \n\n A flaw first discovered in the Tcl regular expression engine used in the\n PostgreSQL database server, resulted in an infinite loop when processing\n certain regular expressions. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the name CVE-2007-4772 to this issue. \n\n RPM Updated:\n tcl-8.3.5-92.8.i386.rpm\n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============ ======== ======= =================\n hosted any any not affected\n\n ESXi 3.5 ESXi not affected\n\n ESX 3.5 ESX ESX350-200805506-SG\n ESX 3.0.2 ESX ESX-1004724\n ESX 3.0.1 ESX ESX-1004723\n ESX 2.5.5 ESX ESX 2.5.5 Upgrade Patch 8\n ESX 2.5.4 ESX ESX 2.5.4 Upgrade Patch 19\n\n c. Security update for unzip\n\n This patch includes a moderate security update to the service console that\n fixes a flaw in unzip. An attacker could execute malicious code with a\n user's privileges if the user ran unzip on a file designed to leverage\n this flaw. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the name CVE-2008-0888 to this issue. \n\n RPM Updated:\n Unzip-5.50-36.EL3.i386.rpm\n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============ ======== ======= =================\n hosted any any not affected\n\n ESXi 3.5 ESXi not affected\n\n ESX 3.5 ESX ESX350-200805505-SG\n ESX 3.0.2 ESX ESX-1004719\n ESX 3.0.1 ESX ESX-1004190\n ESX 2.5.5 ESX ESX 2.5.5 Upgrade Patch 8\n ESX 2.5.4 ESX ESX 2.5.4 Upgrade Patch 19\n\n d. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2008-0062 to this issue. \n\n NOTE: ESX doesn't contain the krb5kdc binary and is not vulnerable\n to this issue. \n\n NOTE: ESX doesn't contain the krb5kdc binary and is not vulnerable\n to this issue. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2008-0948 to this issue. \n\n RPM Updated:\n krb5-libs-1.2.7-68.i386.rpm\n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============ ======== ======= =================\n hosted any any not affected\n\n ESXi 3.5 ESXi not affected\n\n ESX 3.5 ESX ESX350-200805507-SG\n ESX 3.0.2 ESX ESX-1004219\n ESX 3.0.1 ESX ESX-1004189\n ESX 2.5.5 ESX ESX 2.5.5 Upgrade Patch 8\n ESX 2.5.4 ESX ESX 2.5.4 Upgrade Patch 19\n\n4. Solution:\n\nPlease review the release notes for your product and version and verify the\nmd5sum of your downloaded file. \n\n VMware Workstation 6.0.4\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n\n Windows binary\n md5sum: f50a05831e94c19d98f363c752fca5f9\n\n RPM Installation file for 32-bit Linux\n md5sum: e7793b14b995d3b505f093c84e849421\n\n tar Installation file for 32-bit Linux\n md5sum: a0a8e1d8188f4be03357872a57a767ab\n\n RPM Installation file for 64-bit Linux\n md5sum: 960d753038a268b8f101f4b853c0257e\n\n tar Installation file for 64-bit Linux\n md5sum: 4697ec8a9d6c1152d785f3b77db9d539\n\n VMware Workstation 5.5.7\n ------------------------\n http://www.vmware.com/download/ws/ws5.html\n Release notes:\n http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n\n Windows binary:\n md5sum: 4c6a6653b7296240197aac048591c659\n\n Compressed Tar archive for 32-bit Linux\n md5sum: 8fc15d72031489cf5cd5d47b966787e6\n\n Linux RPM version for 32-bit Linux\n md5sum: f0872fe447ac654a583af16b2f4bba3f\n\n\n VMware Player 2.0.4 and 1.0.7\n -----------------------------\n http://www.vmware.com/download/player/\n Release notes Player 1.x:\n http://www.vmware.com/support/player/doc/releasenotes_player.html\n Release notes Player 2.0\n http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n\n 2.0.4 Windows binary\n md5sum: a117664a8bfa7336b846117e5fc048dd\n\n VMware Player 2.0.4 for Linux (.rpm)\n md5sum: de6ab6364a0966b68eadda2003561cd2\n\n VMware Player 2.0.4 for Linux (.tar)\n md5sum: 9e1c2bfda6b22a3fc195a86aec11903a\n\n VMware Player 2.0.4 - 64-bit (.rpm)\n md5sum: 997e5ceffe72f9ce9146071144dacafa\n\n VMware Player 2.0.4 - 64-bit (.tar)\n md5sum: 18eb4ee49dd7e33ec155ef69d7d259ef\n\n 1.0.7 Windows binary\n md5sum: 51114b3b433dc1b3bf3e434aebbf2b9c\n\n Player 1.0.7 for Linux (.rpm)\n md5sum: 3b5f97a37df3b984297fa595a5cdba9c\n\n Player 1.0.7 for Linux (.tar)\n md5sum: b755739144944071492a16fa20f86a51\n\n\n VMware ACE\n ----------\n http://www.vmware.com/download/ace/\n Release notes 2.0:\n http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n VMware-workstation-6.0.4-93057.exe\n md5sum: f50a05831e94c19d98f363c752fca5f9\n\n VMware-ACE-Management-Server-Appliance-2.0.4-93057.zip\n md5sum: d2ae2246f3d87268cf84c1421d94e86c\n\n VMware-ACE-Management-Server-2.0.4-93057.exe\n md5sum: 41b31b3392d5da2cef77a7bb28654dbf\n\n VMware-ACE-Management-Server-2.0.4-93057.i386-rhel4.rpm\n md5sum: 9920be4c33773df53a1728b41af4b109\n\n VMware-ACE-Management-Server-2.0.4-93057.i386-sles9.rpm\n md5sum: 4ec4c37203db863e8844460b5e80920b\n\n Release notes 1.x:\n http://www.vmware.com/support/ace/doc/releasenotes_ace.html\n\n VMware-ACE-1.0.6-89199.exe\n md5sum: 110f6e24842a0d154d9ec55ef9225f4f\n\n\n VMware Server 1.0.6\n -------------------\n http://www.vmware.com/download/server/\n Release notes:\n http://www.vmware.com/support/server/doc/releasenotes_server.html\n\n VMware Server for Windows 32-bit and 64-bit\n md5sum: 3e00d5cfae123d875e4298bddabf12f5\n\n VMware Server Windows client package\n md5sum: 64f3fc1b4520626ae465237d7ec4773e\n\n VMware Server for Linux\n md5sum: 46ea876bfb018edb6602a921f6597245\n\n VMware Server for Linux rpm\n md5sum: 9d2f0af908aba443ef80bec8f7ef3485\n\n Management Interface\n md5sum: 1b3daabbbb49a036fe49f53f812ef64b\n\n VMware Server Linux client package\n md5sum: 185e5b174659f366fcb38b1c4ad8d3c6\n\n\n VMware Fusion 1.1.3\n --------------\n http://www.vmware.com/download/fusion/\n Release notes:\n http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n md5sum: D15A3DFD3E7B11FC37AC684586086D\n\n\n VMware VIX 1.1.4\n ----------------\n http://www.vmware.com/support/developer/vix-api/\n Release notes:\n http://www.vmware.com/support/pubs/vix-api/VIXAPI-1.1.4-Release-Notes.html\n VMware-vix-1.1.4-93057.exe\n md5sum: 2efb74618c7ead627ecb3b3033e3f9f6\n\n VMware-vix-1.1.4-93057.i386.tar.gz\n md5sum: 988df2b2bbc975a6fc11f27ad1519832\n\n VMware-vix-1.1.4-93057.x86_64.tar.gz\n md5sum: a64f951c6fb5b2795a29a5a7607059c0\n\n\n ESXi\n ----\n VMware ESXi 3.5 patch ESXe350-200805501-O-SG (authd, openwsman, VIX)\n http://download3.vmware.com/software/esx/ESXe350-200805501-O-SG.zip\n md5sum: 4ce06985d520e94243db1e0504a56d8c\n http://kb.vmware.com/kb/1005073\n http://kb.vmware.com/kb/1004173\n http://kb.vmware.com/kb/1004172\n\n NOTE: ESXe350-200805501-O-SG contains the following patch bundles:\n ESXe350-200805501-I-SG, ESXe350-200805502-T-SG,\n ESXe350-200805503-C-SG\n\n\n ESX\n ---\n VMware ESX 3.5 patch ESX350-200805515-SG (authd)\n http://download3.vmware.com/software/esx/ESX350-200805515-SG.zip\n md5sum: 324b50ade230bcd5079a76e3636163c5\n http://kb.vmware.com/kb/1004170\n\n VMware ESX 3.5 patch ESX350-200805508-SG (openwsman)\n http://download3.vmware.com/software/esx/ESX350-200805508-SG.zip\n md5sum: 3ff8c06d4a9dd406f64f89c51bf26d12\n http://kb.vmware.com/kb/1004644\n\n VMware ESX 3.5 patch ESX350-200805501-BG (VIX)\n http://download3.vmware.com/software/esx/ESX350-200805501-BG.zip\n md5sum: 31a620aa249c593c30015b5b6f8c8650\n http://kb.vmware.com/kb/1004637\n\n VMware ESX 3.5 patch ESX350-200805504-SG (cyrus-sasl)\n http://download3.vmware.com/software/esx/ESX350-200805504-SG.zip\n md5sum: 4c1b1a8dcb09a636b55c64c290f7de51\n http://kb.vmware.com/kb/1004640\n\n VMware ESX 3.5 patch ESX350-200805506-SG (tcltk)\n http://download3.vmware.com/software/esx/ESX350-200805506-SG.zip\n md5sum: af279eef8fdeddb7808630da1ae717b1\n http://kb.vmware.com/kb/1004642\n\n VMware ESX 3.5 patch ESX350-200805505-SG (unzip)\n http://download3.vmware.com/software/esx/ESX350-200805505-SG.zip\n md5sum: 07af82d9fd97cccb89d9b90c6ecc41c6\n http://kb.vmware.com/kb/1004641\n\n VMware ESX 3.5 patch ESX350-200805507-SG (krb5)\n http://download3.vmware.com/software/esx/ESX350-200805507-SG.zip\n md5sum: 5d35a1c470daf13c9f4df5bdc9438748\n http://kb.vmware.com/kb/1004643\n\n VMware ESX 3.0.2 patch ESX-1004727 (HGFS,VIX)\n http://download3.vmware.com/software/vi/ESX-1004727.tgz\n md5sum: 31a67b0fa3449747887945f8d370f19e\n http://kb.vmware.com/kb/1004727\n\n VMware ESX 3.0.2 patch ESX-1004821 (authd)\n http://download3.vmware.com/software/vi/ESX-1004821.tgz\n md5sum: 5c147bedd07245c903d44257522aeba1\n http://kb.vmware.com/kb/1004821\n\n VMware ESX 3.0.2 patch ESX-1004216 (VIX)\n http://download3.vmware.com/software/vi/ESX-1004216.tgz\n md5sum: 0784ef70420d28a9a5d6113769f6669a\n http://kb.vmware.com/kb/1004216\n\n VMware ESX 3.0.2 patch ESX-1004726 (VIX)\n http://download3.vmware.com/software/vi/ESX-1004726.tgz\n md5sum: 44f03b274867b534cd274ccdf4630b86\n http://kb.vmware.com/kb/1004726\n\n VMware ESX 3.0.2 patch ESX-1004722 (cyrus-sasl)\n http://download3.vmware.com/software/vi/ESX-1004722.tgz\n md5sum: 99dc71aed5bab7711f573b6d322123d6\n http://kb.vmware.com/kb/1004722\n\n VMware ESX 3.0.2 patch ESX-1004724 (tcltk)\n http://download3.vmware.com/software/vi/ESX-1004724.tgz\n md5sum: fd9a160ca7baa5fc443f2adc8120ecf7\n http://kb.vmware.com/kb/1004724\n\n VMware ESX 3.0.2 patch ESX-1004719 (unzip)\n http://download3.vmware.com/software/vi/ESX-1004719.tgz\n md5sum: f0c37b9f6be3399536d60f6c6944de82\n http://kb.vmware.com/kb/1004719\n\n VMware ESX 3.0.2 patch ESX-1004219 (krb5)\n http://download3.vmware.com/software/vi/ESX-1004219.tgz\n md5sum: 7c68279762f407a7a5ee151a650ebfd4\n http://kb.vmware.com/kb/1004219\n\n VMware ESX 3.0.1 patch ESX-1004186 (HGFS,VIX)\n http://download3.vmware.com/software/vi/ESX-1004186.tgz\n md5sum: f64389a8b97718eccefadce1a14d1198\n http://kb.vmware.com/kb/1004186\n\n VMware ESX 3.0.1 patch ESX-1004728 (authd)\n http://download3.vmware.com/software/vi/ESX-1004728.tgz\n md5sum: 1f01bb819805b855ffa2ec1040eff5ca\n http://kb.vmware.com/kb/1004728\n\n VMware ESX 3.0.1 patch ESX-1004725 (VIX)\n http://download3.vmware.com/software/vi/ESX-1004725.tgz\n md5sum: 9fafb04c6d3f6959e623832f539d2dc8\n http://kb.vmware.com/kb/1004725\n\n VMware ESX 3.0.1 patch ESX-1004721 (cyrus-sasl)\n http://download3.vmware.com/software/vi/ESX-1004721.tgz\n md5sum: 48190819b0f5afddefcb8d209d12b585\n http://kb.vmware.com/kb/1004721\n\n VMware ESX 3.0.1 patch ESX-1004723 (tcltk)\n http://download3.vmware.com/software/vi/ESX-1004723.tgz\n md5sum: c34ca0a5886e0c0917a93a97c331fd7d\n http://kb.vmware.com/kb/1004723\n\n VMware ESX 3.0.1 patch ESX-1004190 (unzip)\n http://download3.vmware.com/software/vi/ESX-1004190.tgz\n md5sum: 05187b9f534048c79c62741367cc0dd2\n http://kb.vmware.com/kb/1004190\n\n VMware ESX 3.0.1 patch ESX-1004189 (krb5)\n http://download3.vmware.com/software/vi/ESX-1004189.tgz\n md5sum: 21b620530b99009f469c872e73a439e8\n http://kb.vmware.com/kb/1004189\n\n VMware ESX 2.5.5 Upgrade Patch 8\n http://download3.vmware.com/software/esx/esx-2.5.5-90521-upgrade.tar.gz\n md5sum: 392b6947fc3600ca0e8e7788cd5bbb6e\n http://vmware.com/support/esx25/doc/esx-255-200805-patch.html\n\n VMware ESX 2.5.4 Upgrade Patch 19\n http://download3.vmware.com/software/esx/esx-2.5.4-90520-upgrade.tar.gz\n md5sum: 442788fd0bccb0d994c75b268bd12760\n http://vmware.com/support/esx25/doc/esx-254-200805-patch.html\n\n5. References:\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5671\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0967\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2097\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2100\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1721\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0553\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5378\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0888\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0948\n\n6. Change log:\n\n2008-06-04 VMSA-2008-0009 Initial release\n\n- -------------------------------------------------------------------\n7. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce@lists.vmware.com\n * bugtraq@securityfocus.com\n * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFIRs08S2KysvBH1xkRCMxFAJ0WJX76quFzCV+avwupq3Lu72UKigCfRftj\nCZvxoXw/sZxDCSDjVzYAhrA=\n=s04s\n-----END PGP SIGNATURE-----\n. \n\nII. \n\nIII. Solution\n\nInstall updates from your vendor\n\n Check with your vendors for patches or updates. For information about\n a vendor, please see the systems affected section in vulnerability\n notes VU#895609 and VU#374121 or contact your vendor directly. \n Administrators who compile MIT Kerberos from source should refer to\n MIT Security Advisory 2008-002 for more information. \n\nIV. References\n\n * US-CERT Vulnerability Note VU#895609 -\n <http://www.kb.cert.org/vuls/id/895609>\n \n * US-CERT Vulnerability Note VU#374121 -\n <http://www.kb.cert.org/vuls/id/374121>\n \n * MIT krb5 Security Advisory 2008-002 -\n <http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt2>\n\n _________________________________________________________________\n\n The most recent version of this document can be found at:\n\n <http://www.us-cert.gov/cas/techalerts/TA08-079B.html>\n _________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. \n _________________________________________________________________\n\n Produced 2008 by US-CERT, a government organization. \n\nBackground\n==========\n\nMIT Kerberos 5 is a suite of applications that implement the Kerberos\nnetwork protocol. kadmind is the MIT Kerberos 5 administration daemon,\nKDC is the Key Distribution Center. \n\n* Jeff Altman (Secure Endpoints) discovered a buffer overflow in the\n RPC library server code, used in the kadmin server, caused when too\n many file descriptors are opened (CVE-2008-0947). \n\n* Venustech AD-LAB discovered multiple vulnerabilities in the GSSAPI\n library: usage of a freed variable in the gss_indicate_mechs()\n function (CVE-2007-5901) and a double free() vulnerability in the\n gss_krb5int_make_seal_token_v3() function (CVE-2007-5971). These bugs can only be triggered when Kerberos 4 support is\nenabled. This\nbug can only be triggered in configurations that allow large numbers of\nopen file descriptors in a process. \n\nWorkaround\n==========\n\nKerberos 4 support can be disabled via disabling the \"krb4\" USE flag\nand recompiling the ebuild, or setting \"v4_mode=none\" in the\n[kdcdefaults] section of /etc/krb5/kdc.conf. This will only work around\nthe KDC related vulnerabilities. \n\nResolution\n==========\n\nAll MIT Kerberos 5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-crypt/mit-krb5-1.6.3-r1\"\n\nReferences\n==========\n\n [ 1 ] CVE-2007-5901\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894\n [ 2 ] CVE-2007-5971\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971\n [ 3 ] CVE-2008-0062\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062\n [ 4 ] CVE-2008-0063\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063\n [ 5 ] CVE-2008-0947\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200803-31.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2008 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n", sources: [ { db: "NVD", id: "CVE-2008-0063", }, { db: "CERT/CC", id: "VU#895609", }, { db: "CERT/CC", id: "VU#374121", }, { db: "JVNDB", id: "JVNDB-2008-001183", }, { db: "VULHUB", id: "VHN-30188", }, { db: "PACKETSTORM", id: "64708", }, { db: "PACKETSTORM", id: "64730", }, { db: "PACKETSTORM", id: "64688", }, { db: "PACKETSTORM", id: "64729", }, { db: "PACKETSTORM", id: "64731", }, { db: "PACKETSTORM", id: "64714", }, { db: "PACKETSTORM", id: "67011", }, { db: "PACKETSTORM", id: "64715", }, { db: "PACKETSTORM", id: "64848", }, ], trust: 3.96, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2008-0063", trust: 4.1, }, { db: "SECUNIA", id: "29428", trust: 2.5, }, { db: "BID", id: "28303", trust: 2.5, }, { db: "CERT/CC", id: "VU#895609", trust: 1.7, }, { db: "SECUNIA", id: "29424", trust: 1.7, }, { db: "SECUNIA", id: "29435", trust: 1.7, }, { db: "SECUNIA", id: "29423", trust: 1.7, }, { db: "SECUNIA", id: "29457", trust: 1.7, }, { db: "SECUNIA", id: "29451", trust: 1.7, }, { db: "SECUNIA", id: "29438", trust: 1.7, }, { db: "SECUNIA", id: "29663", trust: 1.7, }, { db: "SECUNIA", id: "29420", trust: 1.7, }, { db: "SECUNIA", id: "30535", trust: 1.7, }, { db: "SECUNIA", id: "29462", trust: 1.7, }, { db: "SECUNIA", id: "29516", trust: 1.7, }, { db: "SECUNIA", id: "29450", trust: 1.7, }, { db: "SECUNIA", id: "29464", trust: 1.7, }, { db: "SECTRACK", id: "1019627", trust: 1.7, }, { db: "VUPEN", id: "ADV-2008-0924", trust: 1.7, }, { db: "VUPEN", id: "ADV-2008-0922", trust: 1.7, }, { db: "VUPEN", id: "ADV-2008-1744", trust: 1.7, }, { db: "VUPEN", id: "ADV-2008-1102", trust: 1.7, }, { db: "CERT/CC", id: "VU#374121", trust: 0.9, }, { db: "USCERT", id: "TA08-079B", trust: 0.9, }, { db: "USCERT", id: "TA08-079A", trust: 0.8, }, { db: "USCERT", id: "SA08-079A", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2008-001183", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-200803-310", trust: 0.7, }, { db: "BUGTRAQ", id: "20080318 MITKRB5-SA-2008-001: DOUBLE-FREE, UNINITIALIZED DATA VULNERABILITIES IN KRB5KDC", trust: 0.6, }, { db: "BUGTRAQ", id: "20080319 RPSA-2008-0112-1 KRB5 KRB5-SERVER KRB5-SERVICES KRB5-TEST KRB5-WORKSTATION", trust: 0.6, }, { db: "BUGTRAQ", id: "20080604 VMSA-2008-0009 UPDATES TO VMWARE WORKSTATION, VMWARE PLAYER, VMWARE ACE, VMWARE FUSION, VMWARE SERVER, VMWARE VIX API, VMWARE ESX, VMWARE ESXI RESOLVE CRITICAL SECURITY ISSUES", trust: 0.6, }, { db: "REDHAT", id: "RHSA-2008:0164", trust: 0.6, }, { db: "REDHAT", id: "RHSA-2008:0181", trust: 0.6, }, { db: "REDHAT", id: "RHSA-2008:0180", trust: 0.6, }, { db: "REDHAT", id: "RHSA-2008:0182", trust: 0.6, }, { db: "MANDRIVA", id: "MDVSA-2008:069", trust: 0.6, }, { db: "MANDRIVA", id: "MDVSA-2008:070", trust: 0.6, }, { db: "MANDRIVA", id: "MDVSA-2008:071", trust: 0.6, }, { db: "FEDORA", id: "FEDORA-2008-2637", trust: 0.6, }, { db: "FEDORA", id: "FEDORA-2008-2647", trust: 0.6, }, { db: "XF", id: "5", trust: 0.6, }, { db: "XF", id: "41277", trust: 0.6, }, { db: "GENTOO", id: "GLSA-200803-31", trust: 0.6, }, { db: "UBUNTU", id: "USN-587-1", trust: 0.6, }, { db: "SUSE", id: "SUSE-SA:2008:016", trust: 0.6, }, { db: "DEBIAN", id: "DSA-1524", trust: 0.6, }, { db: "VULHUB", id: "VHN-30188", trust: 0.1, }, { db: "PACKETSTORM", id: "64708", trust: 0.1, }, { db: "PACKETSTORM", id: "64730", trust: 0.1, }, { db: "PACKETSTORM", id: "64688", trust: 0.1, }, { db: "PACKETSTORM", id: "64729", trust: 0.1, }, { db: "PACKETSTORM", id: "64731", trust: 0.1, }, { db: "PACKETSTORM", id: "64714", trust: 0.1, }, { db: "PACKETSTORM", id: "67011", trust: 0.1, }, { db: "PACKETSTORM", id: "64715", trust: 0.1, }, { db: "PACKETSTORM", id: "64848", trust: 0.1, }, ], sources: [ { db: "CERT/CC", id: "VU#895609", }, { db: "CERT/CC", id: "VU#374121", }, { db: "VULHUB", id: "VHN-30188", }, { db: "JVNDB", id: "JVNDB-2008-001183", }, { db: "PACKETSTORM", id: "64708", }, { db: "PACKETSTORM", id: "64730", }, { db: "PACKETSTORM", id: "64688", }, { db: "PACKETSTORM", id: "64729", }, { db: "PACKETSTORM", id: "64731", }, { db: "PACKETSTORM", id: "64714", }, { db: "PACKETSTORM", id: "67011", }, { db: "PACKETSTORM", id: "64715", }, { db: "PACKETSTORM", id: "64848", }, { db: "CNNVD", id: "CNNVD-200803-310", }, { db: "NVD", id: "CVE-2008-0063", }, ], }, id: "VAR-200803-0028", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-30188", }, ], trust: 0.01, }, last_update_date: "2024-07-23T21:21:47.664000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "RHSA-2008", trust: 0.8, url: "http://web.mit.edu/kerberos/advisories/mitkrb5-sa-2008-001.txt", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2008-001183", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-908", trust: 1, }, { problemtype: "Use of uninitialized resources (CWE-908) [NVD evaluation ]", trust: 0.8, }, { problemtype: "CWE-119", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-30188", }, { db: "JVNDB", id: "JVNDB-2008-001183", }, { db: "NVD", id: "CVE-2008-0063", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.5, url: "http://www.securityfocus.com/bid/28303", }, { trust: 2, url: "http://web.mit.edu/kerberos/advisories/mitkrb5-sa-2008-001.txt", }, { trust: 1.7, url: "http://www.securityfocus.com/archive/1/489761", }, { trust: 1.7, url: "http://support.novell.com/docs/readmes/infodocument/patchbuilder/readme_5022520.html", }, { trust: 1.7, url: "http://support.novell.com/docs/readmes/infodocument/patchbuilder/readme_5022542.html", }, { trust: 1.7, url: "http://wiki.rpath.com/advisories:rpsa-2008-0112", }, { trust: 1.7, url: "http://wiki.rpath.com/wiki/advisories:rpsa-2008-0112", }, { trust: 1.7, url: "http://www.vmware.com/security/advisories/vmsa-2008-0009.html", }, { trust: 1.7, url: "http://www.debian.org/security/2008/dsa-1524", }, { trust: 1.7, url: "https://www.redhat.com/archives/fedora-package-announce/2008-march/msg00537.html", }, { trust: 1.7, url: "https://www.redhat.com/archives/fedora-package-announce/2008-march/msg00544.html", }, { trust: 1.7, url: "http://www.gentoo.org/security/en/glsa/glsa-200803-31.xml", }, { trust: 1.7, url: "http://www.mandriva.com/security/advisories?name=mdvsa-2008:069", }, { trust: 1.7, url: "http://www.mandriva.com/security/advisories?name=mdvsa-2008:070", }, { trust: 1.7, url: "http://www.mandriva.com/security/advisories?name=mdvsa-2008:071", }, { trust: 1.7, url: "http://www.redhat.com/support/errata/rhsa-2008-0164.html", }, { trust: 1.7, url: "http://www.redhat.com/support/errata/rhsa-2008-0180.html", }, { trust: 1.7, url: "http://www.redhat.com/support/errata/rhsa-2008-0181.html", }, { trust: 1.7, url: "http://www.redhat.com/support/errata/rhsa-2008-0182.html", }, { trust: 1.7, url: "http://www.securitytracker.com/id?1019627", }, { trust: 1.7, url: "http://secunia.com/advisories/29420", }, { trust: 1.7, url: "http://secunia.com/advisories/29423", }, { trust: 1.7, url: "http://secunia.com/advisories/29424", }, { trust: 1.7, url: "http://secunia.com/advisories/29428", }, { trust: 1.7, url: "http://secunia.com/advisories/29435", }, { trust: 1.7, url: "http://secunia.com/advisories/29438", }, { trust: 1.7, url: "http://secunia.com/advisories/29450", }, { trust: 1.7, url: "http://secunia.com/advisories/29451", }, { trust: 1.7, url: "http://secunia.com/advisories/29457", }, { trust: 1.7, url: "http://secunia.com/advisories/29462", }, { trust: 1.7, url: "http://secunia.com/advisories/29464", }, { trust: 1.7, url: "http://secunia.com/advisories/29516", }, { trust: 1.7, url: "http://secunia.com/advisories/29663", }, { trust: 1.7, url: "http://secunia.com/advisories/30535", }, { trust: 1.7, url: "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00006.html", }, { trust: 1.7, url: "http://www.ubuntu.com/usn/usn-587-1", }, { trust: 1.6, url: "about vulnerability notes", }, { trust: 1.6, url: "contact us about this vulnerability", }, { trust: 1.6, url: "provide a vendor statement", }, { trust: 1.1, url: "http://lists.apple.com/archives/security-announce/2008/mar/msg00001.html", }, { trust: 1.1, url: "http://www.securityfocus.com/archive/1/489883/100/0/threaded", }, { trust: 1.1, url: "http://www.securityfocus.com/archive/1/493080/100/0/threaded", }, { trust: 1.1, url: "http://docs.info.apple.com/article.html?artnum=307562", }, { trust: 1.1, url: "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8916", }, { trust: 1.1, url: "http://www.vupen.com/english/advisories/2008/0922/references", }, { trust: 1.1, url: "http://www.vupen.com/english/advisories/2008/0924/references", }, { trust: 1.1, url: "http://www.vupen.com/english/advisories/2008/1102/references", }, { trust: 1.1, url: "http://www.vupen.com/english/advisories/2008/1744", }, { trust: 1.1, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41277", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnta08-079a/index.html", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnta08-079b/index.html", }, { trust: 0.8, url: "http://jvn.jp/tr/trta08-079a/index.html", }, { trust: 0.8, url: "http://jvn.jp/tr/trta08-079b/index.html", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-0063", }, { trust: 0.8, url: "http://www.us-cert.gov/cas/alerts/sa08-079a.html", }, { trust: 0.8, url: "http://www.kb.cert.org/vuls/id/895609", }, { trust: 0.8, url: "http://www.us-cert.gov/cas/techalerts/ta08-079a.html", }, { trust: 0.8, url: "http://www.us-cert.gov/cas/techalerts/ta08-079b.html", }, { trust: 0.8, url: "http://secunia.com/advisories/29428/", }, { trust: 0.8, url: "http://www.frsirt.com/english/advisories/2008/0922", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0062", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0063", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0947", }, { trust: 0.6, url: "http://xforce.iss.net/xforce/xfdb/41277", }, { trust: 0.6, url: "http://www.securityfocus.com/archive/1/archive/1/493080/100/0/threaded", }, { trust: 0.6, url: "http://www.securityfocus.com/archive/1/archive/1/489883/100/0/threaded", }, { trust: 0.6, url: "http://www.frsirt.com/english/advisories/2008/1744", }, { trust: 0.6, url: "http://www.frsirt.com/english/advisories/2008/1102/references", }, { trust: 0.6, url: "http://www.frsirt.com/english/advisories/2008/0924/references", }, { trust: 0.6, url: "http://www.frsirt.com/english/advisories/2008/0922/references", }, { trust: 0.5, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0062", }, { trust: 0.5, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0063", }, { trust: 0.4, url: "http://secunia.com/", }, { trust: 0.4, url: "http://lists.grok.org.uk/full-disclosure-charter.html", }, { trust: 0.3, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5971", }, { trust: 0.3, url: "http://www.mandriva.com/security/", }, { trust: 0.3, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0947", }, { trust: 0.3, url: "http://www.mandriva.com/security/advisories", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5971", }, { trust: 0.2, url: "http://web.mit.edu/kerberos/advisories/mitkrb5-sa-2008-002.txt", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5901", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0948", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.1-7ubuntu0.1.dsc", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.7.dsc", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.1.orig.tar.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.1-7ubuntu0.1_all.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.4-5ubuntu3.4.diff.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-9ubuntu1.6.dsc", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-9ubuntu1.6.diff.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.4-5ubuntu3.4.dsc", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.7_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.7_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.1-7ubuntu0.1.diff.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.7_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.4-5ubuntu3.4_all.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.7_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.7_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.4.orig.tar.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-5ubuntu0.7_all.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.7_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.7_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.7_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-9ubuntu1.6_all.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.7_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.7_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.7.diff.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.1-7ubuntu0.1_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.1-7ubuntu0.1_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.4-5ubuntu3.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.1-7ubuntu0.1_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.4-5ubuntu3.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.1-7ubuntu0.1_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.4-5ubuntu3.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3.orig.tar.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.4-5ubuntu3.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch5.dsc", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4.orig.tar.gz", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.3.6-2sarge6_all.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_ia64.deb", }, { trust: 0.1, url: "http://www.debian.org/security/faq", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch5.diff.gz", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge6.diff.gz", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge6.dsc", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.4.4-7etch5_all.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://www.debian.org/security/", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6.orig.tar.gz", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_m68k.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_arm.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_alpha.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_powerpc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://packages.debian.org/<pkg>", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_amd64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_i386.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_hppa.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_ia64.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_mipsel.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_sparc.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_s390.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_mips.deb", }, { trust: 0.1, url: "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_mips.deb", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5901", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-apps-servers-1.6.2-22.4.x86_64.rpm", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-apps-clients-1.6.2-22.4.i586.rpm", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-devel-32bit-1.6.2-22.4.x86_64.rpm", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/krb5-1.6.2-22.4.src.rpm", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-devel-1.6.2-22.4.ppc.rpm", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-apps-clients-1.6.2-22.4.x86_64.rpm", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-1.6.2-22.4.ppc.rpm", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-client-1.6.2-22.4.i586.rpm", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-server-1.6.2-22.4.i586.rpm", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-devel-1.6.2-22.4.i586.rpm", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-server-1.6.2-22.4.ppc.rpm", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-client-1.6.2-22.4.x86_64.rpm", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-client-1.6.2-22.4.ppc.rpm", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-1.6.2-22.4.i586.rpm", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-devel-1.6.2-22.4.x86_64.rpm", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-32bit-1.6.2-22.4.x86_64.rpm", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-apps-servers-1.6.2-22.4.i586.rpm", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-apps-clients-1.6.2-22.4.ppc.rpm", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-apps-servers-1.6.2-22.4.ppc.rpm", }, { trust: 0.1, url: "http://support.novell.com/techcenter/psdb/a1cba9b24d53ae5d2b80a81acd449edb.html", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-server-1.6.2-22.4.x86_64.rpm", }, { trust: 0.1, url: "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-1.6.2-22.4.x86_64.rpm", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004189", }, { trust: 0.1, url: "http://download3.vmware.com/software/esx/esx350-200805515-sg.zip", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004723", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004644", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004642", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004219", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004725", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1055", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0553", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004722.tgz", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004719.tgz", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004219.tgz", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5378", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5378", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004724.tgz", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0967", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0967", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004719", }, { trust: 0.1, url: "http://www.vmware.com/support/server/doc/releasenotes_server.html", }, { trust: 0.1, url: "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", }, { trust: 0.1, url: "http://www.vmware.com/support/developer/vix-api/", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004172", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004725.tgz", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004727.tgz", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004641", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004724", }, { trust: 0.1, url: "http://www.vmware.com/support/policies/eos_vi.html", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5671", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004170", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004726.tgz", }, { trust: 0.1, url: "http://www.vmware.com/support/ace/doc/releasenotes_ace.html", }, { trust: 0.1, url: "http://download3.vmware.com/software/esx/esx350-200805501-bg.zip", }, { trust: 0.1, url: "http://www.vmware.com/download/player/", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004721", }, { trust: 0.1, url: "http://www.vmware.com/security", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-2097", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004722", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004727", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004821", }, { trust: 0.1, url: "http://download3.vmware.com/software/esx/esx-2.5.5-90521-upgrade.tar.gz", }, { trust: 0.1, url: "http://www.vmware.com/download/ws/", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004637", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0888", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004821.tgz", }, { trust: 0.1, url: "http://vmware.com/support/esx25/doc/esx-255-200805-patch.html", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004721.tgz", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5671", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0553", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1005073", }, { trust: 0.1, url: "http://www.vmware.com/support/policies/eos.html", }, { trust: 0.1, url: "http://www.vmware.com/download/server/", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004186", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004186.tgz", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004723.tgz", }, { trust: 0.1, url: "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2097", }, { trust: 0.1, url: "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce", }, { trust: 0.1, url: "http://download3.vmware.com/software/esx/esx350-200805508-sg.zip", }, { trust: 0.1, url: "http://download3.vmware.com/software/esx/esx350-200805505-sg.zip", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2006-1721", }, { trust: 0.1, url: "http://www.vmware.com/support/player/doc/releasenotes_player.html", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004173", }, { trust: 0.1, url: "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", }, { trust: 0.1, url: "http://www.vmware.com/download/ws/ws5.html", }, { trust: 0.1, url: "http://www.vmware.com/download/fusion/", }, { trust: 0.1, url: "http://download3.vmware.com/software/esx/esx-2.5.4-90520-upgrade.tar.gz", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2007-4772", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004643", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1721", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0948", }, { trust: 0.1, url: "http://www.vmware.com/support/policies/security_response.html", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004216.tgz", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004728", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004728.tgz", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004189.tgz", }, { trust: 0.1, url: "http://www.vmware.com/support/pubs/vix-api/vixapi-1.1.4-release-notes.html", }, { trust: 0.1, url: "http://www.vmware.com/download/ace/", }, { trust: 0.1, url: "http://download3.vmware.com/software/vi/esx-1004190.tgz", }, { trust: 0.1, url: "http://download3.vmware.com/software/esx/esxe350-200805501-o-sg.zip", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-2100", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004216", }, { trust: 0.1, url: "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004190", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004726", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0888", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1004640", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2100", }, { trust: 0.1, url: "http://download3.vmware.com/software/esx/esx350-200805506-sg.zip", }, { trust: 0.1, url: "http://download3.vmware.com/software/esx/esx350-200805504-sg.zip", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4772", }, { trust: 0.1, url: "http://download3.vmware.com/software/esx/esx350-200805507-sg.zip", }, { trust: 0.1, url: "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", }, { trust: 0.1, url: "http://vmware.com/support/esx25/doc/esx-254-200805-patch.html", }, { trust: 0.1, url: "http://www.us-cert.gov/cas/signup.html>.", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/id/374121>", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/id/895609>", }, { trust: 0.1, url: "http://www.us-cert.gov/cas/techalerts/ta08-079b.html>", }, { trust: 0.1, url: "http://web.mit.edu/kerberos/advisories/mitkrb5-sa-2008-002.txt2>", }, { trust: 0.1, url: "http://www.us-cert.gov/legal.html>", }, { trust: 0.1, url: "http://bugs.gentoo.org.", }, { trust: 0.1, url: "http://creativecommons.org/licenses/by-sa/2.5", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5894", }, { trust: 0.1, url: "http://security.gentoo.org/glsa/glsa-200803-31.xml", }, { trust: 0.1, url: "http://security.gentoo.org/", }, ], sources: [ { db: "CERT/CC", id: "VU#895609", }, { db: "CERT/CC", id: "VU#374121", }, { db: "VULHUB", id: "VHN-30188", }, { db: "JVNDB", id: "JVNDB-2008-001183", }, { db: "PACKETSTORM", id: "64708", }, { db: "PACKETSTORM", id: "64730", }, { db: "PACKETSTORM", id: "64688", }, { db: "PACKETSTORM", id: "64729", }, { db: "PACKETSTORM", id: "64731", }, { db: "PACKETSTORM", id: "64714", }, { db: "PACKETSTORM", id: "67011", }, { db: "PACKETSTORM", id: "64715", }, { db: "PACKETSTORM", id: "64848", }, { db: "CNNVD", id: "CNNVD-200803-310", }, { db: "NVD", id: "CVE-2008-0063", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CERT/CC", id: "VU#895609", }, { db: "CERT/CC", id: "VU#374121", }, { db: "VULHUB", id: "VHN-30188", }, { db: "JVNDB", id: "JVNDB-2008-001183", }, { db: "PACKETSTORM", id: "64708", }, { db: "PACKETSTORM", id: "64730", }, { db: "PACKETSTORM", id: "64688", }, { db: "PACKETSTORM", id: "64729", }, { db: "PACKETSTORM", id: "64731", }, { db: "PACKETSTORM", id: "64714", }, { db: "PACKETSTORM", id: "67011", }, { db: "PACKETSTORM", id: "64715", }, { db: "PACKETSTORM", id: "64848", }, { db: "CNNVD", id: "CNNVD-200803-310", }, { db: "NVD", id: "CVE-2008-0063", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2008-03-19T00:00:00", db: "CERT/CC", id: "VU#895609", }, { date: "2008-03-18T00:00:00", db: "CERT/CC", id: "VU#374121", }, { date: "2008-03-19T00:00:00", db: "VULHUB", id: "VHN-30188", }, { date: "2008-04-03T00:00:00", db: "JVNDB", id: "JVNDB-2008-001183", }, { date: "2008-03-19T22:47:40", db: "PACKETSTORM", id: "64708", }, { date: "2008-03-19T23:37:11", db: "PACKETSTORM", id: "64730", }, { date: "2008-03-19T02:26:54", db: "PACKETSTORM", id: "64688", }, { date: "2008-03-19T23:35:04", db: "PACKETSTORM", id: "64729", }, { date: "2008-03-19T23:38:22", db: "PACKETSTORM", id: "64731", }, { date: "2008-03-19T22:58:28", db: "PACKETSTORM", id: "64714", }, { date: "2008-06-05T01:56:09", db: "PACKETSTORM", id: "67011", }, { date: "2008-03-19T22:59:32", db: "PACKETSTORM", id: "64715", }, { date: "2008-03-24T22:48:28", db: "PACKETSTORM", id: "64848", }, { date: "2008-03-19T00:00:00", db: "CNNVD", id: "CNNVD-200803-310", }, { date: "2008-03-19T10:44:00", db: "NVD", id: "CVE-2008-0063", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2011-07-22T00:00:00", db: "CERT/CC", id: "VU#895609", }, { date: "2011-07-22T00:00:00", db: "CERT/CC", id: "VU#374121", }, { date: "2018-10-15T00:00:00", db: "VULHUB", id: "VHN-30188", }, { date: "2024-02-28T07:24:00", db: "JVNDB", id: "JVNDB-2008-001183", }, { date: "2008-10-11T00:00:00", db: "CNNVD", id: "CNNVD-200803-310", }, { date: "2024-02-09T00:35:55.777000", db: "NVD", id: "CVE-2008-0063", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "64708", }, { db: "PACKETSTORM", id: "64688", }, { db: "PACKETSTORM", id: "64715", }, { db: "CNNVD", id: "CNNVD-200803-310", }, ], trust: 0.9, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "MIT Kerberos krb4-enabled KDC contains multiple vulnerabilities", sources: [ { db: "CERT/CC", id: "VU#895609", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer overflow", sources: [ { db: "CNNVD", id: "CNNVD-200803-310", }, ], trust: 0.6, }, }
var-200712-0601
Vulnerability from variot
Double free vulnerability in the krb5_def_store_mkey function in lib/kdb/kdb_default.c in MIT Kerberos 5 (krb5) 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store this key. Kerberos是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等。MIT Kerberos 5(又名krb5)是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等. Kerberos的实现上存在多个内存破坏漏洞,远程攻击者可能利用这些漏洞导致服务程序崩溃. gssftp的ftpd是Kerberos加密的FTP服务器,可通过Kerberos 5认证。在ftpd.c的reply()函数中存在未初始化的指针: void reply(int n, char fmt, ...) { ... (1) int length, kerror; <---- declared length without initializer if (n) sprintf(in, \"\%d\%c\", n, cont_char); else in[0] = \'\'\0\'\'; strncat(in, buf, sizeof (in) - strlen(in) - 1); #ifdef KRB5_KRB4_COMPAT if (strcmp(auth_type, \"KERBEROS_V4\") == 0) { if (clevel == PROT_P) length = krb_mk_priv((unsigned char )in, (unsigned char )out, strlen(in), schedule, &kdata.session, &ctrl_addr, &his_addr); else length = krb_mk_safe((unsigned char )in, (unsigned char )out, strlen(in), &kdata.session, &ctrl_addr, &his_addr); if (length == -1) { syslog(LOG_ERR, \"krb_mk_\%s failed for KERBEROS_V4\", clevel == PROT_P ? \"priv\" : \"safe\"); fputs(in,stdout); } } else #endif / KRB5_KRB4_COMPAT / #ifdef GSSAPI / reply (based on level) / if (strcmp(auth_type, \"GSSAPI\") == 0) { gss_buffer_desc in_buf, out_buf; OM_uint32 maj_stat, min_stat; int conf_state; in_buf.value = in; in_buf.length = strlen(in); maj_stat = gss_seal(&min_stat, gcontext, clevel == PROT_P, / private / GSS_C_QOP_DEFAULT, &in_buf, &conf_state, &out_buf); if (maj_stat != GSS_S_COMPLETE) { #if 0 / Don\'\'t setup an infinite loop / / generally need to deal / secure_gss_error(maj_stat, min_stat, (clevel==PROT_P)? \"gss_seal ENC didn\'\'t complete\": \"gss_seal MIC didn\'\'t complete\"); #endif / 0 / } else if ((clevel == PROT_P) && !conf_state) { #if 0 / Don\'\'t setup an infinite loop / secure_error(\"GSSAPI didn\'\'t encrypt message\"); #endif / 0 / } else { memcpy(out, out_buf.value, length=out_buf.length); gss_release_buffer(&min_stat, &out_buf); } } #endif / GSSAPI / / Othe. These issues include a use-after-free vulnerability, an integer-overflow vulnerability, and two double-free vulnerabilities. It adopts a client/server structure, and both the client and the server can authenticate each other (that is, double verification), which can prevent eavesdropping and replay attack, etc. MIT Kerberos 5 (also known as krb5) is a set of network authentication protocols developed by the Massachusetts Institute of Technology (MIT). ), which can prevent eavesdropping, prevent replay attacks, etc. There are multiple memory corruption vulnerabilities in the implementation of Kerberos, and remote attackers may use these vulnerabilities to cause the service program to crash. gssftp's ftpd is a Kerberos-encrypted FTP server that can pass Kerberos 5 authentication.
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched.
Download and test it today: https://psi.secunia.com/
Read more about this new version: https://psi.secunia.com/?page=changelog
TITLE: SUSE Update for Multiple Packages
SECUNIA ADVISORY ID: SA28636
VERIFY ADVISORY: http://secunia.com/advisories/28636/
CRITICAL: Highly critical
IMPACT: Security Bypass, DoS, System access
WHERE:
From remote
OPERATING SYSTEM: SUSE Linux 10.1 http://secunia.com/product/10796/ openSUSE 10.2 http://secunia.com/product/13375/ openSUSE 10.3 http://secunia.com/product/16124/ SuSE Linux Enterprise Server 8 http://secunia.com/product/1171/ SUSE Linux Enterprise Server 9 http://secunia.com/product/4118/ SUSE Linux Enterprise Server 10 http://secunia.com/product/12192/ SuSE Linux Openexchange Server 4.x http://secunia.com/product/2001/ SuSE Linux Standard Server 8 http://secunia.com/product/2526/
DESCRIPTION: SUSE has issued updates for multiple packages. These fix some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to bypass certain security restrictions, to cause a DoS, or to compromise a user's system.
For more information: SA27313 SA28076 SA28129 SA28228 SA28327 SA28358 SA28384 SA28444
SOLUTION: Updated packages are available via Yast Online Update or the SUSE FTP server.
ORIGINAL ADVISORY: http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00005.html
OTHER REFERENCES: SA27313: http://secunia.com/advisories/27313/
SA28076: http://secunia.com/advisories/28076/
SA28129: http://secunia.com/advisories/28129/
SA28228: http://secunia.com/advisories/28228/
SA28327: http://secunia.com/advisories/28327/
SA28358: http://secunia.com/advisories/28358/
SA28384: http://secunia.com/advisories/28384/
SA28444: http://secunia.com/advisories/28444/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. ----------------------------------------------------------------------
Secunia CSI + Microsoft SCCM
= Extensive Patch Management
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
TITLE: Ubuntu update for krb5
SECUNIA ADVISORY ID: SA39290
VERIFY ADVISORY: http://secunia.com/advisories/39290/
DESCRIPTION: Ubuntu has issued an update for krb5. (Only Ubuntu 6.06 LTS was affected.) (CVE-2007-5902, CVE-2007-5971, CVE-2007-5972)
Joel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos did not correctly verify certain packet structures. ----------------------------------------------------------------------
Stay Compliant
Alerts, Technical Descriptions, PoC, Links to patches, CVSS, CVE, Changelogs, Alternative Remediation Strategies, and much more provided in the Secunia Vulnerability Intelligence solutions
Free Trial http://secunia.com/products/corporate/evm/trial/
TITLE: Ubuntu update for krb5
SECUNIA ADVISORY ID: SA39784
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/39784/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=39784
RELEASE DATE: 2010-05-21
DISCUSS ADVISORY: http://secunia.com/advisories/39784/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/39784/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=39784
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Ubuntu has issued an update for krb5.
II.DETAILS:
Background MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol.
Description
A uninitialized vulnerability (CVE-2007-5894)in function reply() in
ftpd.c. A dereferencing vulnerability(CVE-2007-5901) in gssapi lib in function gss_indicate_mechs(mi norStatus, mechSet) in g_initialize.c and a integer overflow vunerability(CVE-2007-5902) in rpc lib in function svcauth_gss_get_principal in svc_auth_gss.c. A double free vulnerability(CVE-2007-5971) in function gss_krb5int_make_seal_token_v3 in k5sealv3.c and another double free vulnerability(CVE-2007-5972) in function krb5_def_store_mkey in lib/kdb/kdb_default.c.
Impact
Reading uninitialized variables can result in unpredictable behavior, crashes, or security holes. Dereferencing,integer overflow and double free may cause instability and potentially crash.
References
[ 1 ] CVE-2007-5894 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894 [ 2 ] CVE-2007-5901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901 [ 3 ] CVE-2007-5902 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5902 [ 4 ] CVE-2007-5971 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971 [ 5 ] CVE-2007-5972 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5972
III.CREDIT:
Venustech AD-LAB discovery this vuln. Thank to all Venustech AD-Lab
guys.
V.DISCLAIMS:
The information in this bulletin is provided "AS IS" without warranty of any kind. In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
Copyright 1996-2007 VENUSTECH. All Rights Reserved. Terms of use.
VENUSTECH Security Lab VENUSTECH INFORMATION TECHNOLOGY CO.,LTD(http://www.venustech.com.cn)
Security Trusted {Solution} Provider Service
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . =========================================================== Ubuntu Security Notice USN-924-1 April 07, 2010 krb5 vulnerabilities CVE-2007-5901, CVE-2007-5902, CVE-2007-5971, CVE-2007-5972, CVE-2010-0629 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 8.04 LTS: krb5-kdc 1.6.dfsg.3~beta1-2ubuntu1.4 libkrb53 1.6.dfsg.3~beta1-2ubuntu1.4
Ubuntu 8.10: krb5-kdc 1.6.dfsg.4~beta1-3ubuntu0.4
Ubuntu 9.04: krb5-kdc 1.6.dfsg.4~beta1-5ubuntu2.3 libkrb53 1.6.dfsg.4~beta1-5ubuntu2.3
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Sol Jerome discovered that the Kerberos kadmind service did not correctly free memory. An unauthenticated remote attacker could send specially crafted traffic to crash the kadmind process, leading to a denial of service. (CVE-2010-0629)
It was discovered that Kerberos did not correctly free memory in the GSSAPI library. If a remote attacker were able to manipulate an application using GSSAPI carefully, the service could crash, leading to a denial of service. (Ubuntu 8.10 was not affected.) (CVE-2007-5901, CVE-2007-5971)
It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service. (Only Ubuntu 8.04 LTS was affected.) (CVE-2007-5902, CVE-2007-5972)
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.diff.gz
Size/MD5: 1747579 857bc90fe202aacef9aa7ec1915912b0
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.dsc
Size/MD5: 1135 4cacf5667996472a34c29f5db3590a0a
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1.orig.tar.gz
Size/MD5: 14672599 7a36c3471aa31ffd01d5a020f9d82dff
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.3~beta1-2ubuntu1.4_all.deb
Size/MD5: 2121560 319ec346ce4f7acfcd3f535276b2e7e9
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 140892 372ce44cc13bfcea71652553d16ab0f6
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 162164 6b37b079fa1b8fd1d512e8d5a268c6e3
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 1337522 23370d40c101659acb54bd203c263e3d
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 89344 02a61de3df97772e9a46ce5f960d392d
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 497374 89e647e9beec851c340774d758f6d68c
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 88168 6f6c1a76b5fd3f579c26f5438fb04f69
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 230020 ff26ae7c13bedcd6335b36d335357f79
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 65660 6ad8023f8ec936b19046b04c95c948bc
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 186140 af7b0135284c9bffd16a6a03b2c36703
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 64960 abc799e9e887480fc993bdba504af466
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 91866 cfb606d8378283313f5009faa2dec564
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb
Size/MD5: 73208 6ee86c16449e975666de4454ca001fb4
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 131262 a8beec1ae2763a39f4224e6457d79a68
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 146000 ea7aad15118b9e3df627d9e41f641c25
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 1289340 b3f36e7e2fb3fdba00a5af1153c4f407
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 89352 372324ef9477c4a6f3f9bc31ef297a57
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 460514 62959156fab7500c76d9f11ebae51d52
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 81706 fbbc1993212b37307d15fbac473a1568
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 201704 e920981af86ee031bcf12fdf0d58f044
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 60694 c1e8663d26f5090f64350e56967f1b4b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 173246 532692f310673efbd4329d0661811370
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 61726 78e20ba263aad29b73f92ce156ba12a7
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 84298 fe5eceddccc659692e8c95149da13dd9
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb
Size/MD5: 66892 efb07a08a44037d73c7e98525dcbab56
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 131436 e9a07a3d73999fe64e97ec4f15754f00
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 143896 0885dad9ce7cfb900e80f664256ce3c7
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 1318388 8c5fee9fe04a1d4d5cd50e31066c592d
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 89348 f12babd06a10b951388d6618288b081d
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 455898 ceb7713ec70fe69de2e9e675f34162eb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 82168 603b21fbba3e4092e21e95f7fc79addb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 200914 066a5fa912c9a64a2a4f4de12326ded2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 60786 d11c67185932d0b746584e0406294a3e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 172640 2de487fc075709f917b2396a053d8bde
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 61574 394a1d2ee087fb9ed2d8bbdd6b54c1c2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 84204 1c7cccecf78f77db4073669da9f82ef7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb
Size/MD5: 67206 ce64e680e6c213afea88440bb1d944b6
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 158748 c5daffac1ce8e89ee9002325f63ed078
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 159344 9fb7e6c72d4e07e06e704b127582204a
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 1335326 2e5bf6c9daec4169d467583f70b2652f
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 89362 edd451d9c7efb36480bd396347d33b47
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 482430 c4f6f3ee75b56c4fb436e0a55f008097
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 95278 554caab935dc3d35ed2297dff4b9cd21
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 245012 0a16b0e350544021fd2a3a8879d1372f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 68806 ea6d4ae9080e63be328418af216cf7fd
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 199412 9063aec6b15eab435032ac249f516a44
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 64060 a367b9c7a4afee60fe4b8e7e98eac1a4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 100238 e253160984af0fd0f914b453bf604b1d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb
Size/MD5: 75518 7bfda8e39e560cb747ad8b78ceee7fa8
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 134486 d031b1b700640b4e254e9ba9950c0a9c
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 142010 d0fd459614fb1e4bb411b5ff1220e6a9
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 1213582 cd49f178b2202d58d3eb471a3c791e49
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 89356 8e603c181d789500185720f8e35da971
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 428108 356af6cc775d8bafe2a028c43a33b89c
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 83266 e87d03878c6db3b236edbe0616e1c839
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 211652 121558486b173d309bccbe304b8ec550
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 64092 69c588ea021fc09582f299ec80ce5ebf
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 173032 01fd0f15a60c39f2180c0290b8b4f015
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 58806 e21d86723683a97d0f9812d820b39da7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 87886 eef2eaa5c992cd9849f865c5b88de7aa
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb
Size/MD5: 69614 8f28b615e8a75bb0a6e04da3131c39bb
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.diff.gz
Size/MD5: 858566 abe6f3bf8714b16dd084cd583b5aa350
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.dsc
Size/MD5: 1671 e03526558ccf9a954c92a3e257e66351
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz
Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-3ubuntu0.4_all.deb
Size/MD5: 2148728 a0785e0f46d4268e3906483b821241bb
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 146234 7c1e6b679b00982416953a085acb5f39
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 165978 0415c29a760df4dbf38e3b82e93aaf54
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 1474040 289fcb9189903998fe6adb217d111257
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 92554 db275139f0715242c7f339b0005f7f65
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 510612 ad1d674ce1ffc4f39dfc6d75d8c80282
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 92862 99ee34c7a17ce0cb980ba620cbc97e67
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 237266 eb87e828f93d628e7dab9de7a657566d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 68946 43644b68a2aa3219a07dcb85f7a45371
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 107696 5be51db685dc9d9536765a0771e52223
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 196660 e36a1e5bc9fd0b173bbd0fca05b79d0b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 67914 098fd941dbdb7c32ce12f983dbbd6ed9
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 94504 4bbe57034a98573f623870361380055d
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb
Size/MD5: 76670 6759a5aad2f5ba13b5b0354dc025aa0c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 136816 71232407545e52025735e7e630496f84
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 150618 e413fd35cb127f765870211bc25a47ec
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 1413034 f1f3fb8a55ee8ba77c9b6aac5ad9aff4
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 92570 98ed6b6053fff58ac3a600f4b51b7cd0
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 472690 7cf30b9521b99808b48879295b579d07
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 86424 76aefeea8bbaecc66933de53158503fe
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 213602 a6d796c92390bc1b9ff794ae4204f974
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 63886 8a7affbe90bd3c31e1bb360f4f93ce90
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 102054 15234247c475c7ac05549b3e0ac04e8a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 183124 34b361091e4883adf77658c04f431edb
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 64676 72cd11a2060ebd4524dfb4345d6ac3b0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 87766 bd091590f2ebf42a256b00c00ca08704
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb
Size/MD5: 70558 37b76c195ee928457ddb7f859ee19b80
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 136772 173deb07bb07502e6d16adc880d27209
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 148130 beebf3d09c4c0f5b605a1719d87d3f62
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 1443468 4236ad375d51fe23404e21b1979103cf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 92538 c696e177873d8255183b7cc50576eb48
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 463248 680eff30a2fd36ab52900ad3b7d58192
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 86530 2d5c2d44148bcc30b1fc0862c26bbc88
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 206758 d08cdf41d7ee2bacd847639b5f5b8676
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 63948 c42df041a5ed4079b03fad6d1fd16a5d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 101826 1bfed64995fab3d278fd7e382be0f207
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 182666 c40bbef2b97460a08eb18a64767c9f8f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 64188 1421cd4073a447d334eea471a2dd548f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 86954 b9b8f522b5881cc111124d368dcc0d6f
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb
Size/MD5: 70346 f77d255277ff6ea8964c3992dded5118
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 157076 4501c9b76ba4cd09cce27ef2ce1a74ad
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 161396 9f6134a5f7e29859b46f41fa1f6c23a8
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 1472026 4f1e6fbc7c474bd9ddedce81c307e52f
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 92578 3b7a1d729048d6c66629e03a8230cb8b
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 492848 c791a13ad685af0293c3b8b0397adb25
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 96700 4980c34839066b9866eacb06fb385d23
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 245612 c4f47729971c422bdf47cbc86669999b
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 70360 4904070348252bd4bdd692d85af4249a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 110768 2c18038848b99c2f90b87a0c8af7a2e5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 202494 7c9671f7bdb178be8f1bbc8445ab00a9
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 66680 36a33a9765740aa2eab16419017562b0
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 98830 bfafb479fdc24c38cda9ab334c7c059e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb
Size/MD5: 77096 ffc6213bd7623df1b396d14a72d4e830
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 140360 97dcf304de4a27ebac536e0092b7fc1b
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 144848 64545260134ceba4c1fa36bbb5dbb3e7
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 1332818 cfbeb843bc41b29bc39c9f472cc6f388
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 92562 18978f9e7ff1ce581359bffaa3183cae
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 433500 135cfb8e8a08c6086ee81a2401f5caea
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 87970 205855c848f241acd5262a11ca7bbc7a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 221618 1475ec81f68851111b85bb0bb0ab6fbf
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 67506 5742f0bd5b8775f8aa948f8fda02456b
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 100974 b9c4cb0e343eb63dbda925b29888186d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 182710 be662df46e52c604f0ef9aee39287bd4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 60936 d39a4e432ed22e23cc7342986b59cad2
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 91922 62f5f68fe447a9e1367457ba4ac1033e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb
Size/MD5: 72734 e3a771cb836f6fc6b40402befbdfdf20
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.diff.gz
Size/MD5: 884759 6834e06b9b7420e013639e5f0177dde7
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.dsc
Size/MD5: 1671 2df8fc05d522a39465b516106eb1c720
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz
Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5ubuntu2.3_all.deb
Size/MD5: 2149012 143718b601a3a99b8ebd05937ecaed25
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 146656 2d86ade2be3e079d940e8919217802e7
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 166316 faec7da08e9aa386f72e349c7408bf10
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 1479408 de4a5e28107e556683c959c1a0cfa819
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 93046 a88830b71b66d9071ecf9e43422c1d3e
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 512336 6623911d29c86d0da61a57ac3f5443fa
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 93766 c1fe58d664c3021eb0f3b39a21f292f6
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 237514 15434edb948a81df6827c54e7cfc493a
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 69208 f38a09c9ce73b663053b0c16e562d53e
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 108010 397c0979124621bde63b49d55df1951b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 198894 971764b78a61757018f675faaf8d13c2
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 68258 7abb3d320bbaac22e6d91c8ddf808ced
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 94832 c3b98b57230bdd7b7f6ebb83418b398f
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb
Size/MD5: 76946 85b0519be431be8228d1b8930ca82032
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 137258 6722093f41aea33c126c60594e91aa89
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 150922 b01712adff6c2dd19bbb578691b55a82
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 1417102 87153ec02650a379e068d91412027243
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 93044 d29e99de8b3cd37a2f66411cb62f69e6
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 473744 d7f752135e4a924139b89e5873901aa1
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 87338 441b4cbdfcf76a714c81f88fc78d45f0
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 213942 12b948c395cf70a2fea94cc8fc195228
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 64306 bab53b895c90f98f7964e66768e8e020
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 102364 0892484a20867e24c567a57fa9bdabbe
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 185436 c7716a56e5e00c6b34c37d619c3e2fd3
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 65034 673f5afa510e0b6c9718ca2b0b1d8634
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 88118 4d16b24b0c8de073394fcd16efbd471b
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb
Size/MD5: 70886 7c57638b2967e79f0b35ed27baca2c5c
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 137092 88eac351aa4c04cabeb5004ba0488a89
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 148518 5c4bcb387e8ceae4642e955c9073b936
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 1448176 04dc34d8d656fdd5cabfd522a2862fcb
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 93040 696bfd471bba2b1f3cb7d5c0538068d0
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 464142 11481d506c939a4595c5d235768692e5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 87422 41b6c7fb1aed7ddfd0732af69c393ee5
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 207106 86e5df0b876d7a0fc53ff75dffcced9e
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 64392 783c9e473eb37ca0368c9a52aa92d343
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 102218 548d6f447c103522fa6616dbea42e75a
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 184990 325f5322d631683068bc6ddc6af35940
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 64550 b6b3f9ad2c07f8f7597c484fc14315be
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 87292 bcdb18ceb438927ab77150be9c4176f9
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb
Size/MD5: 70680 eb8483a9164d278a76774413d9660ddb
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 157362 3603a529157befb84af0edad2c3bb7dc
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 161722 7ba5b2cd8023ffb44230d435aad75f4c
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 1476674 1db714f8b53e25bdc2301cdfa99551bf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 93054 82c6e84e63e5c5a561dfc55a5bbee018
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 494652 9251f6d55d90fbf9bb28ee930cef7aed
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 97626 05a2eef51dafed34f8689bde6d025d51
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 245924 2e85a1edc5ea735861525a91a37bcca6
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 70818 aa62de270b7d513cd8bd5831c63e4d20
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 111146 d4464357b86e371914cc23251c2c1780
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 204756 dd5364842f6604199e2d7698334771ff
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 67072 5144031c10eebd19c85b9bed8186b5a7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 99180 54eca3303b1097ee902e2ef84f0220e7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb
Size/MD5: 77438 a18355513e1155b4dc997881878ce816
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 140558 5c0e1c57333b16f654ed94502e54d354
http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 145012 bc16c76d7e202efb7f392185f9a34ecf
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 1337686 00ce5bdd2e53fd6059205375458ba917
http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 93054 29490c704727e89faf1079f1b517606e
http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 434466 9047f19cc6730c592a0f9ac99abd31e4
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 88702 55bf696f05f0d9b72b630d35422ed905
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 221790 bf2fb8e80cf389bee1a7b9edbcacb3d0
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 67822 4c2219ff77a59d8bcc8c78fb07e5b0e7
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 101378 d7720e20362e7870e6d205a924b7e486
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 184808 7d8827058a213b3216c16cfe15d26bf1
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 61274 1b5b021b7e019641010877555e99058d
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 92206 8baa9bba468967c26e6a2c87ffa8dfbb
http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb
Size/MD5: 73024 607a1edca12d6130393158fc82b86b28
Show details on source website
{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200712-0601", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.5", }, { model: "kerberos", scope: "eq", trust: 0.8, vendor: "mit kerberos", version: "5 1.5", }, { model: "kerberos", scope: "eq", trust: 0.6, vendor: "mit", version: "5-1.5", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux lts sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "6.06", }, { model: "linux lts powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "6.06", }, { model: "linux lts i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "6.06", }, { model: "linux lts amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "6.06", }, { model: "linux enterprise server sp1", scope: "eq", trust: 0.3, vendor: "suse", version: "10", }, { model: "linux enterprise server", scope: "eq", trust: 0.3, vendor: "suse", version: "10", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "10.1x86-64", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "10.1x86", }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "10.1", }, { model: "opensuse", scope: "eq", trust: 0.3, vendor: "s u s e", version: "10.3", }, { model: "opensuse", scope: "eq", trust: 0.3, vendor: "s u s e", version: "10.2", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "rpath", version: "1", }, { model: "appliance platform linux service", scope: "eq", trust: 0.3, vendor: "rpath", version: "1", }, { model: "fedora", scope: "eq", trust: 0.3, vendor: "redhat", version: "7", }, { model: "enterprise linux ws", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux es", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux desktop workstation client", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "enterprise linux desktop client", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "enterprise linux as", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux server", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "desktop", scope: "eq", trust: 0.3, vendor: "redhat", version: "4.0", }, { model: "application server es", scope: "eq", trust: 0.3, vendor: "redhat", version: "3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.1", }, { model: "kerberos -alpha1", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.8", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.7", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.3", }, { model: "kerberos -beta1", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.1.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0.8", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0", }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2008.0", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2008.0", }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2007.1", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2007.1", }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2007.0", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2007.0", }, { model: "corporate server x86 64", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "4.0", }, { model: "corporate server", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "4.0", }, { model: "linux", scope: null, trust: 0.3, vendor: "gentoo", version: null, }, { model: "directory pro", scope: "eq", trust: 0.3, vendor: "cosmicperl", version: "10.0.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.11", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.10", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.9", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.8", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.7", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.9", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.8", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.7", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.8", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.7", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.11", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.10", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.9", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.8", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.6", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.9", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.8", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.6", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.8", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.6", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5", }, ], sources: [ { db: "BID", id: "26750", }, { db: "JVNDB", id: "JVNDB-2007-004633", }, { db: "NVD", id: "CVE-2007-5972", }, { db: "CNNVD", id: "CNNVD-200712-058", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2007-5972", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Venustech AD-LAB", sources: [ { db: "PACKETSTORM", id: "61598", }, { db: "CNNVD", id: "CNNVD-200712-058", }, ], trust: 0.7, }, cve: "CVE-2007-5972", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Complete", baseScore: 9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2007-5972", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "VHN-29334", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:S/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2007-5972", trust: 1.8, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-200712-058", trust: 0.6, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-29334", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-29334", }, { db: "JVNDB", id: "JVNDB-2007-004633", }, { db: "NVD", id: "CVE-2007-5972", }, { db: "CNNVD", id: "CNNVD-200712-058", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Double free vulnerability in the krb5_def_store_mkey function in lib/kdb/kdb_default.c in MIT Kerberos 5 (krb5) 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store this key. Kerberos是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等。MIT Kerberos 5(又名krb5)是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等. \nKerberos的实现上存在多个内存破坏漏洞,远程攻击者可能利用这些漏洞导致服务程序崩溃. \ngssftp的ftpd是Kerberos加密的FTP服务器,可通过Kerberos 5认证。在ftpd.c的reply()函数中存在未初始化的指针:\nvoid reply(int n, char *fmt, ...)\n{\n... \n(1) int length, kerror; <---- declared length without initializer\nif (n) sprintf(in, \\\"\\\\%d\\\\%c\\\", n, cont_char);\nelse in[0] = \\'\\'\0\\'\\';\nstrncat(in, buf, sizeof (in) - strlen(in) - 1);\n#ifdef KRB5_KRB4_COMPAT\nif (strcmp(auth_type, \\\"KERBEROS_V4\\\") == 0) {\nif (clevel == PROT_P)\nlength = krb_mk_priv((unsigned char\n*)in,\n(unsigned char\n*)out,\nstrlen(in),\nschedule,\n&kdata.session,\n&ctrl_addr,\n&his_addr);\nelse\nlength = krb_mk_safe((unsigned char\n*)in,\n(unsigned char\n*)out,\nstrlen(in),\n&kdata.session,\n&ctrl_addr,\n&his_addr);\nif (length == -1) {\nsyslog(LOG_ERR,\n\\\"krb_mk_\\\\%s failed for\nKERBEROS_V4\\\",\nclevel == PROT_P ? \\\"priv\\\" :\n\\\"safe\\\");\nfputs(in,stdout);\n}\n} else\n#endif /* KRB5_KRB4_COMPAT */\n#ifdef GSSAPI\n/* reply (based on level) */\nif (strcmp(auth_type, \\\"GSSAPI\\\") == 0) {\ngss_buffer_desc in_buf, out_buf;\nOM_uint32 maj_stat, min_stat;\nint conf_state;\nin_buf.value = in;\nin_buf.length = strlen(in);\nmaj_stat = gss_seal(&min_stat, gcontext,\nclevel == PROT_P, /*\nprivate */\nGSS_C_QOP_DEFAULT,\n&in_buf, &conf_state,\n&out_buf);\nif (maj_stat != GSS_S_COMPLETE) {\n#if 0\n/* Don\\'\\'t setup an infinite loop */\n/* generally need to deal */\nsecure_gss_error(maj_stat, min_stat,\n(clevel==PROT_P)?\n\\\"gss_seal ENC didn\\'\\'t\ncomplete\\\":\n\\\"gss_seal MIC didn\\'\\'t\ncomplete\\\");\n#endif /* 0 */\n} else if ((clevel == PROT_P) && !conf_state) {\n#if 0\n/* Don\\'\\'t setup an infinite loop */\nsecure_error(\\\"GSSAPI didn\\'\\'t encrypt\nmessage\\\");\n#endif /* 0 */\n} else {\nmemcpy(out, out_buf.value,\nlength=out_buf.length);\ngss_release_buffer(&min_stat,\n&out_buf);\n}\n}\n#endif /* GSSAPI */\n/* Othe. These issues include a use-after-free vulnerability, an integer-overflow vulnerability, and two double-free vulnerabilities. It adopts a client/server structure, and both the client and the server can authenticate each other (that is, double verification), which can prevent eavesdropping and replay attack, etc. MIT Kerberos 5 (also known as krb5) is a set of network authentication protocols developed by the Massachusetts Institute of Technology (MIT). ), which can prevent eavesdropping, prevent replay attacks, etc. There are multiple memory corruption vulnerabilities in the implementation of Kerberos, and remote attackers may use these vulnerabilities to cause the service program to crash. gssftp's ftpd is a Kerberos-encrypted FTP server that can pass Kerberos 5 authentication. \n\n----------------------------------------------------------------------\n\nA new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI\nhas been released. The new version includes many new and advanced\nfeatures, which makes it even easier to stay patched. \n\nDownload and test it today:\nhttps://psi.secunia.com/\n\nRead more about this new version:\nhttps://psi.secunia.com/?page=changelog\n\n----------------------------------------------------------------------\n\nTITLE:\nSUSE Update for Multiple Packages\n\nSECUNIA ADVISORY ID:\nSA28636\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/28636/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSecurity Bypass, DoS, System access\n\nWHERE:\n>From remote\n\nOPERATING SYSTEM:\nSUSE Linux 10.1\nhttp://secunia.com/product/10796/\nopenSUSE 10.2\nhttp://secunia.com/product/13375/\nopenSUSE 10.3\nhttp://secunia.com/product/16124/\nSuSE Linux Enterprise Server 8\nhttp://secunia.com/product/1171/\nSUSE Linux Enterprise Server 9\nhttp://secunia.com/product/4118/\nSUSE Linux Enterprise Server 10\nhttp://secunia.com/product/12192/\nSuSE Linux Openexchange Server 4.x\nhttp://secunia.com/product/2001/\nSuSE Linux Standard Server 8\nhttp://secunia.com/product/2526/\n\nDESCRIPTION:\nSUSE has issued updates for multiple packages. These fix some\nvulnerabilities, which can be exploited by malicious users to cause a\nDoS (Denial of Service) and by malicious people to bypass certain\nsecurity restrictions, to cause a DoS, or to compromise a user's\nsystem. \n\nFor more information:\nSA27313\nSA28076\nSA28129\nSA28228\nSA28327\nSA28358\nSA28384\nSA28444\n\nSOLUTION:\nUpdated packages are available via Yast Online Update or the SUSE FTP\nserver. \n\nORIGINAL ADVISORY:\nhttp://lists.opensuse.org/opensuse-security-announce/2008-01/msg00005.html\n\nOTHER REFERENCES:\nSA27313:\nhttp://secunia.com/advisories/27313/\n\nSA28076:\nhttp://secunia.com/advisories/28076/\n\nSA28129:\nhttp://secunia.com/advisories/28129/\n\nSA28228:\nhttp://secunia.com/advisories/28228/\n\nSA28327:\nhttp://secunia.com/advisories/28327/\n\nSA28358:\nhttp://secunia.com/advisories/28358/\n\nSA28384:\nhttp://secunia.com/advisories/28384/\n\nSA28444:\nhttp://secunia.com/advisories/28444/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. ----------------------------------------------------------------------\n\n\n Secunia CSI\n+ Microsoft SCCM\n-----------------------\n= Extensive Patch Management\n\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nUbuntu update for krb5\n\nSECUNIA ADVISORY ID:\nSA39290\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/39290/\n\nDESCRIPTION:\nUbuntu has issued an update for krb5. (Only Ubuntu 6.06 LTS was\naffected.) (CVE-2007-5902, CVE-2007-5971, CVE-2007-5972)\n\nJoel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos\ndid not correctly verify certain packet structures. ----------------------------------------------------------------------\n\n\nStay Compliant\n\nAlerts, Technical Descriptions, PoC, Links to patches, CVSS, CVE, Changelogs, Alternative Remediation Strategies, and much more provided in the Secunia Vulnerability Intelligence solutions\n\nFree Trial\nhttp://secunia.com/products/corporate/evm/trial/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nUbuntu update for krb5\n\nSECUNIA ADVISORY ID:\nSA39784\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/39784/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory&vuln_id=39784\n\nRELEASE DATE:\n2010-05-21\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/39784/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/39784/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory&vuln_id=39784\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nUbuntu has issued an update for krb5. \n\nII.DETAILS:\n----------\nBackground\nMIT Kerberos 5 is a suite of applications that implement the Kerberos\nnetwork protocol. \n\nDescription\n\n\tA uninitialized vulnerability (CVE-2007-5894)in function reply() in\nftpd.c. \n A dereferencing vulnerability(CVE-2007-5901) in gssapi lib in function\ngss_indicate_mechs(mi\nnorStatus, mechSet) in g_initialize.c and a integer overflow\nvunerability(CVE-2007-5902)\nin rpc lib in function svcauth_gss_get_principal in svc_auth_gss.c. A\ndouble free vulnerability(CVE-2007-5971)\nin function gss_krb5int_make_seal_token_v3 in k5sealv3.c and another\ndouble free vulnerability(CVE-2007-5972)\nin function krb5_def_store_mkey in lib/kdb/kdb_default.c. \n\nImpact\n\nReading uninitialized variables can result in unpredictable behavior,\ncrashes, or security holes. \nDereferencing,integer overflow and double free may cause instability and\npotentially crash. \n\nReferences\n==========\n\n [ 1 ] CVE-2007-5894\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894\n [ 2 ] CVE-2007-5901\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901\n [ 3 ] CVE-2007-5902\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5902\n [ 4 ] CVE-2007-5971\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971\n [ 5 ] CVE-2007-5972\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5972\n\n\nIII.CREDIT:\n----------\n Venustech AD-LAB discovery this vuln. Thank to all Venustech AD-Lab\nguys. \n\nV.DISCLAIMS:\n-----------\n\nThe information in this bulletin is provided \"AS IS\" without warranty of\nany\nkind. In no event shall we be liable for any damages whatsoever\nincluding direct,\nindirect, incidental, consequential, loss of business profits or special\ndamages. \n\nCopyright 1996-2007 VENUSTECH. All Rights Reserved. Terms of use. \n\nVENUSTECH Security Lab\nVENUSTECH INFORMATION TECHNOLOGY CO.,LTD(http://www.venustech.com.cn)\n\nSecurity\nTrusted {Solution} Provider\nService\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ===========================================================\nUbuntu Security Notice USN-924-1 April 07, 2010\nkrb5 vulnerabilities\nCVE-2007-5901, CVE-2007-5902, CVE-2007-5971, CVE-2007-5972,\nCVE-2010-0629\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 8.04 LTS\nUbuntu 8.10\nUbuntu 9.04\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 8.04 LTS:\n krb5-kdc 1.6.dfsg.3~beta1-2ubuntu1.4\n libkrb53 1.6.dfsg.3~beta1-2ubuntu1.4\n\nUbuntu 8.10:\n krb5-kdc 1.6.dfsg.4~beta1-3ubuntu0.4\n\nUbuntu 9.04:\n krb5-kdc 1.6.dfsg.4~beta1-5ubuntu2.3\n libkrb53 1.6.dfsg.4~beta1-5ubuntu2.3\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nSol Jerome discovered that the Kerberos kadmind service did not correctly\nfree memory. An unauthenticated remote attacker could send specially\ncrafted traffic to crash the kadmind process, leading to a denial of\nservice. (CVE-2010-0629)\n\nIt was discovered that Kerberos did not correctly free memory in\nthe GSSAPI library. If a remote attacker were able to manipulate an\napplication using GSSAPI carefully, the service could crash, leading to\na denial of service. (Ubuntu 8.10 was not affected.) (CVE-2007-5901,\nCVE-2007-5971)\n\nIt was discovered that Kerberos did not correctly free memory in the\nGSSAPI and kdb libraries. If a remote attacker were able to manipulate\nan application using these libraries carefully, the service could crash,\nleading to a denial of service. (Only Ubuntu 8.04 LTS was affected.)\n(CVE-2007-5902, CVE-2007-5972)\n\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.diff.gz\n Size/MD5: 1747579 857bc90fe202aacef9aa7ec1915912b0\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.dsc\n Size/MD5: 1135 4cacf5667996472a34c29f5db3590a0a\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1.orig.tar.gz\n Size/MD5: 14672599 7a36c3471aa31ffd01d5a020f9d82dff\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.3~beta1-2ubuntu1.4_all.deb\n Size/MD5: 2121560 319ec346ce4f7acfcd3f535276b2e7e9\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 140892 372ce44cc13bfcea71652553d16ab0f6\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 162164 6b37b079fa1b8fd1d512e8d5a268c6e3\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 1337522 23370d40c101659acb54bd203c263e3d\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 89344 02a61de3df97772e9a46ce5f960d392d\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 497374 89e647e9beec851c340774d758f6d68c\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 88168 6f6c1a76b5fd3f579c26f5438fb04f69\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 230020 ff26ae7c13bedcd6335b36d335357f79\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 65660 6ad8023f8ec936b19046b04c95c948bc\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 186140 af7b0135284c9bffd16a6a03b2c36703\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 64960 abc799e9e887480fc993bdba504af466\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 91866 cfb606d8378283313f5009faa2dec564\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb\n Size/MD5: 73208 6ee86c16449e975666de4454ca001fb4\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 131262 a8beec1ae2763a39f4224e6457d79a68\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 146000 ea7aad15118b9e3df627d9e41f641c25\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 1289340 b3f36e7e2fb3fdba00a5af1153c4f407\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 89352 372324ef9477c4a6f3f9bc31ef297a57\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 460514 62959156fab7500c76d9f11ebae51d52\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 81706 fbbc1993212b37307d15fbac473a1568\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 201704 e920981af86ee031bcf12fdf0d58f044\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 60694 c1e8663d26f5090f64350e56967f1b4b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 173246 532692f310673efbd4329d0661811370\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 61726 78e20ba263aad29b73f92ce156ba12a7\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 84298 fe5eceddccc659692e8c95149da13dd9\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb\n Size/MD5: 66892 efb07a08a44037d73c7e98525dcbab56\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 131436 e9a07a3d73999fe64e97ec4f15754f00\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 143896 0885dad9ce7cfb900e80f664256ce3c7\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 1318388 8c5fee9fe04a1d4d5cd50e31066c592d\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 89348 f12babd06a10b951388d6618288b081d\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 455898 ceb7713ec70fe69de2e9e675f34162eb\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 82168 603b21fbba3e4092e21e95f7fc79addb\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 200914 066a5fa912c9a64a2a4f4de12326ded2\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 60786 d11c67185932d0b746584e0406294a3e\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 172640 2de487fc075709f917b2396a053d8bde\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 61574 394a1d2ee087fb9ed2d8bbdd6b54c1c2\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 84204 1c7cccecf78f77db4073669da9f82ef7\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb\n Size/MD5: 67206 ce64e680e6c213afea88440bb1d944b6\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 158748 c5daffac1ce8e89ee9002325f63ed078\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 159344 9fb7e6c72d4e07e06e704b127582204a\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 1335326 2e5bf6c9daec4169d467583f70b2652f\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 89362 edd451d9c7efb36480bd396347d33b47\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 482430 c4f6f3ee75b56c4fb436e0a55f008097\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 95278 554caab935dc3d35ed2297dff4b9cd21\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 245012 0a16b0e350544021fd2a3a8879d1372f\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 68806 ea6d4ae9080e63be328418af216cf7fd\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 199412 9063aec6b15eab435032ac249f516a44\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 64060 a367b9c7a4afee60fe4b8e7e98eac1a4\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 100238 e253160984af0fd0f914b453bf604b1d\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb\n Size/MD5: 75518 7bfda8e39e560cb747ad8b78ceee7fa8\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 134486 d031b1b700640b4e254e9ba9950c0a9c\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 142010 d0fd459614fb1e4bb411b5ff1220e6a9\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 1213582 cd49f178b2202d58d3eb471a3c791e49\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 89356 8e603c181d789500185720f8e35da971\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 428108 356af6cc775d8bafe2a028c43a33b89c\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 83266 e87d03878c6db3b236edbe0616e1c839\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 211652 121558486b173d309bccbe304b8ec550\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 64092 69c588ea021fc09582f299ec80ce5ebf\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 173032 01fd0f15a60c39f2180c0290b8b4f015\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 58806 e21d86723683a97d0f9812d820b39da7\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 87886 eef2eaa5c992cd9849f865c5b88de7aa\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb\n Size/MD5: 69614 8f28b615e8a75bb0a6e04da3131c39bb\n\nUpdated packages for Ubuntu 8.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.diff.gz\n Size/MD5: 858566 abe6f3bf8714b16dd084cd583b5aa350\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.dsc\n Size/MD5: 1671 e03526558ccf9a954c92a3e257e66351\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz\n Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-3ubuntu0.4_all.deb\n Size/MD5: 2148728 a0785e0f46d4268e3906483b821241bb\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 146234 7c1e6b679b00982416953a085acb5f39\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 165978 0415c29a760df4dbf38e3b82e93aaf54\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 1474040 289fcb9189903998fe6adb217d111257\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 92554 db275139f0715242c7f339b0005f7f65\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 510612 ad1d674ce1ffc4f39dfc6d75d8c80282\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 92862 99ee34c7a17ce0cb980ba620cbc97e67\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 237266 eb87e828f93d628e7dab9de7a657566d\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 68946 43644b68a2aa3219a07dcb85f7a45371\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 107696 5be51db685dc9d9536765a0771e52223\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 196660 e36a1e5bc9fd0b173bbd0fca05b79d0b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 67914 098fd941dbdb7c32ce12f983dbbd6ed9\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 94504 4bbe57034a98573f623870361380055d\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb\n Size/MD5: 76670 6759a5aad2f5ba13b5b0354dc025aa0c\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 136816 71232407545e52025735e7e630496f84\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 150618 e413fd35cb127f765870211bc25a47ec\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 1413034 f1f3fb8a55ee8ba77c9b6aac5ad9aff4\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 92570 98ed6b6053fff58ac3a600f4b51b7cd0\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 472690 7cf30b9521b99808b48879295b579d07\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 86424 76aefeea8bbaecc66933de53158503fe\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 213602 a6d796c92390bc1b9ff794ae4204f974\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 63886 8a7affbe90bd3c31e1bb360f4f93ce90\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 102054 15234247c475c7ac05549b3e0ac04e8a\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 183124 34b361091e4883adf77658c04f431edb\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 64676 72cd11a2060ebd4524dfb4345d6ac3b0\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 87766 bd091590f2ebf42a256b00c00ca08704\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb\n Size/MD5: 70558 37b76c195ee928457ddb7f859ee19b80\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 136772 173deb07bb07502e6d16adc880d27209\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 148130 beebf3d09c4c0f5b605a1719d87d3f62\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 1443468 4236ad375d51fe23404e21b1979103cf\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 92538 c696e177873d8255183b7cc50576eb48\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 463248 680eff30a2fd36ab52900ad3b7d58192\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 86530 2d5c2d44148bcc30b1fc0862c26bbc88\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 206758 d08cdf41d7ee2bacd847639b5f5b8676\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 63948 c42df041a5ed4079b03fad6d1fd16a5d\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 101826 1bfed64995fab3d278fd7e382be0f207\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 182666 c40bbef2b97460a08eb18a64767c9f8f\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 64188 1421cd4073a447d334eea471a2dd548f\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 86954 b9b8f522b5881cc111124d368dcc0d6f\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb\n Size/MD5: 70346 f77d255277ff6ea8964c3992dded5118\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 157076 4501c9b76ba4cd09cce27ef2ce1a74ad\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 161396 9f6134a5f7e29859b46f41fa1f6c23a8\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 1472026 4f1e6fbc7c474bd9ddedce81c307e52f\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 92578 3b7a1d729048d6c66629e03a8230cb8b\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 492848 c791a13ad685af0293c3b8b0397adb25\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 96700 4980c34839066b9866eacb06fb385d23\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 245612 c4f47729971c422bdf47cbc86669999b\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 70360 4904070348252bd4bdd692d85af4249a\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 110768 2c18038848b99c2f90b87a0c8af7a2e5\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 202494 7c9671f7bdb178be8f1bbc8445ab00a9\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 66680 36a33a9765740aa2eab16419017562b0\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 98830 bfafb479fdc24c38cda9ab334c7c059e\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb\n Size/MD5: 77096 ffc6213bd7623df1b396d14a72d4e830\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 140360 97dcf304de4a27ebac536e0092b7fc1b\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 144848 64545260134ceba4c1fa36bbb5dbb3e7\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 1332818 cfbeb843bc41b29bc39c9f472cc6f388\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 92562 18978f9e7ff1ce581359bffaa3183cae\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 433500 135cfb8e8a08c6086ee81a2401f5caea\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 87970 205855c848f241acd5262a11ca7bbc7a\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 221618 1475ec81f68851111b85bb0bb0ab6fbf\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 67506 5742f0bd5b8775f8aa948f8fda02456b\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 100974 b9c4cb0e343eb63dbda925b29888186d\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 182710 be662df46e52c604f0ef9aee39287bd4\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 60936 d39a4e432ed22e23cc7342986b59cad2\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 91922 62f5f68fe447a9e1367457ba4ac1033e\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb\n Size/MD5: 72734 e3a771cb836f6fc6b40402befbdfdf20\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.diff.gz\n Size/MD5: 884759 6834e06b9b7420e013639e5f0177dde7\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.dsc\n Size/MD5: 1671 2df8fc05d522a39465b516106eb1c720\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz\n Size/MD5: 11647547 08d6ce311204803acbe878ef0bb23c71\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5ubuntu2.3_all.deb\n Size/MD5: 2149012 143718b601a3a99b8ebd05937ecaed25\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 146656 2d86ade2be3e079d940e8919217802e7\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 166316 faec7da08e9aa386f72e349c7408bf10\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 1479408 de4a5e28107e556683c959c1a0cfa819\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 93046 a88830b71b66d9071ecf9e43422c1d3e\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 512336 6623911d29c86d0da61a57ac3f5443fa\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 93766 c1fe58d664c3021eb0f3b39a21f292f6\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 237514 15434edb948a81df6827c54e7cfc493a\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 69208 f38a09c9ce73b663053b0c16e562d53e\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 108010 397c0979124621bde63b49d55df1951b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 198894 971764b78a61757018f675faaf8d13c2\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 68258 7abb3d320bbaac22e6d91c8ddf808ced\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 94832 c3b98b57230bdd7b7f6ebb83418b398f\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb\n Size/MD5: 76946 85b0519be431be8228d1b8930ca82032\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 137258 6722093f41aea33c126c60594e91aa89\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 150922 b01712adff6c2dd19bbb578691b55a82\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 1417102 87153ec02650a379e068d91412027243\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 93044 d29e99de8b3cd37a2f66411cb62f69e6\n http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 473744 d7f752135e4a924139b89e5873901aa1\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 87338 441b4cbdfcf76a714c81f88fc78d45f0\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 213942 12b948c395cf70a2fea94cc8fc195228\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 64306 bab53b895c90f98f7964e66768e8e020\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 102364 0892484a20867e24c567a57fa9bdabbe\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 185436 c7716a56e5e00c6b34c37d619c3e2fd3\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 65034 673f5afa510e0b6c9718ca2b0b1d8634\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 88118 4d16b24b0c8de073394fcd16efbd471b\n http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb\n Size/MD5: 70886 7c57638b2967e79f0b35ed27baca2c5c\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 137092 88eac351aa4c04cabeb5004ba0488a89\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 148518 5c4bcb387e8ceae4642e955c9073b936\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 1448176 04dc34d8d656fdd5cabfd522a2862fcb\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 93040 696bfd471bba2b1f3cb7d5c0538068d0\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 464142 11481d506c939a4595c5d235768692e5\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 87422 41b6c7fb1aed7ddfd0732af69c393ee5\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 207106 86e5df0b876d7a0fc53ff75dffcced9e\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 64392 783c9e473eb37ca0368c9a52aa92d343\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 102218 548d6f447c103522fa6616dbea42e75a\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 184990 325f5322d631683068bc6ddc6af35940\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 64550 b6b3f9ad2c07f8f7597c484fc14315be\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 87292 bcdb18ceb438927ab77150be9c4176f9\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb\n Size/MD5: 70680 eb8483a9164d278a76774413d9660ddb\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 157362 3603a529157befb84af0edad2c3bb7dc\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 161722 7ba5b2cd8023ffb44230d435aad75f4c\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 1476674 1db714f8b53e25bdc2301cdfa99551bf\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 93054 82c6e84e63e5c5a561dfc55a5bbee018\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 494652 9251f6d55d90fbf9bb28ee930cef7aed\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 97626 05a2eef51dafed34f8689bde6d025d51\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 245924 2e85a1edc5ea735861525a91a37bcca6\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 70818 aa62de270b7d513cd8bd5831c63e4d20\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 111146 d4464357b86e371914cc23251c2c1780\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 204756 dd5364842f6604199e2d7698334771ff\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 67072 5144031c10eebd19c85b9bed8186b5a7\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 99180 54eca3303b1097ee902e2ef84f0220e7\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb\n Size/MD5: 77438 a18355513e1155b4dc997881878ce816\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 140558 5c0e1c57333b16f654ed94502e54d354\n http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 145012 bc16c76d7e202efb7f392185f9a34ecf\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 1337686 00ce5bdd2e53fd6059205375458ba917\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 93054 29490c704727e89faf1079f1b517606e\n http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 434466 9047f19cc6730c592a0f9ac99abd31e4\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 88702 55bf696f05f0d9b72b630d35422ed905\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 221790 bf2fb8e80cf389bee1a7b9edbcacb3d0\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 67822 4c2219ff77a59d8bcc8c78fb07e5b0e7\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 101378 d7720e20362e7870e6d205a924b7e486\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 184808 7d8827058a213b3216c16cfe15d26bf1\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 61274 1b5b021b7e019641010877555e99058d\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 92206 8baa9bba468967c26e6a2c87ffa8dfbb\n http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb\n Size/MD5: 73024 607a1edca12d6130393158fc82b86b28\n\n", sources: [ { db: "NVD", id: "CVE-2007-5972", }, { db: "JVNDB", id: "JVNDB-2007-004633", }, { db: "CNNVD", id: "CNNVD-200712-058", }, { db: "BID", id: "26750", }, { db: "VULHUB", id: "VHN-29334", }, { db: "PACKETSTORM", id: "62986", }, { db: "PACKETSTORM", id: "88558", }, { db: "PACKETSTORM", id: "89725", }, { db: "PACKETSTORM", id: "89749", }, { db: "PACKETSTORM", id: "61598", }, { db: "PACKETSTORM", id: "88174", }, ], trust: 3.06, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2007-5972", trust: 3.1, }, { db: "BID", id: "26750", trust: 2, }, { db: "SECUNIA", id: "28636", trust: 1.8, }, { db: "OSVDB", id: "44747", trust: 1.7, }, { db: "SECUNIA", id: "39290", trust: 1.2, }, { db: "SECUNIA", id: "39784", trust: 1.2, }, { db: "VUPEN", id: "ADV-2010-1192", trust: 1.1, }, { db: "JVNDB", id: "JVNDB-2007-004633", trust: 0.8, }, { db: "NSFOCUS", id: "11249", trust: 0.6, }, { db: "FULLDISC", id: "20071208 MIT KERBEROS 5: MULTIPLE VULNERABILITIES", trust: 0.6, }, { db: "FULLDISC", id: "20071208 VENUSTECH REPORTS OF MIT KRB5 VULNS [CVE-2007-5894 CVE-2007-5901 CVE-2007-5902 CVE-2007-5971 CVE-2007-5972]", trust: 0.6, }, { db: "SUSE", id: "SUSE-SR:2008:002", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-200712-058", trust: 0.6, }, { db: "VULHUB", id: "VHN-29334", trust: 0.1, }, { db: "PACKETSTORM", id: "62986", trust: 0.1, }, { db: "PACKETSTORM", id: "88558", trust: 0.1, }, { db: "PACKETSTORM", id: "89725", trust: 0.1, }, { db: "PACKETSTORM", id: "89749", trust: 0.1, }, { db: "PACKETSTORM", id: "61598", trust: 0.1, }, { db: "PACKETSTORM", id: "88174", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-29334", }, { db: "BID", id: "26750", }, { db: "JVNDB", id: "JVNDB-2007-004633", }, { db: "PACKETSTORM", id: "62986", }, { db: "PACKETSTORM", id: "88558", }, { db: "PACKETSTORM", id: "89725", }, { db: "PACKETSTORM", id: "89749", }, { db: "PACKETSTORM", id: "61598", }, { db: "PACKETSTORM", id: "88174", }, { db: "NVD", id: "CVE-2007-5972", }, { db: "CNNVD", id: "CNNVD-200712-058", }, ], }, id: "VAR-200712-0601", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-29334", }, ], trust: 0.01, }, last_update_date: "2023-12-18T11:42:38.956000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Kerberos", trust: 0.8, url: "http://web.mit.edu/kerberos/www/", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2007-004633", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-29334", }, { db: "JVNDB", id: "JVNDB-2007-004633", }, { db: "NVD", id: "CVE-2007-5972", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "http://seclists.org/fulldisclosure/2007/dec/0321.html", }, { trust: 2, url: "http://bugs.gentoo.org/show_bug.cgi?id=199211", }, { trust: 1.7, url: "http://www.securityfocus.com/bid/26750", }, { trust: 1.7, url: "https://issues.rpath.com/browse/rpl-2012", }, { trust: 1.7, url: "http://seclists.org/fulldisclosure/2007/dec/0176.html", }, { trust: 1.7, url: "http://osvdb.org/44747", }, { trust: 1.7, url: "http://secunia.com/advisories/28636", }, { trust: 1.7, url: "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html", }, { trust: 1.2, url: "http://www.ubuntu.com/usn/usn-940-1", }, { trust: 1.1, url: "http://secunia.com/advisories/39290", }, { trust: 1.1, url: "http://secunia.com/advisories/39784", }, { trust: 1.1, url: "http://ubuntu.com/usn/usn-924-1", }, { trust: 1.1, url: "http://www.vupen.com/english/advisories/2010/1192", }, { trust: 0.9, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5972", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-5972", }, { trust: 0.6, url: "http://www.nsfocus.net/vulndb/11249", }, { trust: 0.3, url: "http://bugs.gentoo.org/show_bug.cgi?id=199205", }, { trust: 0.3, url: "http://bugs.gentoo.org/show_bug.cgi?id=199212", }, { trust: 0.3, url: "http://bugs.gentoo.org/show_bug.cgi?id=199214", }, { trust: 0.3, url: "http://web.mit.edu/kerberos/", }, { trust: 0.3, url: "http://rhn.redhat.com/errata/rhsa-2008-0164.html", }, { trust: 0.3, url: "http://rhn.redhat.com/errata/rhsa-2008-0180.html", }, { trust: 0.3, url: "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org", }, { trust: 0.3, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz", }, { trust: 0.3, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1.orig.tar.gz", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5972", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5971", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5902", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.dsc", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-3ubuntu0.4_all.deb", }, { trust: 0.2, url: "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.dsc", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-3ubuntu0.4.diff.gz", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.2, url: "http://secunia.com/advisories/secunia_security_advisories/", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.diff.gz", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.4.diff.gz", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.3.dsc", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.2, url: "http://secunia.com/advisories/about_secunia_advisories/", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-3ubuntu0.4_i386.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.3~beta1-2ubuntu1.4_all.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_amd64.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-3ubuntu0.4_sparc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.4_amd64.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5ubuntu2.3_all.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.3_sparc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.4_powerpc.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.4_sparc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-3ubuntu0.4_lpia.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.3_lpia.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.4_i386.deb", }, { trust: 0.2, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.3_powerpc.deb", }, { trust: 0.2, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.3_i386.deb", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5901", }, { trust: 0.1, url: "http://secunia.com/advisories/28358/", }, { trust: 0.1, url: "http://secunia.com/product/1171/", }, { trust: 0.1, url: "http://secunia.com/product/16124/", }, { trust: 0.1, url: "http://secunia.com/product/2001/", }, { trust: 0.1, url: "http://secunia.com/product/13375/", }, { trust: 0.1, url: "https://psi.secunia.com/?page=changelog", }, { trust: 0.1, url: "http://secunia.com/advisories/28636/", }, { trust: 0.1, url: "http://secunia.com/advisories/28444/", }, { trust: 0.1, url: "http://secunia.com/advisories/27313/", }, { trust: 0.1, url: "http://secunia.com/about_secunia_advisories/", }, { trust: 0.1, url: "https://psi.secunia.com/", }, { trust: 0.1, url: "http://secunia.com/advisories/28384/", }, { trust: 0.1, url: "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00005.html", }, { trust: 0.1, url: "http://secunia.com/product/2526/", }, { trust: 0.1, url: "http://secunia.com/product/4118/", }, { trust: 0.1, url: "http://secunia.com/advisories/28076/", }, { trust: 0.1, url: "http://secunia.com/secunia_security_advisories/", }, { trust: 0.1, url: "http://secunia.com/advisories/28129/", }, { trust: 0.1, url: "http://secunia.com/advisories/28228/", }, { trust: 0.1, url: "http://secunia.com/product/12192/", }, { trust: 0.1, url: "http://secunia.com/product/10796/", }, { trust: 0.1, url: "http://secunia.com/advisories/28327/", }, { trust: 0.1, url: "http://www.ubuntu.com/usn/usn-924-1", }, { trust: 0.1, url: "http://secunia.com/advisories/39290/", }, { trust: 0.1, url: "http://secunia.com/advisories/39315/", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.5.dsc", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.11.diff.gz", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.7dfsg~beta3-1ubuntu0.6.dsc", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.7dfsg~beta3-1ubuntu0.6_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-1321", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.7dfsg~beta3.orig.tar.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.4.diff.gz", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.3~beta1-2ubuntu1.5_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-3_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.4~beta1-5ubuntu2.4.dsc", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5support0_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc-ldap_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-1320", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5ubuntu2.4_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libk5crypto3_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.6.dfsg.3~beta1-2ubuntu1.5.diff.gz", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm5clnt6_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5ubuntu2.4_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-user_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.11_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.5_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-5ubuntu0.11_all.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.7dfsg~beta3-1ubuntu0.6_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libgssrpc4_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkadm5srv6_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.5_lpia.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5ubuntu2.4_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.11.dsc", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.4_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/krb5-user_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.6.dfsg.3~beta1-2ubuntu1.5_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libgssapi-krb5-2_1.7dfsg~beta3-1ubuntu0.6_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.7dfsg~beta3-1ubuntu0.6.diff.gz", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.6_lpia.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.11_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.7dfsg~beta3-1ubuntu0.6_amd64.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5ubuntu2.4_powerpc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3.orig.tar.gz", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5ubuntu2.4_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.11_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/universe/k/krb5/krb5-rsh-server_1.6.dfsg.3~beta1-2ubuntu1.5_powerpc.deb", }, { trust: 0.1, url: "http://ports.ubuntu.com/pool/main/k/krb5/libkdb5-4_1.7dfsg~beta3-1ubuntu0.6_sparc.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.6.dfsg.3~beta1-2ubuntu1.5_i386.deb", }, { trust: 0.1, url: "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.11_sparc.deb", }, { trust: 0.1, url: "https://ca.secunia.com/?page=viewadvisory&vuln_id=39784", }, { trust: 0.1, url: "http://secunia.com/advisories/39784/", }, { trust: 0.1, url: "http://secunia.com/products/corporate/evm/", }, { trust: 0.1, url: "http://secunia.com/advisories/39784/#comments", }, { trust: 0.1, url: "http://secunia.com/vulnerability_scanning/personal/", }, { trust: 0.1, url: "http://secunia.com/products/corporate/evm/trial/", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5971", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5894", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5894", }, { trust: 0.1, url: "http://www.venustech.com.cn)", }, { trust: 0.1, url: "http://secunia.com/", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5901", }, { trust: 0.1, url: "http://lists.grok.org.uk/full-disclosure-charter.html", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5902", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-0629", }, ], sources: [ { db: "VULHUB", id: "VHN-29334", }, { db: "BID", id: "26750", }, { db: "JVNDB", id: "JVNDB-2007-004633", }, { db: "PACKETSTORM", id: "62986", }, { db: "PACKETSTORM", id: "88558", }, { db: "PACKETSTORM", id: "89725", }, { db: "PACKETSTORM", id: "89749", }, { db: "PACKETSTORM", id: "61598", }, { db: "PACKETSTORM", id: "88174", }, { db: "NVD", id: "CVE-2007-5972", }, { db: "CNNVD", id: "CNNVD-200712-058", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-29334", }, { db: "BID", id: "26750", }, { db: "JVNDB", id: "JVNDB-2007-004633", }, { db: "PACKETSTORM", id: "62986", }, { db: "PACKETSTORM", id: "88558", }, { db: "PACKETSTORM", id: "89725", }, { db: "PACKETSTORM", id: "89749", }, { db: "PACKETSTORM", id: "61598", }, { db: "PACKETSTORM", id: "88174", }, { db: "NVD", id: "CVE-2007-5972", }, { db: "CNNVD", id: "CNNVD-200712-058", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2007-12-06T00:00:00", db: "VULHUB", id: "VHN-29334", }, { date: "2007-12-06T00:00:00", db: "BID", id: "26750", }, { date: "2012-09-25T00:00:00", db: "JVNDB", id: "JVNDB-2007-004633", }, { date: "2008-01-25T23:58:49", db: "PACKETSTORM", id: "62986", }, { date: "2010-04-19T07:20:38", db: "PACKETSTORM", id: "88558", }, { date: "2010-05-20T02:48:24", db: "PACKETSTORM", id: "89725", }, { date: "2010-05-20T08:31:00", db: "PACKETSTORM", id: "89749", }, { date: "2007-12-08T01:06:55", db: "PACKETSTORM", id: "61598", }, { date: "2010-04-07T22:25:37", db: "PACKETSTORM", id: "88174", }, { date: "2007-12-06T02:46:00", db: "NVD", id: "CVE-2007-5972", }, { date: "2007-12-05T00:00:00", db: "CNNVD", id: "CNNVD-200712-058", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-01-21T00:00:00", db: "VULHUB", id: "VHN-29334", }, { date: "2015-04-13T21:56:00", db: "BID", id: "26750", }, { date: "2012-09-25T00:00:00", db: "JVNDB", id: "JVNDB-2007-004633", }, { date: "2020-01-21T15:45:33.223000", db: "NVD", id: "CVE-2007-5972", }, { date: "2007-12-06T00:00:00", db: "CNNVD", id: "CNNVD-200712-058", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "89725", }, { db: "PACKETSTORM", id: "88174", }, { db: "CNNVD", id: "CNNVD-200712-058", }, ], trust: 0.8, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "MIT Kerberos Multiple Memory Corruption Vulnerabilities", sources: [ { db: "BID", id: "26750", }, { db: "CNNVD", id: "CNNVD-200712-058", }, ], trust: 0.9, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer overflow", sources: [ { db: "CNNVD", id: "CNNVD-200712-058", }, ], trust: 0.6, }, }
var-200712-0427
Vulnerability from variot
The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 (krb5) does not initialize the length variable when auth_type has a certain value, which has unknown impact and remote authenticated attack vectors. NOTE: the original disclosure misidentifies the conditions under which the uninitialized variable is used. NOTE: the vendor disputes this issue, stating " The 'length' variable is only uninitialized if 'auth_type' is neither the 'KERBEROS_V4' nor 'GSSAPI'; this condition cannot occur in the unmodified source code. Kerberos是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等。MIT Kerberos 5(又名krb5)是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等. Kerberos的实现上存在多个内存破坏漏洞,远程攻击者可能利用这些漏洞导致服务程序崩溃. gssftp的ftpd是Kerberos加密的FTP服务器,可通过Kerberos 5认证。在ftpd.c的reply()函数中存在未初始化的指针: void reply(int n, char fmt, ...) { ... (1) int length, kerror; <---- declared length without initializer if (n) sprintf(in, \"\%d\%c\", n, cont_char); else in[0] = \'\'\0\'\'; strncat(in, buf, sizeof (in) - strlen(in) - 1); #ifdef KRB5_KRB4_COMPAT if (strcmp(auth_type, \"KERBEROS_V4\") == 0) { if (clevel == PROT_P) length = krb_mk_priv((unsigned char )in, (unsigned char )out, strlen(in), schedule, &kdata.session, &ctrl_addr, &his_addr); else length = krb_mk_safe((unsigned char )in, (unsigned char )out, strlen(in), &kdata.session, &ctrl_addr, &his_addr); if (length == -1) { syslog(LOG_ERR, \"krb_mk_\%s failed for KERBEROS_V4\", clevel == PROT_P ? \"priv\" : \"safe\"); fputs(in,stdout); } } else #endif / KRB5_KRB4_COMPAT / #ifdef GSSAPI / reply (based on level) / if (strcmp(auth_type, \"GSSAPI\") == 0) { gss_buffer_desc in_buf, out_buf; OM_uint32 maj_stat, min_stat; int conf_state; in_buf.value = in; in_buf.length = strlen(in); maj_stat = gss_seal(&min_stat, gcontext, clevel == PROT_P, / private / GSS_C_QOP_DEFAULT, &in_buf, &conf_state, &out_buf); if (maj_stat != GSS_S_COMPLETE) { #if 0 / Don\'\'t setup an infinite loop / / generally need to deal / secure_gss_error(maj_stat, min_stat, (clevel==PROT_P)? \"gss_seal ENC didn\'\'t complete\": \"gss_seal MIC didn\'\'t complete\"); #endif / 0 / } else if ((clevel == PROT_P) && !conf_state) { #if 0 / Don\'\'t setup an infinite loop / secure_error(\"GSSAPI didn\'\'t encrypt message\"); #endif / 0 / } else { memcpy(out, out_buf.value, length=out_buf.length); gss_release_buffer(&min_stat, &out_buf); } } #endif / GSSAPI / / Othe. Multiple memory-corruption vulnerabilities with unknown impacts affect MIT Kerberos 5. These issues include a use-after-free vulnerability, an integer-overflow vulnerability, and two double-free vulnerabilities. It adopts a client/server structure, and both the client and the server can authenticate each other (that is, double verification), which can prevent eavesdropping and replay attack, etc. MIT Kerberos 5 (also known as krb5) is a set of network authentication protocols developed by the Massachusetts Institute of Technology (MIT). ), which can prevent eavesdropping, prevent replay attacks, etc. gssftp's ftpd is a Kerberos-encrypted FTP server that can pass Kerberos 5 authentication.
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched.
Download and test it today: https://psi.secunia.com/
Read more about this new version: https://psi.secunia.com/?page=changelog
TITLE: SUSE Update for Multiple Packages
SECUNIA ADVISORY ID: SA28636
VERIFY ADVISORY: http://secunia.com/advisories/28636/
CRITICAL: Highly critical
IMPACT: Security Bypass, DoS, System access
WHERE:
From remote
OPERATING SYSTEM: SUSE Linux 10.1 http://secunia.com/product/10796/ openSUSE 10.2 http://secunia.com/product/13375/ openSUSE 10.3 http://secunia.com/product/16124/ SuSE Linux Enterprise Server 8 http://secunia.com/product/1171/ SUSE Linux Enterprise Server 9 http://secunia.com/product/4118/ SUSE Linux Enterprise Server 10 http://secunia.com/product/12192/ SuSE Linux Openexchange Server 4.x http://secunia.com/product/2001/ SuSE Linux Standard Server 8 http://secunia.com/product/2526/
DESCRIPTION: SUSE has issued updates for multiple packages.
For more information: SA27313 SA28076 SA28129 SA28228 SA28327 SA28358 SA28384 SA28444
SOLUTION: Updated packages are available via Yast Online Update or the SUSE FTP server.
ORIGINAL ADVISORY: http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00005.html
OTHER REFERENCES: SA27313: http://secunia.com/advisories/27313/
SA28076: http://secunia.com/advisories/28076/
SA28129: http://secunia.com/advisories/28129/
SA28228: http://secunia.com/advisories/28228/
SA28327: http://secunia.com/advisories/28327/
SA28358: http://secunia.com/advisories/28358/
SA28384: http://secunia.com/advisories/28384/
SA28444: http://secunia.com/advisories/28444/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200803-31
http://security.gentoo.org/
Severity: High Title: MIT Kerberos 5: Multiple vulnerabilities Date: March 24, 2008 Bugs: #199205, #212363 ID: 200803-31
Synopsis
Multiple vulnerabilites have been found in MIT Kerberos 5, which could allow a remote unauthenticated user to execute arbitrary code with root privileges.
Background
MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. kadmind is the MIT Kerberos 5 administration daemon, KDC is the Key Distribution Center.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-crypt/mit-krb5 < 1.6.3-r1 >= 1.6.3-r1
Description
-
Two vulnerabilities were found in the Kerberos 4 support in KDC: A global variable is not set for some incoming message types, leading to a NULL pointer dereference or a double free() (CVE-2008-0062) and unused portions of a buffer are not properly cleared when generating an error message, which results in stack content being contained in a reply (CVE-2008-0063).
-
Jeff Altman (Secure Endpoints) discovered a buffer overflow in the RPC library server code, used in the kadmin server, caused when too many file descriptors are opened (CVE-2008-0947).
-
Venustech AD-LAB discovered multiple vulnerabilities in the GSSAPI library: usage of a freed variable in the gss_indicate_mechs() function (CVE-2007-5901) and a double free() vulnerability in the gss_krb5int_make_seal_token_v3() function (CVE-2007-5971).
Impact
The first two vulnerabilities can be exploited by a remote unauthenticated attacker to execute arbitrary code on the host running krb5kdc, compromise the Kerberos key database or cause a Denial of Service. These bugs can only be triggered when Kerberos 4 support is enabled.
The RPC related vulnerability can be exploited by a remote unauthenticated attacker to crash kadmind, and theoretically execute arbitrary code with root privileges or cause database corruption. This bug can only be triggered in configurations that allow large numbers of open file descriptors in a process.
The GSSAPI vulnerabilities could be exploited by a remote attacker to cause Denial of Service conditions or possibly execute arbitrary code.
Workaround
Kerberos 4 support can be disabled via disabling the "krb4" USE flag and recompiling the ebuild, or setting "v4_mode=none" in the [kdcdefaults] section of /etc/krb5/kdc.conf. This will only work around the KDC related vulnerabilities.
Resolution
All MIT Kerberos 5 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-crypt/mit-krb5-1.6.3-r1"
References
[ 1 ] CVE-2007-5901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894 [ 2 ] CVE-2007-5971 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971 [ 3 ] CVE-2008-0062 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062 [ 4 ] CVE-2008-0063 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063 [ 5 ] CVE-2008-0947 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200803-31.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 .
Description
A uninitialized vulnerability (CVE-2007-5894)in function reply() in
ftpd.c. A dereferencing vulnerability(CVE-2007-5901) in gssapi lib in function gss_indicate_mechs(mi norStatus, mechSet) in g_initialize.c and a integer overflow vunerability(CVE-2007-5902) in rpc lib in function svcauth_gss_get_principal in svc_auth_gss.c.
Impact
Reading uninitialized variables can result in unpredictable behavior, crashes, or security holes. Dereferencing,integer overflow and double free may cause instability and potentially crash.
References
[ 1 ] CVE-2007-5894 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894 [ 2 ] CVE-2007-5901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901 [ 3 ] CVE-2007-5902 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5902 [ 4 ] CVE-2007-5971 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971 [ 5 ] CVE-2007-5972 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5972
III.CREDIT:
Venustech AD-LAB discovery this vuln. Thank to all Venustech AD-Lab
guys.
V.DISCLAIMS:
The information in this bulletin is provided "AS IS" without warranty of any kind. In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
Copyright 1996-2007 VENUSTECH. All Rights Reserved. Terms of use.
VENUSTECH Security Lab VENUSTECH INFORMATION TECHNOLOGY CO.,LTD(http://www.venustech.com.cn)
Security Trusted {Solution} Provider Service
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200712-0427", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: null, }, { model: "kerberos", scope: "eq", trust: 0.6, vendor: "mit", version: "5", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.10", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "9.04", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.10", }, { model: "linux lts sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux lts sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "6.06", }, { model: "linux lts powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "6.06", }, { model: "linux lts i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "6.06", }, { model: "linux lts amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "6.06", }, { model: "linux enterprise server sp1", scope: "eq", trust: 0.3, vendor: "suse", version: "10", }, { model: "linux enterprise server", scope: "eq", trust: 0.3, vendor: "suse", version: "10", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "10.1x86-64", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "suse", version: "10.1x86", }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "suse", version: "10.1", }, { model: "opensuse", scope: "eq", trust: 0.3, vendor: "s u s e", version: "10.3", }, { model: "opensuse", scope: "eq", trust: 0.3, vendor: "s u s e", version: "10.2", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "rpath", version: "1", }, { model: "appliance platform linux service", scope: "eq", trust: 0.3, vendor: "rpath", version: "1", }, { model: "fedora", scope: "eq", trust: 0.3, vendor: "redhat", version: "7", }, { model: "enterprise linux ws", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux es", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux desktop workstation client", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "enterprise linux desktop client", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "enterprise linux as", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux server", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "desktop", scope: "eq", trust: 0.3, vendor: "redhat", version: "4.0", }, { model: "application server es", scope: "eq", trust: 0.3, vendor: "redhat", version: "3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3.1", }, { model: "kerberos -alpha1", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.8", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.7", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.4", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.3", }, { model: "kerberos -beta1", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.1.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0.8", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0", }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2008.0", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2008.0", }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2007.1", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2007.1", }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2007.0", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2007.0", }, { model: "corporate server x86 64", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "4.0", }, { model: "corporate server", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "4.0", }, { model: "linux", scope: null, trust: 0.3, vendor: "gentoo", version: null, }, { model: "directory pro", scope: "eq", trust: 0.3, vendor: "cosmicperl", version: "10.0.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.11", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.10", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.9", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.8", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.7", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.9", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.8", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.7", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.8", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.7", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.6", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.4", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.3", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.11", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.10", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.9", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.8", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.6", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.9", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.8", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.6", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.8", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.7", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.6", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.5", }, ], sources: [ { db: "BID", id: "26750", }, { db: "CNNVD", id: "CNNVD-200712-056", }, { db: "NVD", id: "CVE-2007-5894", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2007-5894", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Venustech AD-LAB", sources: [ { db: "PACKETSTORM", id: "61598", }, { db: "CNNVD", id: "CNNVD-200712-056", }, ], trust: 0.7, }, cve: "CVE-2007-5894", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", exploitabilityScore: 8.6, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", exploitabilityScore: 8.6, id: "VHN-29256", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2007-5894", trust: 1, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-200712-056", trust: 0.6, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-29256", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-29256", }, { db: "CNNVD", id: "CNNVD-200712-056", }, { db: "NVD", id: "CVE-2007-5894", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 (krb5) does not initialize the length variable when auth_type has a certain value, which has unknown impact and remote authenticated attack vectors. NOTE: the original disclosure misidentifies the conditions under which the uninitialized variable is used. NOTE: the vendor disputes this issue, stating \" The 'length' variable is only uninitialized if 'auth_type' is neither the 'KERBEROS_V4' nor 'GSSAPI'; this condition cannot occur in the unmodified source code. Kerberos是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等。MIT Kerberos 5(又名krb5)是美国麻省理工学院(MIT)开发的一套网络认证协议,它采用客户端/服务器结构,并且客户端和服务器端均可对对方进行身份认证(即双重验证),可防止窃听、防止replay攻击等. \nKerberos的实现上存在多个内存破坏漏洞,远程攻击者可能利用这些漏洞导致服务程序崩溃. \ngssftp的ftpd是Kerberos加密的FTP服务器,可通过Kerberos 5认证。在ftpd.c的reply()函数中存在未初始化的指针:\nvoid reply(int n, char *fmt, ...)\n{\n... \n(1) int length, kerror; <---- declared length without initializer\nif (n) sprintf(in, \\\"\\\\%d\\\\%c\\\", n, cont_char);\nelse in[0] = \\'\\'\0\\'\\';\nstrncat(in, buf, sizeof (in) - strlen(in) - 1);\n#ifdef KRB5_KRB4_COMPAT\nif (strcmp(auth_type, \\\"KERBEROS_V4\\\") == 0) {\nif (clevel == PROT_P)\nlength = krb_mk_priv((unsigned char\n*)in,\n(unsigned char\n*)out,\nstrlen(in),\nschedule,\n&kdata.session,\n&ctrl_addr,\n&his_addr);\nelse\nlength = krb_mk_safe((unsigned char\n*)in,\n(unsigned char\n*)out,\nstrlen(in),\n&kdata.session,\n&ctrl_addr,\n&his_addr);\nif (length == -1) {\nsyslog(LOG_ERR,\n\\\"krb_mk_\\\\%s failed for\nKERBEROS_V4\\\",\nclevel == PROT_P ? \\\"priv\\\" :\n\\\"safe\\\");\nfputs(in,stdout);\n}\n} else\n#endif /* KRB5_KRB4_COMPAT */\n#ifdef GSSAPI\n/* reply (based on level) */\nif (strcmp(auth_type, \\\"GSSAPI\\\") == 0) {\ngss_buffer_desc in_buf, out_buf;\nOM_uint32 maj_stat, min_stat;\nint conf_state;\nin_buf.value = in;\nin_buf.length = strlen(in);\nmaj_stat = gss_seal(&min_stat, gcontext,\nclevel == PROT_P, /*\nprivate */\nGSS_C_QOP_DEFAULT,\n&in_buf, &conf_state,\n&out_buf);\nif (maj_stat != GSS_S_COMPLETE) {\n#if 0\n/* Don\\'\\'t setup an infinite loop */\n/* generally need to deal */\nsecure_gss_error(maj_stat, min_stat,\n(clevel==PROT_P)?\n\\\"gss_seal ENC didn\\'\\'t\ncomplete\\\":\n\\\"gss_seal MIC didn\\'\\'t\ncomplete\\\");\n#endif /* 0 */\n} else if ((clevel == PROT_P) && !conf_state) {\n#if 0\n/* Don\\'\\'t setup an infinite loop */\nsecure_error(\\\"GSSAPI didn\\'\\'t encrypt\nmessage\\\");\n#endif /* 0 */\n} else {\nmemcpy(out, out_buf.value,\nlength=out_buf.length);\ngss_release_buffer(&min_stat,\n&out_buf);\n}\n}\n#endif /* GSSAPI */\n/* Othe. Multiple memory-corruption vulnerabilities with unknown impacts affect MIT Kerberos 5. These issues include a use-after-free vulnerability, an integer-overflow vulnerability, and two double-free vulnerabilities. It adopts a client/server structure, and both the client and the server can authenticate each other (that is, double verification), which can prevent eavesdropping and replay attack, etc. MIT Kerberos 5 (also known as krb5) is a set of network authentication protocols developed by the Massachusetts Institute of Technology (MIT). ), which can prevent eavesdropping, prevent replay attacks, etc. gssftp's ftpd is a Kerberos-encrypted FTP server that can pass Kerberos 5 authentication. \n\n----------------------------------------------------------------------\n\nA new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI\nhas been released. The new version includes many new and advanced\nfeatures, which makes it even easier to stay patched. \n\nDownload and test it today:\nhttps://psi.secunia.com/\n\nRead more about this new version:\nhttps://psi.secunia.com/?page=changelog\n\n----------------------------------------------------------------------\n\nTITLE:\nSUSE Update for Multiple Packages\n\nSECUNIA ADVISORY ID:\nSA28636\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/28636/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSecurity Bypass, DoS, System access\n\nWHERE:\n>From remote\n\nOPERATING SYSTEM:\nSUSE Linux 10.1\nhttp://secunia.com/product/10796/\nopenSUSE 10.2\nhttp://secunia.com/product/13375/\nopenSUSE 10.3\nhttp://secunia.com/product/16124/\nSuSE Linux Enterprise Server 8\nhttp://secunia.com/product/1171/\nSUSE Linux Enterprise Server 9\nhttp://secunia.com/product/4118/\nSUSE Linux Enterprise Server 10\nhttp://secunia.com/product/12192/\nSuSE Linux Openexchange Server 4.x\nhttp://secunia.com/product/2001/\nSuSE Linux Standard Server 8\nhttp://secunia.com/product/2526/\n\nDESCRIPTION:\nSUSE has issued updates for multiple packages. \n\nFor more information:\nSA27313\nSA28076\nSA28129\nSA28228\nSA28327\nSA28358\nSA28384\nSA28444\n\nSOLUTION:\nUpdated packages are available via Yast Online Update or the SUSE FTP\nserver. \n\nORIGINAL ADVISORY:\nhttp://lists.opensuse.org/opensuse-security-announce/2008-01/msg00005.html\n\nOTHER REFERENCES:\nSA27313:\nhttp://secunia.com/advisories/27313/\n\nSA28076:\nhttp://secunia.com/advisories/28076/\n\nSA28129:\nhttp://secunia.com/advisories/28129/\n\nSA28228:\nhttp://secunia.com/advisories/28228/\n\nSA28327:\nhttp://secunia.com/advisories/28327/\n\nSA28358:\nhttp://secunia.com/advisories/28358/\n\nSA28384:\nhttp://secunia.com/advisories/28384/\n\nSA28444:\nhttp://secunia.com/advisories/28444/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200803-31\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: MIT Kerberos 5: Multiple vulnerabilities\n Date: March 24, 2008\n Bugs: #199205, #212363\n ID: 200803-31\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilites have been found in MIT Kerberos 5, which could\nallow a remote unauthenticated user to execute arbitrary code with root\nprivileges. \n\nBackground\n==========\n\nMIT Kerberos 5 is a suite of applications that implement the Kerberos\nnetwork protocol. kadmind is the MIT Kerberos 5 administration daemon,\nKDC is the Key Distribution Center. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-crypt/mit-krb5 < 1.6.3-r1 >= 1.6.3-r1\n\nDescription\n===========\n\n* Two vulnerabilities were found in the Kerberos 4 support in KDC: A\n global variable is not set for some incoming message types, leading\n to a NULL pointer dereference or a double free() (CVE-2008-0062) and\n unused portions of a buffer are not properly cleared when generating\n an error message, which results in stack content being contained in a\n reply (CVE-2008-0063). \n\n* Jeff Altman (Secure Endpoints) discovered a buffer overflow in the\n RPC library server code, used in the kadmin server, caused when too\n many file descriptors are opened (CVE-2008-0947). \n\n* Venustech AD-LAB discovered multiple vulnerabilities in the GSSAPI\n library: usage of a freed variable in the gss_indicate_mechs()\n function (CVE-2007-5901) and a double free() vulnerability in the\n gss_krb5int_make_seal_token_v3() function (CVE-2007-5971). \n\nImpact\n======\n\nThe first two vulnerabilities can be exploited by a remote\nunauthenticated attacker to execute arbitrary code on the host running\nkrb5kdc, compromise the Kerberos key database or cause a Denial of\nService. These bugs can only be triggered when Kerberos 4 support is\nenabled. \n\nThe RPC related vulnerability can be exploited by a remote\nunauthenticated attacker to crash kadmind, and theoretically execute\narbitrary code with root privileges or cause database corruption. This\nbug can only be triggered in configurations that allow large numbers of\nopen file descriptors in a process. \n\nThe GSSAPI vulnerabilities could be exploited by a remote attacker to\ncause Denial of Service conditions or possibly execute arbitrary code. \n\nWorkaround\n==========\n\nKerberos 4 support can be disabled via disabling the \"krb4\" USE flag\nand recompiling the ebuild, or setting \"v4_mode=none\" in the\n[kdcdefaults] section of /etc/krb5/kdc.conf. This will only work around\nthe KDC related vulnerabilities. \n\nResolution\n==========\n\nAll MIT Kerberos 5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-crypt/mit-krb5-1.6.3-r1\"\n\nReferences\n==========\n\n [ 1 ] CVE-2007-5901\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894\n [ 2 ] CVE-2007-5971\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971\n [ 3 ] CVE-2008-0062\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062\n [ 4 ] CVE-2008-0063\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063\n [ 5 ] CVE-2008-0947\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200803-31.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2008 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\nDescription\n\n\tA uninitialized vulnerability (CVE-2007-5894)in function reply() in\nftpd.c. \n A dereferencing vulnerability(CVE-2007-5901) in gssapi lib in function\ngss_indicate_mechs(mi\nnorStatus, mechSet) in g_initialize.c and a integer overflow\nvunerability(CVE-2007-5902)\nin rpc lib in function svcauth_gss_get_principal in svc_auth_gss.c. \n\nImpact\n\nReading uninitialized variables can result in unpredictable behavior,\ncrashes, or security holes. \nDereferencing,integer overflow and double free may cause instability and\npotentially crash. \n\nReferences\n==========\n\n [ 1 ] CVE-2007-5894\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894\n [ 2 ] CVE-2007-5901\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901\n [ 3 ] CVE-2007-5902\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5902\n [ 4 ] CVE-2007-5971\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971\n [ 5 ] CVE-2007-5972\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5972\n\n\nIII.CREDIT:\n----------\n Venustech AD-LAB discovery this vuln. Thank to all Venustech AD-Lab\nguys. \n\nV.DISCLAIMS:\n-----------\n\nThe information in this bulletin is provided \"AS IS\" without warranty of\nany\nkind. In no event shall we be liable for any damages whatsoever\nincluding direct,\nindirect, incidental, consequential, loss of business profits or special\ndamages. \n\nCopyright 1996-2007 VENUSTECH. All Rights Reserved. Terms of use. \n\nVENUSTECH Security Lab\nVENUSTECH INFORMATION TECHNOLOGY CO.,LTD(http://www.venustech.com.cn)\n\nSecurity\nTrusted {Solution} Provider\nService\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n", sources: [ { db: "NVD", id: "CVE-2007-5894", }, { db: "CNNVD", id: "CNNVD-200712-056", }, { db: "BID", id: "26750", }, { db: "VULHUB", id: "VHN-29256", }, { db: "PACKETSTORM", id: "62986", }, { db: "PACKETSTORM", id: "64777", }, { db: "PACKETSTORM", id: "64848", }, { db: "PACKETSTORM", id: "64720", }, { db: "PACKETSTORM", id: "61598", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2007-5894", trust: 2.2, }, { db: "BID", id: "26750", trust: 2, }, { db: "SECUNIA", id: "28636", trust: 1.8, }, { db: "SECUNIA", id: "29457", trust: 1.8, }, { db: "OSVDB", id: "44333", trust: 1.7, }, { db: "NSFOCUS", id: "11249", trust: 0.6, }, { db: "FULLDISC", id: "20071208 MIT KERBEROS 5: MULTIPLE VULNERABILITIES", trust: 0.6, }, { db: "FULLDISC", id: "20071208 VENUSTECH REPORTS OF MIT KRB5 VULNS [CVE-2007-5894 CVE-2007-5901 CVE-2007-5902 CVE-2007-5971 CVE-2007-5972]", trust: 0.6, }, { db: "SUSE", id: "SUSE-SR:2008:002", trust: 0.6, }, { db: "BUGTRAQ", id: "20080319 RPSA-2008-0112-1 KRB5 KRB5-SERVER KRB5-SERVICES KRB5-TEST KRB5-WORKSTATION", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-200712-056", trust: 0.6, }, { db: "PACKETSTORM", id: "61598", trust: 0.2, }, { db: "VULHUB", id: "VHN-29256", trust: 0.1, }, { db: "PACKETSTORM", id: "62986", trust: 0.1, }, { db: "PACKETSTORM", id: "64777", trust: 0.1, }, { db: "PACKETSTORM", id: "64848", trust: 0.1, }, { db: "SECUNIA", id: "29450", trust: 0.1, }, { db: "PACKETSTORM", id: "64720", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-29256", }, { db: "BID", id: "26750", }, { db: "PACKETSTORM", id: "62986", }, { db: "PACKETSTORM", id: "64777", }, { db: "PACKETSTORM", id: "64848", }, { db: "PACKETSTORM", id: "64720", }, { db: "PACKETSTORM", id: "61598", }, { db: "CNNVD", id: "CNNVD-200712-056", }, { db: "NVD", id: "CVE-2007-5894", }, ], }, id: "VAR-200712-0427", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-29256", }, ], trust: 0.01, }, last_update_date: "2024-05-17T21:18:22.630000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-noinfo", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2007-5894", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "http://seclists.org/fulldisclosure/2007/dec/0321.html", }, { trust: 2, url: "http://bugs.gentoo.org/show_bug.cgi?id=199205", }, { trust: 1.8, url: "http://wiki.rpath.com/wiki/advisories:rpsa-2008-0112", }, { trust: 1.7, url: "http://www.securityfocus.com/bid/26750", }, { trust: 1.7, url: "http://wiki.rpath.com/advisories:rpsa-2008-0112", }, { trust: 1.7, url: "https://issues.rpath.com/browse/rpl-2012", }, { trust: 1.7, url: "http://seclists.org/fulldisclosure/2007/dec/0176.html", }, { trust: 1.7, url: "http://osvdb.org/44333", }, { trust: 1.7, url: "http://secunia.com/advisories/28636", }, { trust: 1.7, url: "http://secunia.com/advisories/29457", }, { trust: 1.7, url: "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html", }, { trust: 1.1, url: "http://www.securityfocus.com/archive/1/489883/100/0/threaded", }, { trust: 0.6, url: "http://www.securityfocus.com/archive/1/archive/1/489883/100/0/threaded", }, { trust: 0.6, url: "http://www.nsfocus.net/vulndb/11249", }, { trust: 0.4, url: "http://rhn.redhat.com/errata/rhsa-2008-0180.html", }, { trust: 0.3, url: "http://bugs.gentoo.org/show_bug.cgi?id=199211", }, { trust: 0.3, url: "http://bugs.gentoo.org/show_bug.cgi?id=199212", }, { trust: 0.3, url: "http://bugs.gentoo.org/show_bug.cgi?id=199214", }, { trust: 0.3, url: "http://web.mit.edu/kerberos/", }, { trust: 0.3, url: "http://rhn.redhat.com/errata/rhsa-2008-0164.html", }, { trust: 0.3, url: "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org", }, { trust: 0.3, url: "https://psi.secunia.com/?page=changelog", }, { trust: 0.3, url: "http://secunia.com/about_secunia_advisories/", }, { trust: 0.3, url: "https://psi.secunia.com/", }, { trust: 0.3, url: "http://secunia.com/secunia_security_advisories/", }, { trust: 0.2, url: "http://secunia.com/advisories/29428/", }, { trust: 0.2, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5971", }, { trust: 0.2, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5894", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5901", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5971", }, { trust: 0.1, url: "http://secunia.com/advisories/28358/", }, { trust: 0.1, url: "http://secunia.com/product/1171/", }, { trust: 0.1, url: "http://secunia.com/product/16124/", }, { trust: 0.1, url: "http://secunia.com/product/2001/", }, { trust: 0.1, url: "http://secunia.com/product/13375/", }, { trust: 0.1, url: "http://secunia.com/advisories/28636/", }, { trust: 0.1, url: "http://secunia.com/advisories/28444/", }, { trust: 0.1, url: "http://secunia.com/advisories/27313/", }, { trust: 0.1, url: "http://secunia.com/advisories/28384/", }, { trust: 0.1, url: "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00005.html", }, { trust: 0.1, url: "http://secunia.com/product/2526/", }, { trust: 0.1, url: "http://secunia.com/product/4118/", }, { trust: 0.1, url: "http://secunia.com/advisories/28076/", }, { trust: 0.1, url: "http://secunia.com/advisories/28129/", }, { trust: 0.1, url: "http://secunia.com/advisories/28228/", }, { trust: 0.1, url: "http://secunia.com/product/12192/", }, { trust: 0.1, url: "http://secunia.com/product/10796/", }, { trust: 0.1, url: "http://secunia.com/advisories/28327/", }, { trust: 0.1, url: "http://secunia.com/product/10614/", }, { trust: 0.1, url: "http://secunia.com/advisories/29457/", }, { trust: 0.1, url: "http://bugs.gentoo.org.", }, { trust: 0.1, url: "http://creativecommons.org/licenses/by-sa/2.5", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0947", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0947", }, { trust: 0.1, url: "http://security.gentoo.org/glsa/glsa-200803-31.xml", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0062", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0063", }, { trust: 0.1, url: "http://security.gentoo.org/", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0063", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-0062", }, { trust: 0.1, url: "http://secunia.com/product/4669/", }, { trust: 0.1, url: "http://rhn.redhat.com", }, { trust: 0.1, url: "http://secunia.com/product/4668/", }, { trust: 0.1, url: "http://secunia.com/product/4670/", }, { trust: 0.1, url: "http://secunia.com/advisories/29450/", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5972", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5894", }, { trust: 0.1, url: "http://www.venustech.com.cn)", }, { trust: 0.1, url: "http://secunia.com/", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5901", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5972", }, { trust: 0.1, url: "http://lists.grok.org.uk/full-disclosure-charter.html", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5902", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2007-5902", }, ], sources: [ { db: "VULHUB", id: "VHN-29256", }, { db: "BID", id: "26750", }, { db: "PACKETSTORM", id: "62986", }, { db: "PACKETSTORM", id: "64777", }, { db: "PACKETSTORM", id: "64848", }, { db: "PACKETSTORM", id: "64720", }, { db: "PACKETSTORM", id: "61598", }, { db: "CNNVD", id: "CNNVD-200712-056", }, { db: "NVD", id: "CVE-2007-5894", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-29256", }, { db: "BID", id: "26750", }, { db: "PACKETSTORM", id: "62986", }, { db: "PACKETSTORM", id: "64777", }, { db: "PACKETSTORM", id: "64848", }, { db: "PACKETSTORM", id: "64720", }, { db: "PACKETSTORM", id: "61598", }, { db: "CNNVD", id: "CNNVD-200712-056", }, { db: "NVD", id: "CVE-2007-5894", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2007-12-06T00:00:00", db: "VULHUB", id: "VHN-29256", }, { date: "2007-12-06T00:00:00", db: "BID", id: "26750", }, { date: "2008-01-25T23:58:49", db: "PACKETSTORM", id: "62986", }, { date: "2008-03-20T23:00:48", db: "PACKETSTORM", id: "64777", }, { date: "2008-03-24T22:48:28", db: "PACKETSTORM", id: "64848", }, { date: "2008-03-19T23:10:20", db: "PACKETSTORM", id: "64720", }, { date: "2007-12-08T01:06:55", db: "PACKETSTORM", id: "61598", }, { date: "2007-12-05T00:00:00", db: "CNNVD", id: "CNNVD-200712-056", }, { date: "2007-12-06T02:46:00", db: "NVD", id: "CVE-2007-5894", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-01-21T00:00:00", db: "VULHUB", id: "VHN-29256", }, { date: "2015-04-13T21:56:00", db: "BID", id: "26750", }, { date: "2007-12-06T00:00:00", db: "CNNVD", id: "CNNVD-200712-056", }, { date: "2024-05-17T00:36:24.203000", db: "NVD", id: "CVE-2007-5894", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-200712-056", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "MIT Kerberos Multiple Memory Corruption Vulnerabilities", sources: [ { db: "BID", id: "26750", }, { db: "CNNVD", id: "CNNVD-200712-056", }, ], trust: 0.9, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-200712-056", }, ], trust: 0.6, }, }
var-201408-0300
Vulnerability from variot
Off-by-one error in the krb5_encode_krbsecretkey function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to cause a denial of service (buffer overflow) or possibly execute arbitrary code via a series of "cpw -keepold" commands. MIT kerberos 5 is prone to a buffer overflow vulnerability due to a out-of-bounds write memory access condition. Attackers can exploit this issue to execute arbitrary code within the context of the user. Failed attempts will likely cause a denial-of-service condition. MIT kerberos 5 1.6 through 1.12.1 are vulnerable.
CVE-2014-4343
An unauthenticated remote attacker with the ability to spoof packets
appearing to be from a GSSAPI acceptor can cause a double-free
condition in GSSAPI initiators (clients) which are using the SPNEGO
mechanism, by returning a different underlying mechanism than was
proposed by the initiator.
CVE-2014-4344
An unauthenticated or partially authenticated remote attacker can
cause a NULL dereference and application crash during a SPNEGO
negotiation by sending an empty token as the second or later context
token from initiator to acceptor.
For the stable distribution (wheezy), these problems have been fixed in version 1.10.1+dfsg-5+deb7u2.
For the unstable distribution (sid), these problems have been fixed in version 1.12.1+dfsg-7. ========================================================================== Ubuntu Security Notice USN-2310-1 August 11, 2014
krb5 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in Kerberos. This issue only affected Ubuntu 12.04 LTS. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2014-4344)
Tomas Kuthan and Greg Hudson discovered that the Kerberos kadmind daemon incorrectly handled buffers when used with the LDAP backend. (CVE-2014-4345)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: krb5-admin-server 1.12+dfsg-2ubuntu4.2 krb5-kdc 1.12+dfsg-2ubuntu4.2 krb5-kdc-ldap 1.12+dfsg-2ubuntu4.2 krb5-otp 1.12+dfsg-2ubuntu4.2 krb5-pkinit 1.12+dfsg-2ubuntu4.2 krb5-user 1.12+dfsg-2ubuntu4.2 libgssapi-krb5-2 1.12+dfsg-2ubuntu4.2 libgssrpc4 1.12+dfsg-2ubuntu4.2 libk5crypto3 1.12+dfsg-2ubuntu4.2 libkadm5clnt-mit9 1.12+dfsg-2ubuntu4.2 libkadm5srv-mit9 1.12+dfsg-2ubuntu4.2 libkdb5-7 1.12+dfsg-2ubuntu4.2 libkrad0 1.12+dfsg-2ubuntu4.2 libkrb5-3 1.12+dfsg-2ubuntu4.2 libkrb5support0 1.12+dfsg-2ubuntu4.2
Ubuntu 12.04 LTS: krb5-admin-server 1.10+dfsg~beta1-2ubuntu0.5 krb5-kdc 1.10+dfsg~beta1-2ubuntu0.5 krb5-kdc-ldap 1.10+dfsg~beta1-2ubuntu0.5 krb5-pkinit 1.10+dfsg~beta1-2ubuntu0.5 krb5-user 1.10+dfsg~beta1-2ubuntu0.5 libgssapi-krb5-2 1.10+dfsg~beta1-2ubuntu0.5 libgssrpc4 1.10+dfsg~beta1-2ubuntu0.5 libk5crypto3 1.10+dfsg~beta1-2ubuntu0.5 libkadm5clnt-mit8 1.10+dfsg~beta1-2ubuntu0.5 libkadm5srv-mit8 1.10+dfsg~beta1-2ubuntu0.5 libkdb5-6 1.10+dfsg~beta1-2ubuntu0.5 libkrb5-3 1.10+dfsg~beta1-2ubuntu0.5 libkrb5support0 1.10+dfsg~beta1-2ubuntu0.5
Ubuntu 10.04 LTS: krb5-admin-server 1.8.1+dfsg-2ubuntu0.13 krb5-kdc 1.8.1+dfsg-2ubuntu0.13 krb5-kdc-ldap 1.8.1+dfsg-2ubuntu0.13 krb5-pkinit 1.8.1+dfsg-2ubuntu0.13 krb5-user 1.8.1+dfsg-2ubuntu0.13 libgssapi-krb5-2 1.8.1+dfsg-2ubuntu0.13 libgssrpc4 1.8.1+dfsg-2ubuntu0.13 libk5crypto3 1.8.1+dfsg-2ubuntu0.13 libkadm5clnt-mit7 1.8.1+dfsg-2ubuntu0.13 libkadm5srv-mit7 1.8.1+dfsg-2ubuntu0.13 libkdb5-4 1.8.1+dfsg-2ubuntu0.13 libkrb5-3 1.8.1+dfsg-2ubuntu0.13 libkrb5support0 1.8.1+dfsg-2ubuntu0.13
In general, a standard system update will make all the necessary changes.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345 http://advisories.mageia.org/MGASA-2014-0345.html
Updated Packages:
Mandriva Business Server 1/X86_64: 3d717913ec53cd745cbaa0ea46321815 mbs1/x86_64/krb5-1.9.2-3.5.mbs1.x86_64.rpm e11b2338f4265d9241013211644543d9 mbs1/x86_64/krb5-pkinit-openssl-1.9.2-3.5.mbs1.x86_64.rpm 3dd7ce5af9b798a3be7fb22f3598e3a7 mbs1/x86_64/krb5-server-1.9.2-3.5.mbs1.x86_64.rpm a86c6a16fa6091672020b97d5873fc7f mbs1/x86_64/krb5-server-ldap-1.9.2-3.5.mbs1.x86_64.rpm c56d0f9b2f4f5b7145db65efd8d3627f mbs1/x86_64/krb5-workstation-1.9.2-3.5.mbs1.x86_64.rpm 67a0a6fc9192328cedd811db760089b4 mbs1/x86_64/lib64krb53-1.9.2-3.5.mbs1.x86_64.rpm ff121251269cab55a574bc5a06c739b0 mbs1/x86_64/lib64krb53-devel-1.9.2-3.5.mbs1.x86_64.rpm 0308ef62a73141b5f0915251796608c7 mbs1/SRPMS/krb5-1.9.2-3.5.mbs1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
MITKRB5-SA-2014-001
MIT krb5 Security Advisory 2014-001 Original release: 2014-08-07 Last update: 2014-08-07
Topic: Buffer overrun in kadmind with LDAP backend
CVSSv2 Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C
CVSSv2 Base Score: 8.5
Access Vector: Network Access Complexity: Medium Authentication: Single Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
CVSSv2 Temporal Score: 6.7
Exploitability: Proof-of-Concept Remediation Level: Official Fix Report Confidence: Confirmed
SUMMARY
In MIT krb5, when kadmind is configured to use LDAP for the KDC database, an authenticated remote attacker can cause it to perform an out-of-bounds write (buffer overflow). This is not a protocol vulnerability. Using LDAP for the KDC database is a non-default configuration for the KDC.
IMPACT
Historically, it has been possible to convert an out-of-bounds write into remote code execution in some cases, though the necessary exploits must be tailored to the individual application and are usually quite complicated. Depending on the allocated length of the array, an out-of-bounds write may also cause a segmentation fault and/or application crash.
AFFECTED SOFTWARE
- The kadmind daemon from MIT krb5 releases 1.6 to 1.12.2, when configured to use the LDAP backend for the KDB, is vulnerable. Releases of MIT krb5 prior to 1.6 did not provide the ability to use LDAP for the KDB backend.
FIXES
-
Workaround: disable or restrict access to kadmind until a patched version can be installed. This will prevent principal creation, password changes, keytab updates, and other administrative operations.
-
The krb5-1.12.2 and krb5-1.11.6 releases will contain a fix for this vulnerability.
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c index ce851ea..df5934c 100644 - --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c @@ -456,7 +456,8 @@ krb5_encode_krbsecretkey(krb5_key_data *key_data_in, int n_key_data, j++; last = i + 1;
-
- currkvno = key_data[i].key_data_kvno;
- if (i < n_key_data - 1)
- currkvno = key_data[i + 1].key_data_kvno; } } ret[num_versions] = NULL;
This patch is also available at
http://web.mit.edu/kerberos/advisories/2014-001-patch.txt
A PGP-signed patch is available at
http://web.mit.edu/kerberos/advisories/2014-001-patch.txt.asc
REFERENCES
This announcement is posted at:
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2014-001.txt
This announcement and related security advisories may be found on the MIT Kerberos security advisory page at:
http://web.mit.edu/kerberos/advisories/index.html
The main MIT Kerberos web page is at:
http://web.mit.edu/kerberos/index.html
CVSSv2:
http://www.first.org/cvss/cvss-guide.html
http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2
CVE: CVE-2014-4345 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345
ACKNOWLEDGMENTS
This off-by-one error was reported by Tomas Kuthan as github pull request #181 and recognized as a vulnerability by Greg Hudson. When sending sensitive information, please PGP-encrypt it using the following key:
pub 2048R/C436A9C6 2014-01-07 [expires: 2015-02-01] Key fingerprint = 1849 02FF 0CA8 A385 F28D 2E7E 2AF0 C1EA C436 A9C6 uid MIT Kerberos Team Security Contact krbcore-security@mit.edu
DETAILS
The 'cpw -keepold' functionality allows for the existing keys to be retained at password-change (or keytab-change) time, instead of being discarded as usual. An array must be allocated to store all the old keys, as well as the new keys and a NULL terminator. In normal operation, all the keys for a single kvno will share an array slot. An off-by-one error while copying key information to the new array results in keys sharing a common kvno being written to different array buckets, with the first key of a kvno betting a single bucket, and the remaining keys getting the next bucket. After sufficient iterations, the extra writes extend past the end of the (NULL-terminated) array. The NULL terminator is always written after the end of the loop, so no out-of-bounds data is read, it is only written.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-crypt/mit-krb5 < 1.13 >= 1.13
Description
Multiple vulnerabilities have been discovered in MIT Kerberos 5. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All MIT Kerberos 5 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-crypt/mit-krb5-1.13"
References
[ 1 ] CVE-2014-4341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4341 [ 2 ] CVE-2014-4343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4343 [ 3 ] CVE-2014-4345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4345 [ 4 ] CVE-2014-5351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5351
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201412-53.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: krb5 security, bug fix and enhancement update Advisory ID: RHSA-2015:0439-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0439.html Issue date: 2015-03-05 CVE Names: CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345 CVE-2014-5352 CVE-2014-5353 CVE-2014-9421 CVE-2014-9422 CVE-2014-9423 =====================================================================
- Summary:
Updated krb5 packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
Kerberos is a networked authentication system which allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos KDC.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO acceptor for continuation tokens. A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application. (CVE-2014-4344)
A buffer overflow was found in the KADM5 administration server (kadmind) when it was used with an LDAP back end for the KDC database. (CVE-2014-4345)
A use-after-free flaw was found in the way the MIT Kerberos libgssapi_krb5 library processed valid context deletion tokens. An attacker able to make an application using the GSS-API library (libgssapi) call the gss_process_context_token() function could use this flaw to crash that application. (CVE-2014-5352)
If kadmind were used with an LDAP back end for the KDC database, a remote, authenticated attacker with the permissions to set the password policy could crash kadmind by attempting to use a named ticket policy object as a password policy for a principal. (CVE-2014-5353)
A double-free flaw was found in the way MIT Kerberos handled invalid External Data Representation (XDR) data. An authenticated user could use this flaw to crash the MIT Kerberos administration server (kadmind), or other applications using Kerberos libraries, using specially crafted XDR packets. (CVE-2014-9421)
It was found that the MIT Kerberos administration server (kadmind) incorrectly accepted certain authentication requests for two-component server principal names. A remote attacker able to acquire a key with a particularly named principal (such as "kad/x") could use this flaw to impersonate any user to kadmind, and perform administrative actions as that user. (CVE-2014-9422)
An information disclosure flaw was found in the way MIT Kerberos RPCSEC_GSS implementation (libgssrpc) handled certain requests. An attacker could send a specially crafted request to an application using libgssrpc to disclose a limited portion of uninitialized memory used by that application. (CVE-2014-9423)
Two buffer over-read flaws were found in the way MIT Kerberos handled certain requests. A remote, unauthenticated attacker able to inject packets into a client or server application's GSSAPI session could use either of these flaws to crash the application. An attacker able to spoof packets to appear as though they are from an GSSAPI acceptor could use this flaw to crash a client application that uses MIT Kerberos. (CVE-2014-4343)
Red Hat would like to thank the MIT Kerberos project for reporting the CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, and CVE-2014-9423 issues. MIT Kerberos project acknowledges Nico Williams for helping with the analysis of CVE-2014-5352.
The krb5 packages have been upgraded to upstream version 1.12, which provides a number of bug fixes and enhancements, including:
-
Added plug-in interfaces for principal-to-username mapping and verifying authorization to user accounts.
-
When communicating with a KDC over a connected TCP or HTTPS socket, the client gives the KDC more time to reply before it transmits the request to another server. (BZ#1049709, BZ#1127995)
This update also fixes multiple bugs, for example:
- The Kerberos client library did not recognize certain exit statuses that the resolver libraries could return when looking up the addresses of servers configured in the /etc/krb5.conf file or locating Kerberos servers using DNS service location. The library could treat non-fatal return codes as fatal errors. Now, the library interprets the specific return codes correctly. (BZ#1084068, BZ#1109102)
In addition, this update adds various enhancements. Among others:
-
Added support for contacting KDCs and kpasswd servers through HTTPS proxies implementing the Kerberos KDC Proxy (KKDCP) protocol. (BZ#1109919)
-
Solution:
All krb5 users are advised to upgrade to these updated packages, which correct these issues and add these enhancements.
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1084068 - ipv6 address handling in krb5.conf 1102837 - Please backport improved GSSAPI mech configuration 1109102 - Kerberos does not handle incorrect Active Directory DNS SRV entries correctly 1109919 - Backport https support into libkrb5 1116180 - CVE-2014-4341 krb5: denial of service flaws when handling padding length longer than the plaintext 1118347 - ksu non-functional, gets invalid argument copying cred cache 1120581 - CVE-2014-4342 krb5: denial of service flaws when handling RFC 1964 tokens 1121789 - CVE-2014-4343: use-after-free crash in SPNEGO 1121876 - CVE-2014-4343 krb5: double-free flaw in SPNEGO initiators 1121877 - CVE-2014-4344 krb5: NULL pointer dereference flaw in SPNEGO acceptor for continuation tokens 1127995 - aggressive kinit timeout causes AS_REQ resent and subsequent OTP auth failure 1128157 - CVE-2014-4345 krb5: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001) 1166012 - libkadmclnt SONAME change (8 to 9) in krb5 1.12 update 1174543 - CVE-2014-5353 krb5: NULL pointer dereference when using a ticket policy name as a password policy name 1179856 - CVE-2014-5352 krb5: gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001) 1179857 - CVE-2014-9421 krb5: kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001) 1179861 - CVE-2014-9422 krb5: kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001) 1179863 - CVE-2014-9423 krb5: libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001) 1184629 - kinit loops on principals on unknown error
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: krb5-1.12.2-14.el7.src.rpm
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: krb5-1.12.2-14.el7.src.rpm
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: krb5-1.12.2-14.el7.src.rpm
ppc64: krb5-debuginfo-1.12.2-14.el7.ppc.rpm krb5-debuginfo-1.12.2-14.el7.ppc64.rpm krb5-devel-1.12.2-14.el7.ppc.rpm krb5-devel-1.12.2-14.el7.ppc64.rpm krb5-libs-1.12.2-14.el7.ppc.rpm krb5-libs-1.12.2-14.el7.ppc64.rpm krb5-pkinit-1.12.2-14.el7.ppc64.rpm krb5-server-1.12.2-14.el7.ppc64.rpm krb5-server-ldap-1.12.2-14.el7.ppc64.rpm krb5-workstation-1.12.2-14.el7.ppc64.rpm
s390x: krb5-debuginfo-1.12.2-14.el7.s390.rpm krb5-debuginfo-1.12.2-14.el7.s390x.rpm krb5-devel-1.12.2-14.el7.s390.rpm krb5-devel-1.12.2-14.el7.s390x.rpm krb5-libs-1.12.2-14.el7.s390.rpm krb5-libs-1.12.2-14.el7.s390x.rpm krb5-pkinit-1.12.2-14.el7.s390x.rpm krb5-server-1.12.2-14.el7.s390x.rpm krb5-server-ldap-1.12.2-14.el7.s390x.rpm krb5-workstation-1.12.2-14.el7.s390x.rpm
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: krb5-1.12.2-14.el7.src.rpm
x86_64: krb5-debuginfo-1.12.2-14.el7.i686.rpm krb5-debuginfo-1.12.2-14.el7.x86_64.rpm krb5-devel-1.12.2-14.el7.i686.rpm krb5-devel-1.12.2-14.el7.x86_64.rpm krb5-libs-1.12.2-14.el7.i686.rpm krb5-libs-1.12.2-14.el7.x86_64.rpm krb5-pkinit-1.12.2-14.el7.x86_64.rpm krb5-server-1.12.2-14.el7.x86_64.rpm krb5-server-ldap-1.12.2-14.el7.x86_64.rpm krb5-workstation-1.12.2-14.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-4341 https://access.redhat.com/security/cve/CVE-2014-4342 https://access.redhat.com/security/cve/CVE-2014-4343 https://access.redhat.com/security/cve/CVE-2014-4344 https://access.redhat.com/security/cve/CVE-2014-4345 https://access.redhat.com/security/cve/CVE-2014-5352 https://access.redhat.com/security/cve/CVE-2014-5353 https://access.redhat.com/security/cve/CVE-2014-9421 https://access.redhat.com/security/cve/CVE-2014-9422 https://access.redhat.com/security/cve/CVE-2014-9423 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFU+GoxXlSAg2UNWIIRAtkZAJ9PYyHLsR1t+YWgqw4jb4XTtX8iuACgkxfi gZD8EL2lSaLXnIQxca8zLTg= =aK0y -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 6) - i386, x86_64
It was found that if a KDC served multiple realms, certain requests could cause the setup_server_realm() function to dereference a NULL pointer. (CVE-2014-4343)
These updated krb5 packages also include several bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.6 Technical Notes, linked to in the References section, for information on the most significant of these changes
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201408-0300", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.9.3", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.10", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.6.2", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11.1", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.12", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.12.1", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11.5", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.10.4", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.9", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.8", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.10.1", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11.3", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11.4", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.10.2", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.9.1", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.9.4", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.7", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.8.6", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.10.3", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.11.2", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.8.1", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.8.2", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.8.4", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.8.3", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.7.1", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.9.2", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.6.1", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.6", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.8.5", }, { model: "kerberos", scope: "lt", trust: 0.8, vendor: "mit kerberos", version: "1.6.x from 1.11.x", }, { model: "kerberos", scope: "lt", trust: 0.8, vendor: "mit kerberos", version: "1.12.x", }, { model: "kerberos", scope: "eq", trust: 0.8, vendor: "mit kerberos", version: "5 1.11.6", }, { model: "kerberos", scope: "eq", trust: 0.8, vendor: "mit kerberos", version: "5 1.12.2", }, { model: "kerberos", scope: "eq", trust: 0.6, vendor: "mit", version: "5-1.10.3", }, { model: "kerberos", scope: "eq", trust: 0.6, vendor: "mit", version: "5-1.9.2", }, { model: "kerberos", scope: "eq", trust: 0.6, vendor: "mit", version: "5-1.12", }, { model: "kerberos", scope: "eq", trust: 0.6, vendor: "mit", version: "5-1.11.5", }, { model: "kerberos", scope: "eq", trust: 0.6, vendor: "mit", version: "5-1.11.4", }, { model: "kerberos", scope: "eq", trust: 0.6, vendor: "mit", version: "5-1.10.2", }, { model: "kerberos", scope: "eq", trust: 0.6, vendor: "mit", version: "5-1.12.1", }, { model: "kerberos", scope: "eq", trust: 0.6, vendor: "mit", version: "5-1.11.3", }, { model: "kerberos", scope: "eq", trust: 0.6, vendor: "mit", version: "5-1.10.1", }, { model: "kerberos", scope: "eq", trust: 0.6, vendor: "mit", version: "5-1.10", }, { model: "aura collaboration environment", scope: "eq", trust: 0.3, vendor: "avaya", version: "3.0", }, { model: "big-ip wom hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "big-ip aam", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "enterprise linux server", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "big-ip afm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "big-ip gtm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0", }, { model: "big-ip apm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "45-1.11.4", }, { model: "big-ip webaccelerator hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip gtm hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.6.0", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0", }, { model: "big-ip link controller hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip afm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.6.0", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "big-iq device", scope: "eq", trust: 0.3, vendor: "f5", version: "4.2", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.0", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "big-ip asm hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "linux enterprise software development kit sp3", scope: "eq", trust: 0.3, vendor: "suse", version: "11", }, { model: "big-ip edge gateway hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip apm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip afm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "krb5", scope: "eq", trust: 0.3, vendor: "mit", version: "1.12.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "45-1.10.1", }, { model: "big-ip ltm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip psm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "business server", scope: "eq", trust: 0.3, vendor: "mandriva", version: "1", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "55-1.8.3", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip apm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip ltm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip webaccelerator hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.0", }, { model: "enterprise manager", scope: "eq", trust: 0.3, vendor: "f5", version: "2.1", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.1", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.40", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.4", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "45-1.10.3", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip ltm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip analytics hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip link controller hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip link controller hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "communications webrtc session controller", scope: "eq", trust: 0.3, vendor: "oracle", version: "7.0", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.3", }, { model: "linux enterprise server sp3 for vmware", scope: "eq", trust: 0.3, vendor: "suse", version: "11", }, { model: "big-ip asm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip ltm hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "enterprise linux desktop", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.2", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip afm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "enterprise manager", scope: "eq", trust: 0.3, vendor: "f5", version: "3.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "55-1.9", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip aam", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "big-ip gtm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "45-1.12", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "6.2", }, { model: "big-ip pem", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "big-ip ltm hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.6.0", }, { model: "big-ip analytics hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "55-1.8.1", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip gtm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "45-1.11", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "enterprise linux workstation", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "big-ip link controller hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "enterprise linux desktop client", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "big-iq device", scope: "eq", trust: 0.3, vendor: "f5", version: "4.3", }, { model: "big-ip edge gateway hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "big-ip aam", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.0", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "big-ip ltm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "ip office server edition", scope: "eq", trust: 0.3, vendor: "avaya", version: "9.0", }, { model: "big-ip aam", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.00", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "big-ip asm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0.0", }, { model: "big-ip psm hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip gtm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip apm hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip psm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip wom hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "big-ip asm hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "45-1.9.2", }, { model: "cms r17", scope: null, trust: 0.3, vendor: "avaya", version: null, }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "45-1.9.3", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "7", }, { model: "big-ip link controller hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.00", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "big-ip edge gateway hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "10.1", }, { model: "big-ip webaccelerator hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "linux enterprise server sp3", scope: "eq", trust: 0.3, vendor: "suse", version: "11", }, { model: "big-ip afm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "big-ip wom hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "linux lts", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "12.04", }, { model: "big-ip link controller hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip edge gateway hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "aura conferencing", scope: "eq", trust: 0.3, vendor: "avaya", version: "8.0", }, { model: "big-iq security", scope: "eq", trust: 0.3, vendor: "f5", version: "4.3", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "45-1.10.2", }, { model: "big-ip psm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip webaccelerator hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip wom hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "45-1.8.5", }, { model: "big-ip analytics 11.0.0-hf2", scope: null, trust: 0.3, vendor: "f5", version: null, }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip afm hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "ip office server edition", scope: "eq", trust: 0.3, vendor: "avaya", version: "8.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "45-1.11.3", }, { model: "big-ip asm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "one-x client enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "big-ip analytics hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip analytics hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "enterprise linux hpc node optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "big-ip pem", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "big-ip edge gateway hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip apm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3.1", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "5", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip psm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip ltm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip pem", scope: "eq", trust: 0.3, vendor: "f5", version: "11.6.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "45-1.9.1", }, { model: "business server", scope: "eq", trust: 0.3, vendor: "mandriva", version: "1x8664", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "big-ip apm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "aura collaboration environment", scope: "eq", trust: 0.3, vendor: "avaya", version: "2.0", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "45-1.10", }, { model: "linux enterprise desktop sp3", scope: "eq", trust: 0.3, vendor: "suse", version: "11", }, { model: "big-ip asm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.1.1", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.6.0", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.00", }, { model: "bladecenter advanced management module 3.66g", scope: null, trust: 0.3, vendor: "ibm", version: null, }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip link controller hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip ltm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-iq cloud", scope: "eq", trust: 0.3, vendor: "f5", version: "4.0", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip apm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "krb5", scope: "ne", trust: 0.3, vendor: "mit", version: "1.12.2", }, { model: "big-ip gtm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.0", }, { model: "big-ip link controller hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.6.0", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.2", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "6", }, { model: "big-ip wom hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "55-1.7.1", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-iq cloud", scope: "eq", trust: 0.3, vendor: "f5", version: "4.2", }, { model: "linux lts", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "14.04", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "45-1.8.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "45-1.11.5", }, { model: "big-ip asm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.00", }, { model: "big-ip analytics hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "45-1.12.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "55-1.7", }, { model: "big-ip gtm hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-iq cloud", scope: "eq", trust: 0.3, vendor: "f5", version: "4.1", }, { model: "big-ip webaccelerator hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "big-ip gtm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.3.3", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip link controller hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip asm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "kerberos", scope: "ne", trust: 0.3, vendor: "mit", version: "51.11.6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "45-1.11.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "45-1.8.4", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "big-ip psm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "big-ip pem", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "solaris", scope: "ne", trust: 0.3, vendor: "oracle", version: "11.2.4.6.0", }, { model: "big-ip apm hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "45-1.10.4", }, { model: "big-ip analytics hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "45-1.11.1", }, { model: "big-ip psm hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "centos", scope: "eq", trust: 0.3, vendor: "centos", version: "5", }, { model: "big-ip asm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.2", }, { model: "big-ip edge gateway", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "linux lts", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "10.04", }, { model: "big-ip webaccelerator hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "oracle", version: "11.2", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "45-1.9.4", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "big-ip apm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.1", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.6", }, { model: "arx", scope: "eq", trust: 0.3, vendor: "f5", version: "6.1", }, { model: "big-ip analytics hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.2", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0.00", }, { model: "big-ip asm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip ltm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "55-1.8.2", }, { model: "big-iq security", scope: "eq", trust: 0.3, vendor: "f5", version: "4.0", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "55-1.8", }, { model: "big-ip analytics hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1", }, { model: "big-ip wom", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "enterprise manager", scope: "eq", trust: 0.3, vendor: "f5", version: "2.3", }, { model: "big-ip psm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.6.0", }, { model: "big-ip gtm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-iq cloud", scope: "eq", trust: 0.3, vendor: "f5", version: "4.3", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "big-ip ltm hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip apm hf2", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.0", }, { model: "big-ip wom hf1", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "enterprise linux desktop optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.6.1", }, { model: "big-iq security", scope: "eq", trust: 0.3, vendor: "f5", version: "4.2", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "10.0", }, { model: "linux", scope: null, trust: 0.3, vendor: "gentoo", version: null, }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "big-ip analytics hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "enterprise linux hpc node", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "big-ip apm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "communications webrtc session controller", scope: "eq", trust: 0.3, vendor: "oracle", version: "7.1", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip pem", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5", }, { model: "big-ip gtm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "enterprise linux server", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "big-iq security", scope: "eq", trust: 0.3, vendor: "f5", version: "4.1", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.4", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0.00", }, { model: "big-ip link controller", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "communications webrtc session controller", scope: "eq", trust: 0.3, vendor: "oracle", version: "7.2", }, { model: "big-ip link controller hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2", }, { model: "big-ip gtm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "ip office application server", scope: "eq", trust: 0.3, vendor: "avaya", version: "9.0", }, { model: "big-ip psm hf5", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "enterprise manager", scope: "eq", trust: 0.3, vendor: "f5", version: "3.1.1", }, { model: "big-ip analytics", scope: "eq", trust: 0.3, vendor: "f5", version: "11.4.1", }, { model: "enterprise linux desktop workstation client", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "enterprise manager", scope: "eq", trust: 0.3, vendor: "f5", version: "3.1", }, { model: "big-ip pem hf4", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3.0", }, { model: "big-ip edge gateway hf7", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1.0", }, { model: "big-ip ltm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.0", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "10.2.1", }, { model: "big-ip webaccelerator", scope: "eq", trust: 0.3, vendor: "f5", version: "11.3", }, { model: "big-ip edge gateway hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip aam", scope: "eq", trust: 0.3, vendor: "f5", version: "11.6.0", }, { model: "big-ip psm hf3", scope: "eq", trust: 0.3, vendor: "f5", version: "11.2.1", }, { model: "big-ip psm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.1", }, { model: "big-ip asm", scope: "eq", trust: 0.3, vendor: "f5", version: "11.5.1", }, ], sources: [ { db: "BID", id: "69168", }, { db: "JVNDB", id: "JVNDB-2014-003820", }, { db: "CNNVD", id: "CNNVD-201408-122", }, { db: "NVD", id: "CVE-2014-4345", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2014-4345", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Tomas Kuthan", sources: [ { db: "BID", id: "69168", }, ], trust: 0.3, }, cve: "CVE-2014-4345", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 8.5, confidentialityImpact: "COMPLETE", exploitabilityScore: 6.8, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:M/Au:S/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Complete", baseScore: 8.5, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2014-4345", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:S/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2014-4345", trust: 1.8, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201408-122", trust: 0.6, value: "HIGH", }, { author: "VULMON", id: "CVE-2014-4345", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "VULMON", id: "CVE-2014-4345", }, { db: "JVNDB", id: "JVNDB-2014-003820", }, { db: "CNNVD", id: "CNNVD-201408-122", }, { db: "NVD", id: "CVE-2014-4345", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Off-by-one error in the krb5_encode_krbsecretkey function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to cause a denial of service (buffer overflow) or possibly execute arbitrary code via a series of \"cpw -keepold\" commands. MIT kerberos 5 is prone to a buffer overflow vulnerability due to a out-of-bounds write memory access condition. \nAttackers can exploit this issue to execute arbitrary code within the context of the user. Failed attempts will likely cause a denial-of-service condition. \nMIT kerberos 5 1.6 through 1.12.1 are vulnerable. \n\nCVE-2014-4343\n\n An unauthenticated remote attacker with the ability to spoof packets\n appearing to be from a GSSAPI acceptor can cause a double-free\n condition in GSSAPI initiators (clients) which are using the SPNEGO\n mechanism, by returning a different underlying mechanism than was\n proposed by the initiator. \n\nCVE-2014-4344\n\n An unauthenticated or partially authenticated remote attacker can\n cause a NULL dereference and application crash during a SPNEGO\n negotiation by sending an empty token as the second or later context\n token from initiator to acceptor. \n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 1.10.1+dfsg-5+deb7u2. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.12.1+dfsg-7. ==========================================================================\nUbuntu Security Notice USN-2310-1\nAugust 11, 2014\n\nkrb5 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Kerberos. This issue only affected Ubuntu\n12.04 LTS. This\nissue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. This issue only affected\nUbuntu 10.04 LTS and Ubuntu 12.04 LTS. \nThis issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. \n(CVE-2014-4344)\n\nTomas Kuthan and Greg Hudson discovered that the Kerberos kadmind daemon\nincorrectly handled buffers when used with the LDAP backend. (CVE-2014-4345)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n krb5-admin-server 1.12+dfsg-2ubuntu4.2\n krb5-kdc 1.12+dfsg-2ubuntu4.2\n krb5-kdc-ldap 1.12+dfsg-2ubuntu4.2\n krb5-otp 1.12+dfsg-2ubuntu4.2\n krb5-pkinit 1.12+dfsg-2ubuntu4.2\n krb5-user 1.12+dfsg-2ubuntu4.2\n libgssapi-krb5-2 1.12+dfsg-2ubuntu4.2\n libgssrpc4 1.12+dfsg-2ubuntu4.2\n libk5crypto3 1.12+dfsg-2ubuntu4.2\n libkadm5clnt-mit9 1.12+dfsg-2ubuntu4.2\n libkadm5srv-mit9 1.12+dfsg-2ubuntu4.2\n libkdb5-7 1.12+dfsg-2ubuntu4.2\n libkrad0 1.12+dfsg-2ubuntu4.2\n libkrb5-3 1.12+dfsg-2ubuntu4.2\n libkrb5support0 1.12+dfsg-2ubuntu4.2\n\nUbuntu 12.04 LTS:\n krb5-admin-server 1.10+dfsg~beta1-2ubuntu0.5\n krb5-kdc 1.10+dfsg~beta1-2ubuntu0.5\n krb5-kdc-ldap 1.10+dfsg~beta1-2ubuntu0.5\n krb5-pkinit 1.10+dfsg~beta1-2ubuntu0.5\n krb5-user 1.10+dfsg~beta1-2ubuntu0.5\n libgssapi-krb5-2 1.10+dfsg~beta1-2ubuntu0.5\n libgssrpc4 1.10+dfsg~beta1-2ubuntu0.5\n libk5crypto3 1.10+dfsg~beta1-2ubuntu0.5\n libkadm5clnt-mit8 1.10+dfsg~beta1-2ubuntu0.5\n libkadm5srv-mit8 1.10+dfsg~beta1-2ubuntu0.5\n libkdb5-6 1.10+dfsg~beta1-2ubuntu0.5\n libkrb5-3 1.10+dfsg~beta1-2ubuntu0.5\n libkrb5support0 1.10+dfsg~beta1-2ubuntu0.5\n\nUbuntu 10.04 LTS:\n krb5-admin-server 1.8.1+dfsg-2ubuntu0.13\n krb5-kdc 1.8.1+dfsg-2ubuntu0.13\n krb5-kdc-ldap 1.8.1+dfsg-2ubuntu0.13\n krb5-pkinit 1.8.1+dfsg-2ubuntu0.13\n krb5-user 1.8.1+dfsg-2ubuntu0.13\n libgssapi-krb5-2 1.8.1+dfsg-2ubuntu0.13\n libgssrpc4 1.8.1+dfsg-2ubuntu0.13\n libk5crypto3 1.8.1+dfsg-2ubuntu0.13\n libkadm5clnt-mit7 1.8.1+dfsg-2ubuntu0.13\n libkadm5srv-mit7 1.8.1+dfsg-2ubuntu0.13\n libkdb5-4 1.8.1+dfsg-2ubuntu0.13\n libkrb5-3 1.8.1+dfsg-2ubuntu0.13\n libkrb5support0 1.8.1+dfsg-2ubuntu0.13\n\nIn general, a standard system update will make all the necessary changes. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345\n http://advisories.mageia.org/MGASA-2014-0345.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n 3d717913ec53cd745cbaa0ea46321815 mbs1/x86_64/krb5-1.9.2-3.5.mbs1.x86_64.rpm\n e11b2338f4265d9241013211644543d9 mbs1/x86_64/krb5-pkinit-openssl-1.9.2-3.5.mbs1.x86_64.rpm\n 3dd7ce5af9b798a3be7fb22f3598e3a7 mbs1/x86_64/krb5-server-1.9.2-3.5.mbs1.x86_64.rpm\n a86c6a16fa6091672020b97d5873fc7f mbs1/x86_64/krb5-server-ldap-1.9.2-3.5.mbs1.x86_64.rpm\n c56d0f9b2f4f5b7145db65efd8d3627f mbs1/x86_64/krb5-workstation-1.9.2-3.5.mbs1.x86_64.rpm\n 67a0a6fc9192328cedd811db760089b4 mbs1/x86_64/lib64krb53-1.9.2-3.5.mbs1.x86_64.rpm\n ff121251269cab55a574bc5a06c739b0 mbs1/x86_64/lib64krb53-devel-1.9.2-3.5.mbs1.x86_64.rpm \n 0308ef62a73141b5f0915251796608c7 mbs1/SRPMS/krb5-1.9.2-3.5.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nMITKRB5-SA-2014-001\n\nMIT krb5 Security Advisory 2014-001\nOriginal release: 2014-08-07\nLast update: 2014-08-07\n\nTopic: Buffer overrun in kadmind with LDAP backend\n\nCVSSv2 Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C\n\nCVSSv2 Base Score: 8.5\n\nAccess Vector: Network\nAccess Complexity: Medium\nAuthentication: Single\nConfidentiality Impact: Complete\nIntegrity Impact: Complete\nAvailability Impact: Complete\n\nCVSSv2 Temporal Score: 6.7\n\nExploitability: Proof-of-Concept\nRemediation Level: Official Fix\nReport Confidence: Confirmed\n\nSUMMARY\n=======\n\nIn MIT krb5, when kadmind is configured to use LDAP for the KDC\ndatabase, an authenticated remote attacker can cause it to perform an\nout-of-bounds write (buffer overflow). This is not a protocol\nvulnerability. Using LDAP for the KDC database is a non-default\nconfiguration for the KDC. \n\nIMPACT\n======\n\nHistorically, it has been possible to convert an out-of-bounds write\ninto remote code execution in some cases, though the necessary exploits\nmust be tailored to the individual application and are usually quite\ncomplicated. Depending on the allocated length of the array, an\nout-of-bounds write may also cause a segmentation fault and/or\napplication crash. \n\nAFFECTED SOFTWARE\n=================\n\n* The kadmind daemon from MIT krb5 releases 1.6 to 1.12.2, when\n configured to use the LDAP backend for the KDB, is vulnerable. \n Releases of MIT krb5 prior to 1.6 did not provide the ability to use\n LDAP for the KDB backend. \n\nFIXES\n=====\n\n* Workaround: disable or restrict access to kadmind until a patched\n version can be installed. This will prevent principal creation,\n password changes, keytab updates, and other administrative operations. \n\n* The krb5-1.12.2 and krb5-1.11.6 releases will contain a fix for this\n vulnerability. \n\ndiff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c\nindex ce851ea..df5934c 100644\n- --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c\n+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c\n@@ -456,7 +456,8 @@ krb5_encode_krbsecretkey(krb5_key_data *key_data_in, int n_key_data,\n j++;\n last = i + 1;\n\n- - currkvno = key_data[i].key_data_kvno;\n+ if (i < n_key_data - 1)\n+ currkvno = key_data[i + 1].key_data_kvno;\n }\n }\n ret[num_versions] = NULL;\n\n This patch is also available at\n\n http://web.mit.edu/kerberos/advisories/2014-001-patch.txt\n\n A PGP-signed patch is available at\n\n http://web.mit.edu/kerberos/advisories/2014-001-patch.txt.asc\n\nREFERENCES\n==========\n\nThis announcement is posted at:\n\n http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2014-001.txt\n\nThis announcement and related security advisories may be found on the\nMIT Kerberos security advisory page at:\n\n http://web.mit.edu/kerberos/advisories/index.html\n\nThe main MIT Kerberos web page is at:\n\n http://web.mit.edu/kerberos/index.html\n\nCVSSv2:\n\n http://www.first.org/cvss/cvss-guide.html\n http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2\n\nCVE: CVE-2014-4345\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345\n\nACKNOWLEDGMENTS\n===============\n\nThis off-by-one error was reported by Tomas Kuthan as github pull\nrequest #181 and recognized as a vulnerability by Greg Hudson. When sending sensitive information,\nplease PGP-encrypt it using the following key:\n\npub 2048R/C436A9C6 2014-01-07 [expires: 2015-02-01]\n Key fingerprint = 1849 02FF 0CA8 A385 F28D 2E7E 2AF0 C1EA C436 A9C6\nuid MIT Kerberos Team Security Contact <krbcore-security@mit.edu>\n\nDETAILS\n=======\n\nThe 'cpw -keepold' functionality allows for the existing keys to be\nretained at password-change (or keytab-change) time, instead of being\ndiscarded as usual. An array must be allocated to store all the old\nkeys, as well as the new keys and a NULL terminator. In normal\noperation, all the keys for a single kvno will share an array slot. An\noff-by-one error while copying key information to the new array results\nin keys sharing a common kvno being written to different array buckets,\nwith the first key of a kvno betting a single bucket, and the remaining\nkeys getting the next bucket. After sufficient iterations, the extra\nwrites extend past the end of the (NULL-terminated) array. The NULL\nterminator is always written after the end of the loop, so no\nout-of-bounds data is read, it is only written. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-crypt/mit-krb5 < 1.13 >= 1.13 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in MIT Kerberos 5. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll MIT Kerberos 5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-crypt/mit-krb5-1.13\"\n\nReferences\n==========\n\n[ 1 ] CVE-2014-4341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4341\n[ 2 ] CVE-2014-4343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4343\n[ 3 ] CVE-2014-4345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4345\n[ 4 ] CVE-2014-5351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5351\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201412-53.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users' machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: krb5 security, bug fix and enhancement update\nAdvisory ID: RHSA-2015:0439-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-0439.html\nIssue date: 2015-03-05\nCVE Names: CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 \n CVE-2014-4344 CVE-2014-4345 CVE-2014-5352 \n CVE-2014-5353 CVE-2014-9421 CVE-2014-9422 \n CVE-2014-9423 \n=====================================================================\n\n1. Summary:\n\nUpdated krb5 packages that fix multiple security issues, several bugs, and\nadd various enhancements are now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\nKerberos is a networked authentication system which allows clients and\nservers to authenticate to each other with the help of a trusted third\nparty, the Kerberos KDC. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nA NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO\nacceptor for continuation tokens. A remote, unauthenticated attacker could\nuse this flaw to crash a GSSAPI-enabled server application. (CVE-2014-4344)\n\nA buffer overflow was found in the KADM5 administration server (kadmind)\nwhen it was used with an LDAP back end for the KDC database. (CVE-2014-4345)\n\nA use-after-free flaw was found in the way the MIT Kerberos libgssapi_krb5\nlibrary processed valid context deletion tokens. An attacker able to make\nan application using the GSS-API library (libgssapi) call the\ngss_process_context_token() function could use this flaw to crash that\napplication. (CVE-2014-5352)\n\nIf kadmind were used with an LDAP back end for the KDC database, a remote,\nauthenticated attacker with the permissions to set the password policy\ncould crash kadmind by attempting to use a named ticket policy object as a\npassword policy for a principal. (CVE-2014-5353)\n\nA double-free flaw was found in the way MIT Kerberos handled invalid\nExternal Data Representation (XDR) data. An authenticated user could use\nthis flaw to crash the MIT Kerberos administration server (kadmind), or\nother applications using Kerberos libraries, using specially crafted XDR\npackets. (CVE-2014-9421)\n\nIt was found that the MIT Kerberos administration server (kadmind)\nincorrectly accepted certain authentication requests for two-component\nserver principal names. A remote attacker able to acquire a key with a\nparticularly named principal (such as \"kad/x\") could use this flaw to\nimpersonate any user to kadmind, and perform administrative actions as that\nuser. (CVE-2014-9422)\n\nAn information disclosure flaw was found in the way MIT Kerberos RPCSEC_GSS\nimplementation (libgssrpc) handled certain requests. An attacker could send\na specially crafted request to an application using libgssrpc to disclose a\nlimited portion of uninitialized memory used by that application. \n(CVE-2014-9423)\n\nTwo buffer over-read flaws were found in the way MIT Kerberos handled\ncertain requests. A remote, unauthenticated attacker able to inject packets\ninto a client or server application's GSSAPI session could use either of\nthese flaws to crash the application. An\nattacker able to spoof packets to appear as though they are from an GSSAPI\nacceptor could use this flaw to crash a client application that uses MIT\nKerberos. (CVE-2014-4343)\n\nRed Hat would like to thank the MIT Kerberos project for reporting the\nCVE-2014-5352, CVE-2014-9421, CVE-2014-9422, and CVE-2014-9423 issues. MIT\nKerberos project acknowledges Nico Williams for helping with the analysis\nof CVE-2014-5352. \n\nThe krb5 packages have been upgraded to upstream version 1.12, which\nprovides a number of bug fixes and enhancements, including:\n\n* Added plug-in interfaces for principal-to-username mapping and verifying\nauthorization to user accounts. \n\n* When communicating with a KDC over a connected TCP or HTTPS socket, the\nclient gives the KDC more time to reply before it transmits the request to\nanother server. (BZ#1049709, BZ#1127995)\n\nThis update also fixes multiple bugs, for example:\n\n* The Kerberos client library did not recognize certain exit statuses that\nthe resolver libraries could return when looking up the addresses of\nservers configured in the /etc/krb5.conf file or locating Kerberos servers\nusing DNS service location. The library could treat non-fatal return codes\nas fatal errors. Now, the library interprets the specific return codes\ncorrectly. (BZ#1084068, BZ#1109102)\n\nIn addition, this update adds various enhancements. Among others:\n\n* Added support for contacting KDCs and kpasswd servers through HTTPS\nproxies implementing the Kerberos KDC Proxy (KKDCP) protocol. (BZ#1109919)\n\n4. Solution:\n\nAll krb5 users are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements. \n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1084068 - ipv6 address handling in krb5.conf\n1102837 - Please backport improved GSSAPI mech configuration\n1109102 - Kerberos does not handle incorrect Active Directory DNS SRV entries correctly\n1109919 - Backport https support into libkrb5\n1116180 - CVE-2014-4341 krb5: denial of service flaws when handling padding length longer than the plaintext\n1118347 - ksu non-functional, gets invalid argument copying cred cache\n1120581 - CVE-2014-4342 krb5: denial of service flaws when handling RFC 1964 tokens\n1121789 - CVE-2014-4343: use-after-free crash in SPNEGO\n1121876 - CVE-2014-4343 krb5: double-free flaw in SPNEGO initiators\n1121877 - CVE-2014-4344 krb5: NULL pointer dereference flaw in SPNEGO acceptor for continuation tokens\n1127995 - aggressive kinit timeout causes AS_REQ resent and subsequent OTP auth failure\n1128157 - CVE-2014-4345 krb5: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001)\n1166012 - libkadmclnt SONAME change (8 to 9) in krb5 1.12 update\n1174543 - CVE-2014-5353 krb5: NULL pointer dereference when using a ticket policy name as a password policy name\n1179856 - CVE-2014-5352 krb5: gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)\n1179857 - CVE-2014-9421 krb5: kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)\n1179861 - CVE-2014-9422 krb5: kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)\n1179863 - CVE-2014-9423 krb5: libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)\n1184629 - kinit loops on principals on unknown error\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nkrb5-1.12.2-14.el7.src.rpm\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-libs-1.12.2-14.el7.i686.rpm\nkrb5-libs-1.12.2-14.el7.x86_64.rpm\nkrb5-pkinit-1.12.2-14.el7.x86_64.rpm\nkrb5-workstation-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-devel-1.12.2-14.el7.i686.rpm\nkrb5-devel-1.12.2-14.el7.x86_64.rpm\nkrb5-server-1.12.2-14.el7.x86_64.rpm\nkrb5-server-ldap-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nkrb5-1.12.2-14.el7.src.rpm\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-libs-1.12.2-14.el7.i686.rpm\nkrb5-libs-1.12.2-14.el7.x86_64.rpm\nkrb5-pkinit-1.12.2-14.el7.x86_64.rpm\nkrb5-workstation-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-devel-1.12.2-14.el7.i686.rpm\nkrb5-devel-1.12.2-14.el7.x86_64.rpm\nkrb5-server-1.12.2-14.el7.x86_64.rpm\nkrb5-server-ldap-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nkrb5-1.12.2-14.el7.src.rpm\n\nppc64:\nkrb5-debuginfo-1.12.2-14.el7.ppc.rpm\nkrb5-debuginfo-1.12.2-14.el7.ppc64.rpm\nkrb5-devel-1.12.2-14.el7.ppc.rpm\nkrb5-devel-1.12.2-14.el7.ppc64.rpm\nkrb5-libs-1.12.2-14.el7.ppc.rpm\nkrb5-libs-1.12.2-14.el7.ppc64.rpm\nkrb5-pkinit-1.12.2-14.el7.ppc64.rpm\nkrb5-server-1.12.2-14.el7.ppc64.rpm\nkrb5-server-ldap-1.12.2-14.el7.ppc64.rpm\nkrb5-workstation-1.12.2-14.el7.ppc64.rpm\n\ns390x:\nkrb5-debuginfo-1.12.2-14.el7.s390.rpm\nkrb5-debuginfo-1.12.2-14.el7.s390x.rpm\nkrb5-devel-1.12.2-14.el7.s390.rpm\nkrb5-devel-1.12.2-14.el7.s390x.rpm\nkrb5-libs-1.12.2-14.el7.s390.rpm\nkrb5-libs-1.12.2-14.el7.s390x.rpm\nkrb5-pkinit-1.12.2-14.el7.s390x.rpm\nkrb5-server-1.12.2-14.el7.s390x.rpm\nkrb5-server-ldap-1.12.2-14.el7.s390x.rpm\nkrb5-workstation-1.12.2-14.el7.s390x.rpm\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-devel-1.12.2-14.el7.i686.rpm\nkrb5-devel-1.12.2-14.el7.x86_64.rpm\nkrb5-libs-1.12.2-14.el7.i686.rpm\nkrb5-libs-1.12.2-14.el7.x86_64.rpm\nkrb5-pkinit-1.12.2-14.el7.x86_64.rpm\nkrb5-server-1.12.2-14.el7.x86_64.rpm\nkrb5-server-ldap-1.12.2-14.el7.x86_64.rpm\nkrb5-workstation-1.12.2-14.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nkrb5-1.12.2-14.el7.src.rpm\n\nx86_64:\nkrb5-debuginfo-1.12.2-14.el7.i686.rpm\nkrb5-debuginfo-1.12.2-14.el7.x86_64.rpm\nkrb5-devel-1.12.2-14.el7.i686.rpm\nkrb5-devel-1.12.2-14.el7.x86_64.rpm\nkrb5-libs-1.12.2-14.el7.i686.rpm\nkrb5-libs-1.12.2-14.el7.x86_64.rpm\nkrb5-pkinit-1.12.2-14.el7.x86_64.rpm\nkrb5-server-1.12.2-14.el7.x86_64.rpm\nkrb5-server-ldap-1.12.2-14.el7.x86_64.rpm\nkrb5-workstation-1.12.2-14.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-4341\nhttps://access.redhat.com/security/cve/CVE-2014-4342\nhttps://access.redhat.com/security/cve/CVE-2014-4343\nhttps://access.redhat.com/security/cve/CVE-2014-4344\nhttps://access.redhat.com/security/cve/CVE-2014-4345\nhttps://access.redhat.com/security/cve/CVE-2014-5352\nhttps://access.redhat.com/security/cve/CVE-2014-5353\nhttps://access.redhat.com/security/cve/CVE-2014-9421\nhttps://access.redhat.com/security/cve/CVE-2014-9422\nhttps://access.redhat.com/security/cve/CVE-2014-9423\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFU+GoxXlSAg2UNWIIRAtkZAJ9PYyHLsR1t+YWgqw4jb4XTtX8iuACgkxfi\ngZD8EL2lSaLXnIQxca8zLTg=\n=aK0y\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 6) - i386, x86_64\n\n3. \n\nIt was found that if a KDC served multiple realms, certain requests could\ncause the setup_server_realm() function to dereference a NULL pointer. (CVE-2014-4343)\n\nThese updated krb5 packages also include several bug fixes. Space precludes\ndocumenting all of these changes in this advisory. Users are directed to\nthe Red Hat Enterprise Linux 6.6 Technical Notes, linked to in the\nReferences section, for information on the most significant of these\nchanges", sources: [ { db: "NVD", id: "CVE-2014-4345", }, { db: "JVNDB", id: "JVNDB-2014-003820", }, { db: "BID", id: "69168", }, { db: "VULMON", id: "CVE-2014-4345", }, { db: "PACKETSTORM", id: "127813", }, { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "128077", }, { db: "PACKETSTORM", id: "127832", }, { db: "PACKETSTORM", id: "129774", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, ], trust: 2.61, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2014-4345", trust: 3.5, }, { db: "BID", id: "69168", trust: 2, }, { db: "JUNIPER", id: "JSA10705", trust: 1.7, }, { db: "SECTRACK", id: "1030705", trust: 1.7, }, { db: "SECUNIA", id: "60535", trust: 1.7, }, { db: "SECUNIA", id: "61353", trust: 1.7, }, { db: "SECUNIA", id: "61314", trust: 1.7, }, { db: "SECUNIA", id: "59102", trust: 1.7, }, { db: "SECUNIA", id: "60776", trust: 1.7, }, { db: "SECUNIA", id: "59993", trust: 1.7, }, { db: "SECUNIA", id: "59415", trust: 1.7, }, { db: "OSVDB", id: "109908", trust: 1.7, }, { db: "JVNDB", id: "JVNDB-2014-003820", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201408-122", trust: 0.6, }, { db: "VULMON", id: "CVE-2014-4345", trust: 0.1, }, { db: "PACKETSTORM", id: "127813", trust: 0.1, }, { db: "PACKETSTORM", id: "127825", trust: 0.1, }, { db: "PACKETSTORM", id: "128077", trust: 0.1, }, { db: "PACKETSTORM", id: "127832", trust: 0.1, }, { db: "PACKETSTORM", id: "129774", trust: 0.1, }, { db: "PACKETSTORM", id: "130669", trust: 0.1, }, { db: "PACKETSTORM", id: "128660", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2014-4345", }, { db: "BID", id: "69168", }, { db: "JVNDB", id: "JVNDB-2014-003820", }, { db: "PACKETSTORM", id: "127813", }, { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "128077", }, { db: "PACKETSTORM", id: "127832", }, { db: "PACKETSTORM", id: "129774", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, { db: "CNNVD", id: "CNNVD-201408-122", }, { db: "NVD", id: "CVE-2014-4345", }, ], }, id: "VAR-201408-0300", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.4440100783333334, }, last_update_date: "2024-07-23T19:28:23.568000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Fix LDAP key data segmentation [CVE-2014-4345]", trust: 0.8, url: "https://github.com/krb5/krb5/commit/dc7ed55c689d57de7f7408b34631bf06fec9dab1", }, { title: "MITKRB5-SA-2014-001", trust: 0.8, url: "http://web.mit.edu/kerberos/advisories/mitkrb5-sa-2014-001.txt", }, { title: "RHSA-2015:0439", trust: 0.8, url: "https://rhn.redhat.com/errata/rhsa-2015-0439.html", }, { title: "Ticket #7980 LDAP key data segmentation buffer overflow [CVE-2014-4345]", trust: 0.8, url: "http://krbdev.mit.edu/rt/ticket/display.html?id=7980", }, { title: "CVE-2014-4345 Numeric Errors vulnerability in Kerberos", trust: 0.8, url: "https://blogs.oracle.com/sunsecurity/entry/cve_2014_4345_numeric_errors", }, { title: "Debian CVElist Bug Report Logs: CVE-2014-4344 in krb5: NULL dereference in GSSAPI servers", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=35d4f3ce5652ab755f81ed48de881600", }, { title: "Debian CVElist Bug Report Logs: CVE-2014-4343 in krb5: double-free in SPNEGO initiators", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=9c2c9693f1995e06458de00ef1a741ea", }, { title: "Debian CVElist Bug Report Logs: CVE-2014-4345 in krb5-kdc-ldap: buffer overrun in kadmind", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=5b462e2e6415f47bd0fd28d7421f6993", }, { title: "Debian CVElist Bug Report Logs: CVE-2014-4341 in krb5: insufficient validation processing rfc 1964 tokens", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=4d39c93e60e14a46f4d47ceeb92df9f3", }, { title: "Debian CVElist Bug Report Logs: CVE-2014-4342 in krb5: insufficient validation processing rfc 1964 tokens", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=289247c77758756a143eb9a839abfd1d", }, { title: "Debian Security Advisories: DSA-3000-1 krb5 -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=4185a1f803abcb8297ba9b981d24413f", }, { title: "Ubuntu Security Notice: krb5 vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=usn-2310-1", }, { title: "Amazon Linux AMI: ALAS-2014-443", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=alas-2014-443", }, { title: "Oracle: Oracle Critical Patch Update Advisory - October 2017", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=523d3f220a64ff01dd95e064bd37566a", }, ], sources: [ { db: "VULMON", id: "CVE-2014-4345", }, { db: "JVNDB", id: "JVNDB-2014-003820", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-189", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2014-003820", }, { db: "NVD", id: "CVE-2014-4345", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.1, url: "http://web.mit.edu/kerberos/advisories/mitkrb5-sa-2014-001.txt", }, { trust: 2, url: "https://blogs.oracle.com/sunsecurity/entry/cve_2014_4345_numeric_errors", }, { trust: 2, url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { trust: 1.8, url: "http://www.securityfocus.com/bid/69168", }, { trust: 1.8, url: "http://security.gentoo.org/glsa/glsa-201412-53.xml", }, { trust: 1.8, url: "http://rhn.redhat.com/errata/rhsa-2015-0439.html", }, { trust: 1.8, url: "http://advisories.mageia.org/mgasa-2014-0345.html", }, { trust: 1.7, url: "https://github.com/krb5/krb5/commit/dc7ed55c689d57de7f7408b34631bf06fec9dab1", }, { trust: 1.7, url: "http://krbdev.mit.edu/rt/ticket/display.html?id=7980", }, { trust: 1.7, url: "http://www.securitytracker.com/id/1030705", }, { trust: 1.7, url: "http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00009.html", }, { trust: 1.7, url: "http://lists.opensuse.org/opensuse-updates/2014-08/msg00030.html", }, { trust: 1.7, url: "http://rhn.redhat.com/errata/rhsa-2014-1255.html", }, { trust: 1.7, url: "http://www.debian.org/security/2014/dsa-3000", }, { trust: 1.7, url: "http://secunia.com/advisories/59415", }, { trust: 1.7, url: "http://kb.juniper.net/infocenter/index?page=content&id=jsa10705", }, { trust: 1.7, url: "https://github.com/krb5/krb5/pull/181", }, { trust: 1.7, url: "https://bugzilla.redhat.com/show_bug.cgi?id=1128157", }, { trust: 1.7, url: "http://www.osvdb.org/109908", }, { trust: 1.7, url: "http://www.mandriva.com/security/advisories?name=mdvsa-2014:165", }, { trust: 1.7, url: "http://secunia.com/advisories/61353", }, { trust: 1.7, url: "http://secunia.com/advisories/61314", }, { trust: 1.7, url: "http://secunia.com/advisories/60776", }, { trust: 1.7, url: "http://secunia.com/advisories/60535", }, { trust: 1.7, url: "http://secunia.com/advisories/59993", }, { trust: 1.7, url: "http://secunia.com/advisories/59102", }, { trust: 1.7, url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/137056.html", }, { trust: 1.7, url: "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136640.html", }, { trust: 1.7, url: "http://linux.oracle.com/errata/elsa-2014-1255.html", }, { trust: 1.7, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95212", }, { trust: 1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4345", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4345", }, { trust: 0.7, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4345", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4341", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4343", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4344", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2014-4342", }, { trust: 0.3, url: "http://web.mit.edu/kerberos/", }, { trust: 0.3, url: "https://downloads.avaya.com/css/p8/documents/101004185", }, { trust: 0.3, url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5096510", }, { trust: 0.3, url: "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15566.html?ref=rss", }, { trust: 0.2, url: "http://www.debian.org/security/", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2013-1418", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2013-6800", }, { trust: 0.2, url: "https://access.redhat.com/articles/11258", }, { trust: 0.2, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.2, url: "https://www.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.2, url: "https://bugzilla.redhat.com/):", }, { trust: 0.2, url: "https://access.redhat.com/security/updates/classification/#moderate", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/189.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "http://tools.cisco.com/security/center/viewalert.x?alertid=35226", }, { trust: 0.1, url: "https://usn.ubuntu.com/2310-1/", }, { trust: 0.1, url: "http://www.debian.org/security/faq", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/krb5/1.8.1+dfsg-2ubuntu0.13", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/krb5/1.12+dfsg-2ubuntu4.2", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-1416", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/krb5/1.10+dfsg~beta1-2ubuntu0.5", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2012-1016", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-1415", }, { trust: 0.1, url: "http://www.ubuntu.com/usn/usn-2310-1", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4344", }, { trust: 0.1, url: "http://www.mandriva.com/en/support/security/", }, { trust: 0.1, url: "http://www.mandriva.com/en/support/security/advisories/", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4341", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4342", }, { trust: 0.1, url: "http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2", }, { trust: 0.1, url: "http://web.mit.edu/kerberos/advisories/index.html", }, { trust: 0.1, url: "http://www.first.org/cvss/cvss-guide.html", }, { trust: 0.1, url: "http://web.mit.edu/kerberos/advisories/2014-001-patch.txt.asc", }, { trust: 0.1, url: "http://web.mit.edu/kerberos/index.html", }, { trust: 0.1, url: "http://web.mit.edu/kerberos/advisories/2014-001-patch.txt", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-4343", }, { trust: 0.1, url: "http://creativecommons.org/licenses/by-sa/2.5", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-5351", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-4345", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-4341", }, { trust: 0.1, url: "http://security.gentoo.org/", }, { trust: 0.1, url: "https://bugs.gentoo.org.", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-5351", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4342", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4343", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-9421", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-5353", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-9423", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4341", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-5353", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-9422", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-9421", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4345", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-9423", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-5352", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-5352", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-9422", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-4344", }, { trust: 0.1, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2013-6800.html", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4345.html", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4344.html", }, { trust: 0.1, url: "https://rhn.redhat.com/errata/rhsa-2014-1389.html", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4343.html", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2013-1418.html", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/6.6_technical_notes/krb5.html#rhsa-2014-1389", }, { trust: 0.1, url: "https://access.redhat.com/security/team/key/#package", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4342.html", }, { trust: 0.1, url: "https://www.redhat.com/security/data/cve/cve-2014-4341.html", }, ], sources: [ { db: "VULMON", id: "CVE-2014-4345", }, { db: "BID", id: "69168", }, { db: "JVNDB", id: "JVNDB-2014-003820", }, { db: "PACKETSTORM", id: "127813", }, { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "128077", }, { db: "PACKETSTORM", id: "127832", }, { db: "PACKETSTORM", id: "129774", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, { db: "CNNVD", id: "CNNVD-201408-122", }, { db: "NVD", id: "CVE-2014-4345", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2014-4345", }, { db: "BID", id: "69168", }, { db: "JVNDB", id: "JVNDB-2014-003820", }, { db: "PACKETSTORM", id: "127813", }, { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "128077", }, { db: "PACKETSTORM", id: "127832", }, { db: "PACKETSTORM", id: "129774", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, { db: "CNNVD", id: "CNNVD-201408-122", }, { db: "NVD", id: "CVE-2014-4345", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2014-08-14T00:00:00", db: "VULMON", id: "CVE-2014-4345", }, { date: "2014-08-09T00:00:00", db: "BID", id: "69168", }, { date: "2014-08-15T00:00:00", db: "JVNDB", id: "JVNDB-2014-003820", }, { date: "2014-08-11T13:33:00", db: "PACKETSTORM", id: "127813", }, { date: "2014-08-11T18:24:00", db: "PACKETSTORM", id: "127825", }, { date: "2014-09-02T20:17:38", db: "PACKETSTORM", id: "128077", }, { date: "2014-08-09T14:04:44", db: "PACKETSTORM", id: "127832", }, { date: "2014-12-31T12:12:00", db: "PACKETSTORM", id: "129774", }, { date: "2015-03-05T21:51:51", db: "PACKETSTORM", id: "130669", }, { date: "2014-10-14T23:04:48", db: "PACKETSTORM", id: "128660", }, { date: "2014-08-11T00:00:00", db: "CNNVD", id: "CNNVD-201408-122", }, { date: "2014-08-14T05:01:50.817000", db: "NVD", id: "CVE-2014-4345", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-01-21T00:00:00", db: "VULMON", id: "CVE-2014-4345", }, { date: "2017-10-19T03:03:00", db: "BID", id: "69168", }, { date: "2015-06-08T00:00:00", db: "JVNDB", id: "JVNDB-2014-003820", }, { date: "2020-01-22T00:00:00", db: "CNNVD", id: "CNNVD-201408-122", }, { date: "2020-01-21T15:46:47.197000", db: "NVD", id: "CVE-2014-4345", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "127825", }, { db: "PACKETSTORM", id: "128077", }, { db: "PACKETSTORM", id: "127832", }, { db: "PACKETSTORM", id: "130669", }, { db: "PACKETSTORM", id: "128660", }, { db: "CNNVD", id: "CNNVD-201408-122", }, ], trust: 1.1, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "MIT Kerberos 5 of kadmind of LDAP KDB Module plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c Service disruption in (DoS) Vulnerabilities", sources: [ { db: "JVNDB", id: "JVNDB-2014-003820", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "digital error", sources: [ { db: "CNNVD", id: "CNNVD-201408-122", }, ], trust: 0.6, }, }
cve-2001-0554
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T04:21:38.679Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "CLA-2001:413", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413", }, { name: "MDKSA-2001:068", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-068.php3", }, { name: "L-131", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred", ], url: "http://www.ciac.org/ciac/bulletins/l-131.shtml", }, { name: "SSRT0745U", tags: [ "vendor-advisory", "x_refsource_COMPAQ", "x_transferred", ], url: "http://ftp.support.compaq.com/patches/.new/html/SSRT0745U.shtml", }, { name: "telnetd-option-telrcv-bo(6875)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/6875", }, { name: "809", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/809", }, { name: "MSS-OAR-E01-2001:298", tags: [ "vendor-advisory", "x_refsource_IBM", "x_transferred", ], url: "http://online.securityfocus.com/advisories/3476", }, { name: "20010725 Telnetd AYT overflow scanner", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://online.securityfocus.com/archive/1/199496", }, { name: "20010810 ADV/EXP: netkit <=0.17 in.telnetd remote buffer overflow", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://online.securityfocus.com/archive/1/203000", }, { name: "3064", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/3064", }, { name: "RHSA-2001:100", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2001-100.html", }, { name: "SuSE-SA:2001:029", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.html", }, { name: "CSSA-2001-SCO.10", tags: [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred", ], url: "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt", }, { name: "RHSA-2001:099", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2001-099.html", }, { name: "20020129 Cisco CatOS Telnet Buffer Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml", }, { name: "HPSBUX0110-172", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://archives.neohapsis.com/archives/hp/2001-q4/0014.html", }, { name: "DSA-075", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2001/dsa-075", }, { name: "20010718 multiple vendor telnet daemon vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/197804", }, { name: "CA-2001-21", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.cert.org/advisories/CA-2001-21.html", }, { name: "FreeBSD-SA-01:49", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc", }, { name: "CSSA-2001-030.0", tags: [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred", ], url: "http://www.calderasystems.com/support/security/advisories/CSSA-2001-030.0.txt", }, { name: "DSA-070", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2001/dsa-070", }, { name: "20010725 SCO - Telnetd AYT overflow ?", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://online.securityfocus.com/archive/1/199541", }, { name: "20010801-01-P", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P", }, { name: "NetBSD-SA2001-012", tags: [ "vendor-advisory", "x_refsource_NETBSD", "x_transferred", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2001-07-18T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2009-03-02T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "CLA-2001:413", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413", }, { name: "MDKSA-2001:068", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-068.php3", }, { name: "L-131", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", ], url: "http://www.ciac.org/ciac/bulletins/l-131.shtml", }, { name: "SSRT0745U", tags: [ "vendor-advisory", "x_refsource_COMPAQ", ], url: "http://ftp.support.compaq.com/patches/.new/html/SSRT0745U.shtml", }, { name: "telnetd-option-telrcv-bo(6875)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/6875", }, { name: "809", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/809", }, { name: "MSS-OAR-E01-2001:298", tags: [ "vendor-advisory", "x_refsource_IBM", ], url: "http://online.securityfocus.com/advisories/3476", }, { name: "20010725 Telnetd AYT overflow scanner", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://online.securityfocus.com/archive/1/199496", }, { name: "20010810 ADV/EXP: netkit <=0.17 in.telnetd remote buffer overflow", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://online.securityfocus.com/archive/1/203000", }, { name: "3064", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/3064", }, { name: "RHSA-2001:100", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2001-100.html", }, { name: "SuSE-SA:2001:029", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.html", }, { name: "CSSA-2001-SCO.10", tags: [ "vendor-advisory", "x_refsource_CALDERA", ], url: "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt", }, { name: "RHSA-2001:099", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2001-099.html", }, { name: "20020129 Cisco CatOS Telnet Buffer Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml", }, { name: "HPSBUX0110-172", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://archives.neohapsis.com/archives/hp/2001-q4/0014.html", }, { name: "DSA-075", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2001/dsa-075", }, { name: "20010718 multiple vendor telnet daemon vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/197804", }, { name: "CA-2001-21", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.cert.org/advisories/CA-2001-21.html", }, { name: "FreeBSD-SA-01:49", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc", }, { name: "CSSA-2001-030.0", tags: [ "vendor-advisory", "x_refsource_CALDERA", ], url: "http://www.calderasystems.com/support/security/advisories/CSSA-2001-030.0.txt", }, { name: "DSA-070", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2001/dsa-070", }, { name: "20010725 SCO - Telnetd AYT overflow ?", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://online.securityfocus.com/archive/1/199541", }, { name: "20010801-01-P", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P", }, { name: "NetBSD-SA2001-012", tags: [ "vendor-advisory", "x_refsource_NETBSD", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2001-0554", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "CLA-2001:413", refsource: "CONECTIVA", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413", }, { name: "MDKSA-2001:068", refsource: "MANDRAKE", url: "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-068.php3", }, { name: "L-131", refsource: "CIAC", url: "http://www.ciac.org/ciac/bulletins/l-131.shtml", }, { name: "SSRT0745U", refsource: "COMPAQ", url: "http://ftp.support.compaq.com/patches/.new/html/SSRT0745U.shtml", }, { name: "telnetd-option-telrcv-bo(6875)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/6875", }, { name: "809", refsource: "OSVDB", url: "http://www.osvdb.org/809", }, { name: "MSS-OAR-E01-2001:298", refsource: "IBM", url: "http://online.securityfocus.com/advisories/3476", }, { name: "20010725 Telnetd AYT overflow scanner", refsource: "BUGTRAQ", url: "http://online.securityfocus.com/archive/1/199496", }, { name: "20010810 ADV/EXP: netkit <=0.17 in.telnetd remote buffer overflow", refsource: "BUGTRAQ", url: "http://online.securityfocus.com/archive/1/203000", }, { name: "3064", refsource: "BID", url: "http://www.securityfocus.com/bid/3064", }, { name: "RHSA-2001:100", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2001-100.html", }, { name: "SuSE-SA:2001:029", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.html", }, { name: "CSSA-2001-SCO.10", refsource: "CALDERA", url: "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt", }, { name: "RHSA-2001:099", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2001-099.html", }, { name: "20020129 Cisco CatOS Telnet Buffer Vulnerability", refsource: "CISCO", url: "http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml", }, { name: "HPSBUX0110-172", refsource: "HP", url: "http://archives.neohapsis.com/archives/hp/2001-q4/0014.html", }, { name: "DSA-075", refsource: "DEBIAN", url: "http://www.debian.org/security/2001/dsa-075", }, { name: "20010718 multiple vendor telnet daemon vulnerability", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/197804", }, { name: "CA-2001-21", refsource: "CERT", url: "http://www.cert.org/advisories/CA-2001-21.html", }, { name: "FreeBSD-SA-01:49", refsource: "FREEBSD", url: "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc", }, { name: "CSSA-2001-030.0", refsource: "CALDERA", url: "http://www.calderasystems.com/support/security/advisories/CSSA-2001-030.0.txt", }, { name: "DSA-070", refsource: "DEBIAN", url: "http://www.debian.org/security/2001/dsa-070", }, { name: "20010725 SCO - Telnetd AYT overflow ?", refsource: "BUGTRAQ", url: "http://online.securityfocus.com/archive/1/199541", }, { name: "20010801-01-P", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P", }, { name: "NetBSD-SA2001-012", refsource: "NETBSD", url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2001-0554", datePublished: "2002-03-09T05:00:00", dateReserved: "2001-07-24T00:00:00", dateUpdated: "2024-08-08T04:21:38.679Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-0523
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:24:25.838Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "CLA-2004:860", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000860", }, { name: "FEDORA-2004-149", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lwn.net/Articles/88206/", }, { name: "RHSA-2004:236", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-236.html", }, { name: "oval:org.mitre.oval:def:991", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A991", }, { name: "DSA-520", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2004/dsa-520", }, { name: "oval:org.mitre.oval:def:724", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A724", }, { name: "20040601 MITKRB5-SA-2004-001: buffer overflows in krb5_aname_to_localname", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=108612325909496&w=2", }, { name: "VU#686862", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/686862", }, { name: "GLSA-200406-21", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200406-21.xml", }, { name: "20040605-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { name: "Kerberos-krb5anametolocalname-bo(16268)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16268", }, { name: "20040602 TSSA-2004-009 - kerberos5", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=108619161815320&w=2", }, { name: "MDKSA-2004:056", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:056", }, { name: "101512", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101512-1", }, { name: "2004-0032", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=108619250923790&w=2", }, { name: "10448", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/10448", }, { name: "20040604-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc", }, { name: "oval:org.mitre.oval:def:2002", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2002", }, { name: "oval:org.mitre.oval:def:10295", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10295", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-06-01T00:00:00", descriptions: [ { lang: "en", value: "Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "CLA-2004:860", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000860", }, { name: "FEDORA-2004-149", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lwn.net/Articles/88206/", }, { name: "RHSA-2004:236", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-236.html", }, { name: "oval:org.mitre.oval:def:991", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A991", }, { name: "DSA-520", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2004/dsa-520", }, { name: "oval:org.mitre.oval:def:724", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A724", }, { name: "20040601 MITKRB5-SA-2004-001: buffer overflows in krb5_aname_to_localname", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=108612325909496&w=2", }, { name: "VU#686862", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/686862", }, { name: "GLSA-200406-21", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200406-21.xml", }, { name: "20040605-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { name: "Kerberos-krb5anametolocalname-bo(16268)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16268", }, { name: "20040602 TSSA-2004-009 - kerberos5", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=108619161815320&w=2", }, { name: "MDKSA-2004:056", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:056", }, { name: "101512", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101512-1", }, { name: "2004-0032", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", ], url: "http://marc.info/?l=bugtraq&m=108619250923790&w=2", }, { name: "10448", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/10448", }, { name: "20040604-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc", }, { name: "oval:org.mitre.oval:def:2002", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2002", }, { name: "oval:org.mitre.oval:def:10295", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10295", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-0523", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "CLA-2004:860", refsource: "CONECTIVA", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000860", }, { name: "FEDORA-2004-149", refsource: "FEDORA", url: "http://lwn.net/Articles/88206/", }, { name: "RHSA-2004:236", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-236.html", }, { name: "oval:org.mitre.oval:def:991", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A991", }, { name: "DSA-520", refsource: "DEBIAN", url: "http://www.debian.org/security/2004/dsa-520", }, { name: "oval:org.mitre.oval:def:724", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A724", }, { name: "20040601 MITKRB5-SA-2004-001: buffer overflows in krb5_aname_to_localname", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=108612325909496&w=2", }, { name: "VU#686862", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/686862", }, { name: "GLSA-200406-21", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200406-21.xml", }, { name: "20040605-01-U", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc", }, { name: "Kerberos-krb5anametolocalname-bo(16268)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/16268", }, { name: "20040602 TSSA-2004-009 - kerberos5", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=108619161815320&w=2", }, { name: "MDKSA-2004:056", refsource: "MANDRAKE", url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:056", }, { name: "101512", refsource: "SUNALERT", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101512-1", }, { name: "2004-0032", refsource: "TRUSTIX", url: "http://marc.info/?l=bugtraq&m=108619250923790&w=2", }, { name: "10448", refsource: "BID", url: "http://www.securityfocus.com/bid/10448", }, { name: "20040604-01-U", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc", }, { name: "oval:org.mitre.oval:def:2002", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2002", }, { name: "oval:org.mitre.oval:def:10295", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10295", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-0523", datePublished: "2004-06-03T04:00:00", dateReserved: "2004-06-03T00:00:00", dateUpdated: "2024-08-08T00:24:25.838Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2009-0845
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T04:48:52.589Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", }, { name: "20090407 MITKRB5-SA-2009-001: multiple vulnerabilities in SPNEGO, ASN.1 decoder [CVE-2009-0844 CVE-2009-0845 CVE-2009-0847]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/502526/100/0/threaded", }, { name: "VU#662091", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/662091", }, { name: "34257", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/34257", }, { name: "ADV-2009-0847", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/0847", }, { name: "34347", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34347", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.apple.com/kb/HT3549", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://src.mit.edu/fisheye/browse/krb5/trunk/src/lib/gssapi/spnego/spnego_mech.c?r1=21875&r2=22084", }, { name: "RHSA-2009:0408", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2009-0408.html", }, { name: "34637", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34637", }, { name: "34640", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34640", }, { name: "35074", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/35074", }, { name: "MDVSA-2009:082", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:082", }, { name: "256728", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256728-1", }, { name: "GLSA-200904-09", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200904-09.xml", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", }, { name: "ADV-2009-0976", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/0976", }, { name: "APPLE-SA-2009-05-12", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", }, { name: "USN-755-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/usn-755-1", }, { name: "34630", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34630", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", }, { name: "ADV-2009-1057", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/1057", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-001.txt", }, { name: "34617", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34617", }, { name: "34628", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34628", }, { name: "34734", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34734", }, { name: "kerberos-spnego-dos(49448)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/49448", }, { name: "oval:org.mitre.oval:def:6449", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6449", }, { name: "ADV-2009-2248", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/2248", }, { name: "TA09-133A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", }, { name: "ADV-2009-1297", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/1297", }, { name: "34622", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34622", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?user=guest&pass=guest&id=6402", }, { name: "FEDORA-2009-2852", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html", }, { name: "1021867", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1021867", }, { name: "FEDORA-2009-2834", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", }, { name: "oval:org.mitre.oval:def:10044", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10044", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://src.mit.edu/fisheye/changelog/krb5/?cs=22084", }, { name: "20090407 rPSA-2009-0058-1 krb5 krb5-server krb5-services krb5-test krb5-workstation", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/502546/100/0/threaded", }, { name: "34594", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34594", }, { name: "ADV-2009-1106", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/1106", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2009-03-13T00:00:00", descriptions: [ { lang: "en", value: "The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via invalid ContextFlags data in the reqFlags field in a negTokenInit token.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", }, { name: "20090407 MITKRB5-SA-2009-001: multiple vulnerabilities in SPNEGO, ASN.1 decoder [CVE-2009-0844 CVE-2009-0845 CVE-2009-0847]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/502526/100/0/threaded", }, { name: "VU#662091", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/662091", }, { name: "34257", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/34257", }, { name: "ADV-2009-0847", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/0847", }, { name: "34347", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34347", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.apple.com/kb/HT3549", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://src.mit.edu/fisheye/browse/krb5/trunk/src/lib/gssapi/spnego/spnego_mech.c?r1=21875&r2=22084", }, { name: "RHSA-2009:0408", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2009-0408.html", }, { name: "34637", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34637", }, { name: "34640", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34640", }, { name: "35074", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/35074", }, { name: "MDVSA-2009:082", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:082", }, { name: "256728", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256728-1", }, { name: "GLSA-200904-09", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200904-09.xml", }, { tags: [ "x_refsource_MISC", ], url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", }, { name: "ADV-2009-0976", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/0976", }, { name: "APPLE-SA-2009-05-12", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", }, { name: "USN-755-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/usn-755-1", }, { name: "34630", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34630", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", }, { name: "ADV-2009-1057", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/1057", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-001.txt", }, { name: "34617", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34617", }, { name: "34628", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34628", }, { name: "34734", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34734", }, { name: "kerberos-spnego-dos(49448)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/49448", }, { name: "oval:org.mitre.oval:def:6449", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6449", }, { name: "ADV-2009-2248", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/2248", }, { name: "TA09-133A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", }, { tags: [ "x_refsource_MISC", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", }, { name: "ADV-2009-1297", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/1297", }, { name: "34622", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34622", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?user=guest&pass=guest&id=6402", }, { name: "FEDORA-2009-2852", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html", }, { name: "1021867", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1021867", }, { name: "FEDORA-2009-2834", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", }, { name: "oval:org.mitre.oval:def:10044", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10044", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://src.mit.edu/fisheye/changelog/krb5/?cs=22084", }, { name: "20090407 rPSA-2009-0058-1 krb5 krb5-server krb5-services krb5-test krb5-workstation", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/502546/100/0/threaded", }, { name: "34594", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34594", }, { name: "ADV-2009-1106", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/1106", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2009-0845", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via invalid ContextFlags data in the reqFlags field in a negTokenInit token.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", refsource: "MISC", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", }, { name: "20090407 MITKRB5-SA-2009-001: multiple vulnerabilities in SPNEGO, ASN.1 decoder [CVE-2009-0844 CVE-2009-0845 CVE-2009-0847]", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/502526/100/0/threaded", }, { name: "VU#662091", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/662091", }, { name: "34257", refsource: "BID", url: "http://www.securityfocus.com/bid/34257", }, { name: "ADV-2009-0847", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/0847", }, { name: "34347", refsource: "SECUNIA", url: "http://secunia.com/advisories/34347", }, { name: "http://support.apple.com/kb/HT3549", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT3549", }, { name: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", refsource: "CONFIRM", url: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", }, { name: "http://src.mit.edu/fisheye/browse/krb5/trunk/src/lib/gssapi/spnego/spnego_mech.c?r1=21875&r2=22084", refsource: "CONFIRM", url: "http://src.mit.edu/fisheye/browse/krb5/trunk/src/lib/gssapi/spnego/spnego_mech.c?r1=21875&r2=22084", }, { name: "RHSA-2009:0408", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2009-0408.html", }, { name: "34637", refsource: "SECUNIA", url: "http://secunia.com/advisories/34637", }, { name: "34640", refsource: "SECUNIA", url: "http://secunia.com/advisories/34640", }, { name: "35074", refsource: "SECUNIA", url: "http://secunia.com/advisories/35074", }, { name: "MDVSA-2009:082", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:082", }, { name: "256728", refsource: "SUNALERT", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256728-1", }, { name: "GLSA-200904-09", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200904-09.xml", }, { name: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", refsource: "MISC", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", }, { name: "ADV-2009-0976", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/0976", }, { name: "APPLE-SA-2009-05-12", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", }, { name: "USN-755-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/usn-755-1", }, { name: "34630", refsource: "SECUNIA", url: "http://secunia.com/advisories/34630", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", }, { name: "ADV-2009-1057", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/1057", }, { name: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-001.txt", refsource: "CONFIRM", url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-001.txt", }, { name: "34617", refsource: "SECUNIA", url: "http://secunia.com/advisories/34617", }, { name: "34628", refsource: "SECUNIA", url: "http://secunia.com/advisories/34628", }, { name: "34734", refsource: "SECUNIA", url: "http://secunia.com/advisories/34734", }, { name: "kerberos-spnego-dos(49448)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/49448", }, { name: "oval:org.mitre.oval:def:6449", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6449", }, { name: "ADV-2009-2248", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/2248", }, { name: "TA09-133A", refsource: "CERT", url: "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", }, { name: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", refsource: "MISC", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", }, { name: "ADV-2009-1297", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/1297", }, { name: "34622", refsource: "SECUNIA", url: "http://secunia.com/advisories/34622", }, { name: "http://krbdev.mit.edu/rt/Ticket/Display.html?user=guest&pass=guest&id=6402", refsource: "CONFIRM", url: "http://krbdev.mit.edu/rt/Ticket/Display.html?user=guest&pass=guest&id=6402", }, { name: "FEDORA-2009-2852", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html", }, { name: "1021867", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1021867", }, { name: "FEDORA-2009-2834", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html", }, { name: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", refsource: "CONFIRM", url: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", }, { name: "oval:org.mitre.oval:def:10044", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10044", }, { name: "http://src.mit.edu/fisheye/changelog/krb5/?cs=22084", refsource: "CONFIRM", url: "http://src.mit.edu/fisheye/changelog/krb5/?cs=22084", }, { name: "20090407 rPSA-2009-0058-1 krb5 krb5-server krb5-services krb5-test krb5-workstation", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/502546/100/0/threaded", }, { name: "34594", refsource: "SECUNIA", url: "http://secunia.com/advisories/34594", }, { name: "ADV-2009-1106", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/1106", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2009-0845", datePublished: "2009-03-27T16:00:00", dateReserved: "2009-03-06T00:00:00", dateUpdated: "2024-08-07T04:48:52.589Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2009-4212
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T06:54:10.078Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "APPLE-SA-2010-06-15-1", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html", }, { name: "38140", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38140", }, { name: "ADV-2010-0096", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/0096", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.avaya.com/css/P8/documents/100074869", }, { name: "38126", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38126", }, { name: "DSA-1969", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2010/dsa-1969", }, { name: "ADV-2010-1481", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/1481", }, { name: "USN-881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://ubuntu.com/usn/usn-881-1", }, { name: "SSRT100495", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt", }, { name: "FEDORA-2010-0503", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html", }, { name: "MDVSA-2010:006", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:006", }, { name: "1023440", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1023440", }, { name: "38080", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38080", }, { name: "275530", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1", }, { name: "1021779", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1", }, { name: "oval:org.mitre.oval:def:8192", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192", }, { name: "38203", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38203", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=545015", }, { name: "FEDORA-2010-0515", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.apple.com/kb/HT4188", }, { name: "40220", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/40220", }, { name: "38108", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38108", }, { name: "37749", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/37749", }, { name: "oval:org.mitre.oval:def:11272", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272", }, { name: "RHSA-2010:0029", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0029.html", }, { name: "RHSA-2010:0095", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0095.html", }, { name: "oval:org.mitre.oval:def:7357", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357", }, { name: "38696", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38696", }, { name: "ADV-2010-0129", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/0129", }, { name: "HPSBOV02682", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { name: "38184", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38184", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-01-12T00:00:00", descriptions: [ { lang: "en", value: "Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-18T12:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "APPLE-SA-2010-06-15-1", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html", }, { name: "38140", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38140", }, { name: "ADV-2010-0096", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/0096", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.avaya.com/css/P8/documents/100074869", }, { name: "38126", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38126", }, { name: "DSA-1969", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2010/dsa-1969", }, { name: "ADV-2010-1481", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/1481", }, { name: "USN-881-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://ubuntu.com/usn/usn-881-1", }, { name: "SSRT100495", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt", }, { name: "FEDORA-2010-0503", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html", }, { name: "MDVSA-2010:006", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:006", }, { name: "1023440", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1023440", }, { name: "38080", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38080", }, { name: "275530", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1", }, { name: "1021779", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1", }, { name: "oval:org.mitre.oval:def:8192", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192", }, { name: "38203", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38203", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=545015", }, { name: "FEDORA-2010-0515", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.apple.com/kb/HT4188", }, { name: "40220", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/40220", }, { name: "38108", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38108", }, { name: "37749", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/37749", }, { name: "oval:org.mitre.oval:def:11272", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272", }, { name: "RHSA-2010:0029", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0029.html", }, { name: "RHSA-2010:0095", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://rhn.redhat.com/errata/RHSA-2010-0095.html", }, { name: "oval:org.mitre.oval:def:7357", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357", }, { name: "38696", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38696", }, { name: "ADV-2010-0129", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/0129", }, { name: "HPSBOV02682", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { name: "38184", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38184", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2009-4212", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "APPLE-SA-2010-06-15-1", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html", }, { name: "38140", refsource: "SECUNIA", url: "http://secunia.com/advisories/38140", }, { name: "ADV-2010-0096", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/0096", }, { name: "http://support.avaya.com/css/P8/documents/100074869", refsource: "CONFIRM", url: "http://support.avaya.com/css/P8/documents/100074869", }, { name: "38126", refsource: "SECUNIA", url: "http://secunia.com/advisories/38126", }, { name: "DSA-1969", refsource: "DEBIAN", url: "http://www.debian.org/security/2010/dsa-1969", }, { name: "ADV-2010-1481", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/1481", }, { name: "USN-881-1", refsource: "UBUNTU", url: "http://ubuntu.com/usn/usn-881-1", }, { name: "SSRT100495", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { name: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt", refsource: "CONFIRM", url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt", }, { name: "FEDORA-2010-0503", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html", }, { name: "MDVSA-2010:006", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:006", }, { name: "1023440", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1023440", }, { name: "38080", refsource: "SECUNIA", url: "http://secunia.com/advisories/38080", }, { name: "275530", refsource: "SUNALERT", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1", }, { name: "1021779", refsource: "SUNALERT", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1", }, { name: "oval:org.mitre.oval:def:8192", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192", }, { name: "38203", refsource: "SECUNIA", url: "http://secunia.com/advisories/38203", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=545015", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=545015", }, { name: "FEDORA-2010-0515", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html", }, { name: "http://support.apple.com/kb/HT4188", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT4188", }, { name: "40220", refsource: "SECUNIA", url: "http://secunia.com/advisories/40220", }, { name: "38108", refsource: "SECUNIA", url: "http://secunia.com/advisories/38108", }, { name: "37749", refsource: "BID", url: "http://www.securityfocus.com/bid/37749", }, { name: "oval:org.mitre.oval:def:11272", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272", }, { name: "RHSA-2010:0029", refsource: "REDHAT", url: "https://rhn.redhat.com/errata/RHSA-2010-0029.html", }, { name: "RHSA-2010:0095", refsource: "REDHAT", url: "https://rhn.redhat.com/errata/RHSA-2010-0095.html", }, { name: "oval:org.mitre.oval:def:7357", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357", }, { name: "38696", refsource: "SECUNIA", url: "http://secunia.com/advisories/38696", }, { name: "ADV-2010-0129", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/0129", }, { name: "HPSBOV02682", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { name: "38184", refsource: "SECUNIA", url: "http://secunia.com/advisories/38184", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2009-4212", datePublished: "2010-01-13T19:00:00", dateReserved: "2009-12-04T00:00:00", dateUpdated: "2024-08-07T06:54:10.078Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-20217
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/ | vendor-advisory, x_refsource_FEDORA | |
http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763 | x_refsource_CONFIRM | |
https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086 | x_refsource_CONFIRM | |
https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html | mailing-list, x_refsource_MLIST | |
https://security.netapp.com/advisory/ntap-20190416-0006/ | x_refsource_CONFIRM | |
https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:58:19.090Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "FEDORA-2018-7db7ccda4d", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086", }, { name: "[debian-lts-announce] 20190125 [SECURITY] [DLA 1643-1] krb5 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190416-0006/", }, { name: "[debian-lts-announce] 20210930 [SECURITY] [DLA 2771-1] krb5 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-12-08T00:00:00", descriptions: [ { lang: "en", value: "A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-09-30T21:06:12", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "FEDORA-2018-7db7ccda4d", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086", }, { name: "[debian-lts-announce] 20190125 [SECURITY] [DLA 1643-1] krb5 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190416-0006/", }, { name: "[debian-lts-announce] 20210930 [SECURITY] [DLA 2771-1] krb5 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-20217", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "FEDORA-2018-7db7ccda4d", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/", }, { name: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763", refsource: "CONFIRM", url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763", }, { name: "https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086", refsource: "CONFIRM", url: "https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086", }, { name: "[debian-lts-announce] 20190125 [SECURITY] [DLA 1643-1] krb5 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html", }, { name: "https://security.netapp.com/advisory/ntap-20190416-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190416-0006/", }, { name: "[debian-lts-announce] 20210930 [SECURITY] [DLA 2771-1] krb5 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-20217", datePublished: "2018-12-26T20:00:00", dateReserved: "2018-12-19T00:00:00", dateUpdated: "2024-08-05T11:58:19.090Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-1323
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T01:21:18.474Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SU-2012:0042", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html", }, { name: "ADV-2010-3094", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/3094", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { name: "MDVSA-2010:246", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:246", }, { name: "FEDORA-2010-18425", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html", }, { name: "45118", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/45118", }, { name: "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/520102/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kb.vmware.com/kb/1035108", }, { name: "46397", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/46397", }, { name: "ADV-2010-3118", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/3118", }, { name: "SSRT100495", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { name: "oval:org.mitre.oval:def:12121", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12121", }, { name: "ADV-2011-0187", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0187", }, { name: "MDVSA-2010:245", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:245", }, { name: "69610", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/69610", }, { name: "20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/514953/100/0/threaded", }, { name: "RHSA-2010:0926", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0926.html", }, { name: "SUSE-SR:2010:023", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2011-0007.html", }, { name: "APPLE-SA-2011-03-21-1", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html", }, { name: "42420", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/42420", }, { name: "HPSBUX02623", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=129562442714657&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt", }, { name: "SSRT100355", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=129562442714657&w=2", }, { name: "ADV-2010-3095", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/3095", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", }, { name: "ADV-2010-3101", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/3101", }, { name: "42399", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/42399", }, { name: "SUSE-SU-2012:0010", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html", }, { name: "[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lists.vmware.com/pipermail/security-announce/2011/000133.html", }, { name: "1024803", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1024803", }, { name: "20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/517739/100/0/threaded", }, { name: "FEDORA-2010-18409", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html", }, { name: "SUSE-SR:2010:024", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html", }, { name: "RHSA-2010:0925", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0925.html", }, { name: "USN-1030-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-1030-1", }, { name: "HPSBOV02682", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { name: "43015", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43015", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.apple.com/kb/HT4581", }, { name: "DSA-2129", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2010/dsa-2129", }, { name: "42436", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/42436", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-11-30T00:00:00", descriptions: [ { lang: "en", value: "MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "SUSE-SU-2012:0042", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html", }, { name: "ADV-2010-3094", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/3094", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { name: "MDVSA-2010:246", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:246", }, { name: "FEDORA-2010-18425", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html", }, { name: "45118", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/45118", }, { name: "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/520102/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kb.vmware.com/kb/1035108", }, { name: "46397", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/46397", }, { name: "ADV-2010-3118", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/3118", }, { name: "SSRT100495", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { name: "oval:org.mitre.oval:def:12121", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12121", }, { name: "ADV-2011-0187", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0187", }, { name: "MDVSA-2010:245", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:245", }, { name: "69610", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/69610", }, { name: "20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/514953/100/0/threaded", }, { name: "RHSA-2010:0926", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0926.html", }, { name: "SUSE-SR:2010:023", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2011-0007.html", }, { name: "APPLE-SA-2011-03-21-1", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html", }, { name: "42420", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/42420", }, { name: "HPSBUX02623", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=129562442714657&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt", }, { name: "SSRT100355", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=129562442714657&w=2", }, { name: "ADV-2010-3095", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/3095", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", }, { name: "ADV-2010-3101", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/3101", }, { name: "42399", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/42399", }, { name: "SUSE-SU-2012:0010", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html", }, { name: "[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lists.vmware.com/pipermail/security-announce/2011/000133.html", }, { name: "1024803", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1024803", }, { name: "20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/517739/100/0/threaded", }, { name: "FEDORA-2010-18409", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html", }, { name: "SUSE-SR:2010:024", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html", }, { name: "RHSA-2010:0925", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0925.html", }, { name: "USN-1030-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-1030-1", }, { name: "HPSBOV02682", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { name: "43015", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43015", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.apple.com/kb/HT4581", }, { name: "DSA-2129", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2010/dsa-2129", }, { name: "42436", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/42436", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2010-1323", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "SUSE-SU-2012:0042", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html", }, { name: "ADV-2010-3094", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/3094", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { name: "MDVSA-2010:246", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:246", }, { name: "FEDORA-2010-18425", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html", }, { name: "45118", refsource: "BID", url: "http://www.securityfocus.com/bid/45118", }, { name: "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/520102/100/0/threaded", }, { name: "http://kb.vmware.com/kb/1035108", refsource: "CONFIRM", url: "http://kb.vmware.com/kb/1035108", }, { name: "46397", refsource: "SECUNIA", url: "http://secunia.com/advisories/46397", }, { name: "ADV-2010-3118", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/3118", }, { name: "SSRT100495", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { name: "oval:org.mitre.oval:def:12121", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12121", }, { name: "ADV-2011-0187", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0187", }, { name: "MDVSA-2010:245", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:245", }, { name: "69610", refsource: "OSVDB", url: "http://osvdb.org/69610", }, { name: "20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021]", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/514953/100/0/threaded", }, { name: "RHSA-2010:0926", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2010-0926.html", }, { name: "SUSE-SR:2010:023", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html", }, { name: "http://www.vmware.com/security/advisories/VMSA-2011-0007.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2011-0007.html", }, { name: "APPLE-SA-2011-03-21-1", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html", }, { name: "42420", refsource: "SECUNIA", url: "http://secunia.com/advisories/42420", }, { name: "HPSBUX02623", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=129562442714657&w=2", }, { name: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt", refsource: "CONFIRM", url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-007.txt", }, { name: "SSRT100355", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=129562442714657&w=2", }, { name: "ADV-2010-3095", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/3095", }, { name: "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", }, { name: "ADV-2010-3101", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/3101", }, { name: "42399", refsource: "SECUNIA", url: "http://secunia.com/advisories/42399", }, { name: "SUSE-SU-2012:0010", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html", }, { name: "[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", refsource: "MLIST", url: "http://lists.vmware.com/pipermail/security-announce/2011/000133.html", }, { name: "1024803", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1024803", }, { name: "20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/517739/100/0/threaded", }, { name: "FEDORA-2010-18409", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html", }, { name: "SUSE-SR:2010:024", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html", }, { name: "RHSA-2010:0925", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2010-0925.html", }, { name: "USN-1030-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-1030-1", }, { name: "HPSBOV02682", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { name: "43015", refsource: "SECUNIA", url: "http://secunia.com/advisories/43015", }, { name: "http://support.apple.com/kb/HT4581", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT4581", }, { name: "DSA-2129", refsource: "DEBIAN", url: "http://www.debian.org/security/2010/dsa-2129", }, { name: "42436", refsource: "SECUNIA", url: "http://secunia.com/advisories/42436", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2010-1323", datePublished: "2010-12-02T16:00:00", dateReserved: "2010-04-08T00:00:00", dateUpdated: "2024-08-07T01:21:18.474Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-0772
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:31:47.423Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "CLA-2004:860", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000860", }, { name: "kerberos-krb524d-double-free(17158)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17158", }, { name: "VU#350792", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/350792", }, { name: "2004-0045", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred", ], url: "http://www.trustix.net/errata/2004/0045/", }, { name: "DSA-543", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2004/dsa-543", }, { name: "TA04-247A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-247A.html", }, { name: "GLSA-200409-09", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200409-09.xml", }, { name: "20040913 [OpenPKG-SA-2004.039] OpenPKG Security Advisory (kerberos)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=109508872524753&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt", }, { name: "MDKSA-2004:088", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:088", }, { name: "oval:org.mitre.oval:def:4661", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4661", }, { name: "11078", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/11078", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-08-31T00:00:00", descriptions: [ { lang: "en", value: "Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "CLA-2004:860", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000860", }, { name: "kerberos-krb524d-double-free(17158)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17158", }, { name: "VU#350792", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/350792", }, { name: "2004-0045", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", ], url: "http://www.trustix.net/errata/2004/0045/", }, { name: "DSA-543", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2004/dsa-543", }, { name: "TA04-247A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-247A.html", }, { name: "GLSA-200409-09", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200409-09.xml", }, { name: "20040913 [OpenPKG-SA-2004.039] OpenPKG Security Advisory (kerberos)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=109508872524753&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt", }, { name: "MDKSA-2004:088", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:088", }, { name: "oval:org.mitre.oval:def:4661", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4661", }, { name: "11078", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/11078", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-0772", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "CLA-2004:860", refsource: "CONECTIVA", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000860", }, { name: "kerberos-krb524d-double-free(17158)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17158", }, { name: "VU#350792", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/350792", }, { name: "2004-0045", refsource: "TRUSTIX", url: "http://www.trustix.net/errata/2004/0045/", }, { name: "DSA-543", refsource: "DEBIAN", url: "http://www.debian.org/security/2004/dsa-543", }, { name: "TA04-247A", refsource: "CERT", url: "http://www.us-cert.gov/cas/techalerts/TA04-247A.html", }, { name: "GLSA-200409-09", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200409-09.xml", }, { name: "20040913 [OpenPKG-SA-2004.039] OpenPKG Security Advisory (kerberos)", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=109508872524753&w=2", }, { name: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt", refsource: "CONFIRM", url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt", }, { name: "MDKSA-2004:088", refsource: "MANDRAKE", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:088", }, { name: "oval:org.mitre.oval:def:4661", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4661", }, { name: "11078", refsource: "BID", url: "http://www.securityfocus.com/bid/11078", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-0772", datePublished: "2004-09-10T04:00:00", dateReserved: "2004-08-05T00:00:00", dateUpdated: "2024-08-08T00:31:47.423Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2011-0282
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T21:51:07.938Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "MDVSA-2011:025", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:025", }, { name: "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/520102/100/0/threaded", }, { name: "46397", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/46397", }, { name: "46271", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/46271", }, { name: "ADV-2011-0347", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0347", }, { name: "43260", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43260", }, { name: "ADV-2011-0333", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0333", }, { name: "RHSA-2011:0199", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0199.html", }, { name: "43273", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43273", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt", }, { name: "20110208 MITKRB5-SA-2011-002 KDC denial of service attacks [CVE-2011-0281 CVE-2011-0282 CVE-2011-0283]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/516299/100/0/threaded", }, { name: "1025037", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1025037", }, { name: "SUSE-SR:2011:004", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", }, { name: "MDVSA-2011:024", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:024", }, { name: "ADV-2011-0464", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0464", }, { name: "8073", tags: [ "third-party-advisory", "x_refsource_SREASON", "x_transferred", ], url: "http://securityreason.com/securityalert/8073", }, { name: "kerberos-ldap-dos(65323)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65323", }, { name: "ADV-2011-0330", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0330", }, { name: "43275", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43275", }, { name: "RHSA-2011:0200", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0200.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2011-02-08T00:00:00", descriptions: [ { lang: "en", value: "The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "MDVSA-2011:025", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:025", }, { name: "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/520102/100/0/threaded", }, { name: "46397", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/46397", }, { name: "46271", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/46271", }, { name: "ADV-2011-0347", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0347", }, { name: "43260", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43260", }, { name: "ADV-2011-0333", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0333", }, { name: "RHSA-2011:0199", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0199.html", }, { name: "43273", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43273", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt", }, { name: "20110208 MITKRB5-SA-2011-002 KDC denial of service attacks [CVE-2011-0281 CVE-2011-0282 CVE-2011-0283]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/516299/100/0/threaded", }, { name: "1025037", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1025037", }, { name: "SUSE-SR:2011:004", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", }, { name: "MDVSA-2011:024", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:024", }, { name: "ADV-2011-0464", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0464", }, { name: "8073", tags: [ "third-party-advisory", "x_refsource_SREASON", ], url: "http://securityreason.com/securityalert/8073", }, { name: "kerberos-ldap-dos(65323)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65323", }, { name: "ADV-2011-0330", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0330", }, { name: "43275", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43275", }, { name: "RHSA-2011:0200", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0200.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2011-0282", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "MDVSA-2011:025", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:025", }, { name: "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/520102/100/0/threaded", }, { name: "46397", refsource: "SECUNIA", url: "http://secunia.com/advisories/46397", }, { name: "46271", refsource: "BID", url: "http://www.securityfocus.com/bid/46271", }, { name: "ADV-2011-0347", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0347", }, { name: "43260", refsource: "SECUNIA", url: "http://secunia.com/advisories/43260", }, { name: "ADV-2011-0333", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0333", }, { name: "RHSA-2011:0199", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2011-0199.html", }, { name: "43273", refsource: "SECUNIA", url: "http://secunia.com/advisories/43273", }, { name: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt", refsource: "CONFIRM", url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt", }, { name: "20110208 MITKRB5-SA-2011-002 KDC denial of service attacks [CVE-2011-0281 CVE-2011-0282 CVE-2011-0283]", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/516299/100/0/threaded", }, { name: "1025037", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1025037", }, { name: "SUSE-SR:2011:004", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html", }, { name: "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", }, { name: "MDVSA-2011:024", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:024", }, { name: "ADV-2011-0464", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0464", }, { name: "8073", refsource: "SREASON", url: "http://securityreason.com/securityalert/8073", }, { name: "kerberos-ldap-dos(65323)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65323", }, { name: "ADV-2011-0330", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0330", }, { name: "43275", refsource: "SECUNIA", url: "http://secunia.com/advisories/43275", }, { name: "RHSA-2011:0200", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2011-0200.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2011-0282", datePublished: "2011-02-10T17:00:00", dateReserved: "2011-01-03T00:00:00", dateUpdated: "2024-08-06T21:51:07.938Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2000-0389
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html | vendor-advisory, x_refsource_FREEBSD | |
http://www.redhat.com/support/errata/RHSA-2000-025.html | vendor-advisory, x_refsource_REDHAT | |
http://www.cert.org/advisories/CA-2000-06.html | third-party-advisory, x_refsource_CERT | |
http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html | mailing-list, x_refsource_BUGTRAQ | |
http://www.securityfocus.com/bid/1220 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T05:14:21.479Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "FreeBSD-SA-00:20", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html", }, { name: "RHSA-2000:025", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2000-025.html", }, { name: "CA-2000-06", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.cert.org/advisories/CA-2000-06.html", }, { name: "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html", }, { name: "1220", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/1220", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2000-05-16T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2004-09-02T09:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "FreeBSD-SA-00:20", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html", }, { name: "RHSA-2000:025", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2000-025.html", }, { name: "CA-2000-06", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.cert.org/advisories/CA-2000-06.html", }, { name: "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html", }, { name: "1220", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/1220", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2000-0389", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "FreeBSD-SA-00:20", refsource: "FREEBSD", url: "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html", }, { name: "RHSA-2000:025", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2000-025.html", }, { name: "CA-2000-06", refsource: "CERT", url: "http://www.cert.org/advisories/CA-2000-06.html", }, { name: "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", refsource: "BUGTRAQ", url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html", }, { name: "1220", refsource: "BID", url: "http://www.securityfocus.com/bid/1220", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2000-0389", datePublished: "2000-07-12T04:00:00", dateReserved: "2000-06-14T00:00:00", dateUpdated: "2024-08-08T05:14:21.479Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-0283
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html | vendor-advisory, x_refsource_APPLE | |
http://www.securityfocus.com/bid/38260 | vdb-entry, x_refsource_BID | |
http://www.ubuntu.com/usn/USN-916-1 | vendor-advisory, x_refsource_UBUNTU | |
http://www.vupen.com/english/advisories/2010/1481 | vdb-entry, x_refsource_VUPEN | |
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-001.txt | x_refsource_CONFIRM | |
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035222.html | vendor-advisory, x_refsource_FEDORA | |
http://securitytracker.com/id?1023593 | vdb-entry, x_refsource_SECTRACK | |
http://support.apple.com/kb/HT4188 | x_refsource_CONFIRM | |
http://secunia.com/advisories/40220 | third-party-advisory, x_refsource_SECUNIA | |
http://secunia.com/advisories/39023 | third-party-advisory, x_refsource_SECUNIA | |
http://www.securityfocus.com/archive/1/509553/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
http://secunia.com/advisories/38598 | third-party-advisory, x_refsource_SECUNIA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T00:45:12.015Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "APPLE-SA-2010-06-15-1", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html", }, { name: "38260", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/38260", }, { name: "USN-916-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-916-1", }, { name: "ADV-2010-1481", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/1481", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-001.txt", }, { name: "FEDORA-2010-1722", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035222.html", }, { name: "1023593", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1023593", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.apple.com/kb/HT4188", }, { name: "40220", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/40220", }, { name: "39023", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/39023", }, { name: "20100216 MITKRB5-SA-2010-001 [CVE-2010-0283] krb5-1.7 KDC denial of service", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/509553/100/0/threaded", }, { name: "38598", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38598", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-02-16T00:00:00", descriptions: [ { lang: "en", value: "The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid (1) AS-REQ or (2) TGS-REQ request.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "APPLE-SA-2010-06-15-1", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html", }, { name: "38260", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/38260", }, { name: "USN-916-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-916-1", }, { name: "ADV-2010-1481", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/1481", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-001.txt", }, { name: "FEDORA-2010-1722", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035222.html", }, { name: "1023593", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1023593", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.apple.com/kb/HT4188", }, { name: "40220", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/40220", }, { name: "39023", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/39023", }, { name: "20100216 MITKRB5-SA-2010-001 [CVE-2010-0283] krb5-1.7 KDC denial of service", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/509553/100/0/threaded", }, { name: "38598", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38598", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2010-0283", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid (1) AS-REQ or (2) TGS-REQ request.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "APPLE-SA-2010-06-15-1", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html", }, { name: "38260", refsource: "BID", url: "http://www.securityfocus.com/bid/38260", }, { name: "USN-916-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-916-1", }, { name: "ADV-2010-1481", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/1481", }, { name: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-001.txt", refsource: "CONFIRM", url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-001.txt", }, { name: "FEDORA-2010-1722", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035222.html", }, { name: "1023593", refsource: "SECTRACK", url: "http://securitytracker.com/id?1023593", }, { name: "http://support.apple.com/kb/HT4188", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT4188", }, { name: "40220", refsource: "SECUNIA", url: "http://secunia.com/advisories/40220", }, { name: "39023", refsource: "SECUNIA", url: "http://secunia.com/advisories/39023", }, { name: "20100216 MITKRB5-SA-2010-001 [CVE-2010-0283] krb5-1.7 KDC denial of service", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/509553/100/0/threaded", }, { name: "38598", refsource: "SECUNIA", url: "http://secunia.com/advisories/38598", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2010-0283", datePublished: "2010-02-21T22:00:00", dateReserved: "2010-01-12T00:00:00", dateUpdated: "2024-08-07T00:45:12.015Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2009-0847
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T04:48:52.604Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", }, { name: "MDVSA-2009:098", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:098", }, { name: "20090407 MITKRB5-SA-2009-001: multiple vulnerabilities in SPNEGO, ASN.1 decoder [CVE-2009-0844 CVE-2009-0845 CVE-2009-0847]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/502526/100/0/threaded", }, { name: "VU#662091", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/662091", }, { name: "ADV-2009-0960", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/0960", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.apple.com/kb/HT3549", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", }, { name: "oval:org.mitre.oval:def:6387", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6387", }, { name: "34637", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34637", }, { name: "ADV-2009-2084", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/2084", }, { name: "34408", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/34408", }, { name: "34640", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34640", }, { name: "35074", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/35074", }, { name: "1021993", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1021993", }, { name: "256728", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256728-1", }, { name: "GLSA-200904-09", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200904-09.xml", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", }, { name: "ADV-2009-0976", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/0976", }, { name: "APPLE-SA-2009-05-12", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", }, { name: "USN-755-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/usn-755-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", }, { name: "ADV-2009-1057", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/1057", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-001.txt", }, { name: "34617", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34617", }, { name: "34628", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34628", }, { name: "34734", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34734", }, { name: "ADV-2009-2248", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/2248", }, { name: "TA09-133A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", }, { name: "ADV-2009-1297", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/1297", }, { name: "34622", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34622", }, { name: "FEDORA-2009-2852", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html", }, { name: "FEDORA-2009-2834", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", }, { name: "20090407 rPSA-2009-0058-1 krb5 krb5-server krb5-services krb5-test krb5-workstation", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/502546/100/0/threaded", }, { name: "34594", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34594", }, { name: "ADV-2009-1106", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/1106", }, { name: "HPSBUX02421", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=124896429301168&w=2", }, { name: "SSRT090047", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=124896429301168&w=2", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2009-04-07T00:00:00", descriptions: [ { lang: "en", value: "The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmetic.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", }, { name: "MDVSA-2009:098", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:098", }, { name: "20090407 MITKRB5-SA-2009-001: multiple vulnerabilities in SPNEGO, ASN.1 decoder [CVE-2009-0844 CVE-2009-0845 CVE-2009-0847]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/502526/100/0/threaded", }, { name: "VU#662091", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/662091", }, { name: "ADV-2009-0960", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/0960", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.apple.com/kb/HT3549", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", }, { name: "oval:org.mitre.oval:def:6387", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6387", }, { name: "34637", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34637", }, { name: "ADV-2009-2084", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/2084", }, { name: "34408", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/34408", }, { name: "34640", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34640", }, { name: "35074", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/35074", }, { name: "1021993", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1021993", }, { name: "256728", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256728-1", }, { name: "GLSA-200904-09", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200904-09.xml", }, { tags: [ "x_refsource_MISC", ], url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", }, { name: "ADV-2009-0976", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/0976", }, { name: "APPLE-SA-2009-05-12", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", }, { name: "USN-755-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/usn-755-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", }, { name: "ADV-2009-1057", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/1057", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-001.txt", }, { name: "34617", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34617", }, { name: "34628", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34628", }, { name: "34734", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34734", }, { name: "ADV-2009-2248", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/2248", }, { name: "TA09-133A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", }, { tags: [ "x_refsource_MISC", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", }, { name: "ADV-2009-1297", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/1297", }, { name: "34622", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34622", }, { name: "FEDORA-2009-2852", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html", }, { name: "FEDORA-2009-2834", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", }, { name: "20090407 rPSA-2009-0058-1 krb5 krb5-server krb5-services krb5-test krb5-workstation", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/502546/100/0/threaded", }, { name: "34594", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34594", }, { name: "ADV-2009-1106", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/1106", }, { name: "HPSBUX02421", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=124896429301168&w=2", }, { name: "SSRT090047", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=124896429301168&w=2", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2009-0847", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmetic.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", refsource: "MISC", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", }, { name: "MDVSA-2009:098", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:098", }, { name: "20090407 MITKRB5-SA-2009-001: multiple vulnerabilities in SPNEGO, ASN.1 decoder [CVE-2009-0844 CVE-2009-0845 CVE-2009-0847]", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/502526/100/0/threaded", }, { name: "VU#662091", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/662091", }, { name: "ADV-2009-0960", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/0960", }, { name: "http://support.apple.com/kb/HT3549", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT3549", }, { name: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", refsource: "CONFIRM", url: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", }, { name: "oval:org.mitre.oval:def:6387", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6387", }, { name: "34637", refsource: "SECUNIA", url: "http://secunia.com/advisories/34637", }, { name: "ADV-2009-2084", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/2084", }, { name: "34408", refsource: "BID", url: "http://www.securityfocus.com/bid/34408", }, { name: "34640", refsource: "SECUNIA", url: "http://secunia.com/advisories/34640", }, { name: "35074", refsource: "SECUNIA", url: "http://secunia.com/advisories/35074", }, { name: "1021993", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1021993", }, { name: "256728", refsource: "SUNALERT", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256728-1", }, { name: "GLSA-200904-09", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200904-09.xml", }, { name: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", refsource: "MISC", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", }, { name: "ADV-2009-0976", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/0976", }, { name: "APPLE-SA-2009-05-12", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", }, { name: "USN-755-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/usn-755-1", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", }, { name: "ADV-2009-1057", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/1057", }, { name: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-001.txt", refsource: "CONFIRM", url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-001.txt", }, { name: "34617", refsource: "SECUNIA", url: "http://secunia.com/advisories/34617", }, { name: "34628", refsource: "SECUNIA", url: "http://secunia.com/advisories/34628", }, { name: "34734", refsource: "SECUNIA", url: "http://secunia.com/advisories/34734", }, { name: "ADV-2009-2248", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/2248", }, { name: "TA09-133A", refsource: "CERT", url: "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", }, { name: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", refsource: "MISC", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", }, { name: "ADV-2009-1297", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/1297", }, { name: "34622", refsource: "SECUNIA", url: "http://secunia.com/advisories/34622", }, { name: "FEDORA-2009-2852", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html", }, { name: "FEDORA-2009-2834", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html", }, { name: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", refsource: "CONFIRM", url: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", }, { name: "20090407 rPSA-2009-0058-1 krb5 krb5-server krb5-services krb5-test krb5-workstation", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/502546/100/0/threaded", }, { name: "34594", refsource: "SECUNIA", url: "http://secunia.com/advisories/34594", }, { name: "ADV-2009-1106", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/1106", }, { name: "HPSBUX02421", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=124896429301168&w=2", }, { name: "SSRT090047", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=124896429301168&w=2", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2009-0847", datePublished: "2009-04-09T00:00:00", dateReserved: "2009-03-06T00:00:00", dateUpdated: "2024-08-07T04:48:52.604Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-4342
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/68908 | vdb-entry, x_refsource_BID | |
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | x_refsource_CONFIRM | |
http://rhn.redhat.com/errata/RHSA-2015-0439.html | vendor-advisory, x_refsource_REDHAT | |
http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949 | x_refsource_CONFIRM | |
http://www.debian.org/security/2014/dsa-3000 | vendor-advisory, x_refsource_DEBIAN | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/94903 | vdb-entry, x_refsource_XF | |
http://www.mandriva.com/security/advisories?name=MDVSA-2014:165 | vendor-advisory, x_refsource_MANDRIVA | |
http://www.securitytracker.com/id/1030706 | vdb-entry, x_refsource_SECTRACK | |
http://secunia.com/advisories/60082 | third-party-advisory, x_refsource_SECUNIA | |
http://advisories.mageia.org/MGASA-2014-0345.html | x_refsource_CONFIRM | |
http://secunia.com/advisories/59102 | third-party-advisory, x_refsource_SECUNIA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T11:12:35.134Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73", }, { name: "68908", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/68908", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "RHSA-2015:0439", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0439.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949", }, { name: "DSA-3000", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-3000", }, { name: "mit-kerberos-cve20144342-dos(94903)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/94903", }, { name: "MDVSA-2014:165", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", }, { name: "1030706", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1030706", }, { name: "60082", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60082", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2014-0345.html", }, { name: "59102", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59102", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-06-27T00:00:00", descriptions: [ { lang: "en", value: "MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-19T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73", }, { name: "68908", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/68908", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "RHSA-2015:0439", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0439.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949", }, { name: "DSA-3000", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-3000", }, { name: "mit-kerberos-cve20144342-dos(94903)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/94903", }, { name: "MDVSA-2014:165", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", }, { name: "1030706", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1030706", }, { name: "60082", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60082", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2014-0345.html", }, { name: "59102", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59102", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-4342", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73", refsource: "CONFIRM", url: "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73", }, { name: "68908", refsource: "BID", url: "http://www.securityfocus.com/bid/68908", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "RHSA-2015:0439", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0439.html", }, { name: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949", refsource: "CONFIRM", url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949", }, { name: "DSA-3000", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-3000", }, { name: "mit-kerberos-cve20144342-dos(94903)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/94903", }, { name: "MDVSA-2014:165", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", }, { name: "1030706", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1030706", }, { name: "60082", refsource: "SECUNIA", url: "http://secunia.com/advisories/60082", }, { name: "http://advisories.mageia.org/MGASA-2014-0345.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2014-0345.html", }, { name: "59102", refsource: "SECUNIA", url: "http://secunia.com/advisories/59102", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-4342", datePublished: "2014-07-20T10:00:00", dateReserved: "2014-06-20T00:00:00", dateUpdated: "2024-08-06T11:12:35.134Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-0629
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T00:52:19.635Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=5998", }, { name: "DSA-2031", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2010/dsa-2031", }, { name: "ADV-2010-0876", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/0876", }, { name: "39247", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/39247", }, { name: "1023821", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1023821", }, { name: "39324", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/39324", }, { name: "39367", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/39367", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-003.txt", }, { name: "SUSE-SR:2010:009", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html", }, { name: "39290", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/39290", }, { name: "FEDORA-2010-6108", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038556.html", }, { name: "RHSA-2010:0343", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0343.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=567052", }, { name: "USN-924-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://ubuntu.com/usn/usn-924-1", }, { name: "oval:org.mitre.oval:def:9489", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9489", }, { name: "39264", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/39264", }, { name: "MDVSA-2010:071", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:071", }, { name: "20100406 MITKRB5-SA-2010-003 [CVE-2010-0629] denial of service in kadmind in older krb5 releases", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/510566/100/0/threaded", }, { name: "39315", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/39315", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-04-06T00:00:00", descriptions: [ { lang: "en", value: "Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=5998", }, { name: "DSA-2031", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2010/dsa-2031", }, { name: "ADV-2010-0876", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/0876", }, { name: "39247", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/39247", }, { name: "1023821", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1023821", }, { name: "39324", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/39324", }, { name: "39367", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/39367", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-003.txt", }, { name: "SUSE-SR:2010:009", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html", }, { name: "39290", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/39290", }, { name: "FEDORA-2010-6108", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038556.html", }, { name: "RHSA-2010:0343", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0343.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=567052", }, { name: "USN-924-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://ubuntu.com/usn/usn-924-1", }, { name: "oval:org.mitre.oval:def:9489", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9489", }, { name: "39264", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/39264", }, { name: "MDVSA-2010:071", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:071", }, { name: "20100406 MITKRB5-SA-2010-003 [CVE-2010-0629] denial of service in kadmind in older krb5 releases", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/510566/100/0/threaded", }, { name: "39315", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/39315", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2010-0629", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=5998", refsource: "CONFIRM", url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=5998", }, { name: "DSA-2031", refsource: "DEBIAN", url: "http://www.debian.org/security/2010/dsa-2031", }, { name: "ADV-2010-0876", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/0876", }, { name: "39247", refsource: "BID", url: "http://www.securityfocus.com/bid/39247", }, { name: "1023821", refsource: "SECTRACK", url: "http://securitytracker.com/id?1023821", }, { name: "39324", refsource: "SECUNIA", url: "http://secunia.com/advisories/39324", }, { name: "39367", refsource: "SECUNIA", url: "http://secunia.com/advisories/39367", }, { name: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-003.txt", refsource: "CONFIRM", url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-003.txt", }, { name: "SUSE-SR:2010:009", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html", }, { name: "39290", refsource: "SECUNIA", url: "http://secunia.com/advisories/39290", }, { name: "FEDORA-2010-6108", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038556.html", }, { name: "RHSA-2010:0343", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2010-0343.html", }, { name: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=567052", refsource: "CONFIRM", url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=567052", }, { name: "USN-924-1", refsource: "UBUNTU", url: "http://ubuntu.com/usn/usn-924-1", }, { name: "oval:org.mitre.oval:def:9489", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9489", }, { name: "39264", refsource: "SECUNIA", url: "http://secunia.com/advisories/39264", }, { name: "MDVSA-2010:071", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:071", }, { name: "20100406 MITKRB5-SA-2010-003 [CVE-2010-0629] denial of service in kadmind in older krb5 releases", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/510566/100/0/threaded", }, { name: "39315", refsource: "SECUNIA", url: "http://secunia.com/advisories/39315", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2010-0629", datePublished: "2010-04-07T15:00:00", dateReserved: "2010-02-12T00:00:00", dateUpdated: "2024-08-07T00:52:19.635Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2011-0281
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T21:51:07.754Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "MDVSA-2011:025", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:025", }, { name: "46265", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/46265", }, { name: "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/520102/100/0/threaded", }, { name: "46397", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/46397", }, { name: "ADV-2011-0347", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0347", }, { name: "43260", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43260", }, { name: "ADV-2011-0333", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0333", }, { name: "RHSA-2011:0199", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0199.html", }, { name: "43273", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43273", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt", }, { name: "20110208 MITKRB5-SA-2011-002 KDC denial of service attacks [CVE-2011-0281 CVE-2011-0282 CVE-2011-0283]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/516299/100/0/threaded", }, { name: "1025037", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1025037", }, { name: "SUSE-SR:2011:004", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", }, { name: "MDVSA-2011:024", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:024", }, { name: "ADV-2011-0464", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0464", }, { name: "8073", tags: [ "third-party-advisory", "x_refsource_SREASON", "x_transferred", ], url: "http://securityreason.com/securityalert/8073", }, { name: "kerberos-ldap-descriptor-dos(65324)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65324", }, { name: "ADV-2011-0330", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0330", }, { name: "[kerberos] 20101222 LDAP handle unavailable: Can't contact LDAP server", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://mailman.mit.edu/pipermail/kerberos/2010-December/016800.html", }, { name: "43275", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43275", }, { name: "RHSA-2011:0200", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0200.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-12-22T00:00:00", descriptions: [ { lang: "en", value: "The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \\n sequence.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "MDVSA-2011:025", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:025", }, { name: "46265", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/46265", }, { name: "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/520102/100/0/threaded", }, { name: "46397", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/46397", }, { name: "ADV-2011-0347", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0347", }, { name: "43260", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43260", }, { name: "ADV-2011-0333", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0333", }, { name: "RHSA-2011:0199", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0199.html", }, { name: "43273", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43273", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt", }, { name: "20110208 MITKRB5-SA-2011-002 KDC denial of service attacks [CVE-2011-0281 CVE-2011-0282 CVE-2011-0283]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/516299/100/0/threaded", }, { name: "1025037", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1025037", }, { name: "SUSE-SR:2011:004", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", }, { name: "MDVSA-2011:024", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:024", }, { name: "ADV-2011-0464", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0464", }, { name: "8073", tags: [ "third-party-advisory", "x_refsource_SREASON", ], url: "http://securityreason.com/securityalert/8073", }, { name: "kerberos-ldap-descriptor-dos(65324)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65324", }, { name: "ADV-2011-0330", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0330", }, { name: "[kerberos] 20101222 LDAP handle unavailable: Can't contact LDAP server", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://mailman.mit.edu/pipermail/kerberos/2010-December/016800.html", }, { name: "43275", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43275", }, { name: "RHSA-2011:0200", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2011-0200.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2011-0281", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \\n sequence.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "MDVSA-2011:025", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:025", }, { name: "46265", refsource: "BID", url: "http://www.securityfocus.com/bid/46265", }, { name: "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/520102/100/0/threaded", }, { name: "46397", refsource: "SECUNIA", url: "http://secunia.com/advisories/46397", }, { name: "ADV-2011-0347", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0347", }, { name: "43260", refsource: "SECUNIA", url: "http://secunia.com/advisories/43260", }, { name: "ADV-2011-0333", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0333", }, { name: "RHSA-2011:0199", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2011-0199.html", }, { name: "43273", refsource: "SECUNIA", url: "http://secunia.com/advisories/43273", }, { name: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt", refsource: "CONFIRM", url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt", }, { name: "20110208 MITKRB5-SA-2011-002 KDC denial of service attacks [CVE-2011-0281 CVE-2011-0282 CVE-2011-0283]", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/516299/100/0/threaded", }, { name: "1025037", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1025037", }, { name: "SUSE-SR:2011:004", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html", }, { name: "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", }, { name: "MDVSA-2011:024", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:024", }, { name: "ADV-2011-0464", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0464", }, { name: "8073", refsource: "SREASON", url: "http://securityreason.com/securityalert/8073", }, { name: "kerberos-ldap-descriptor-dos(65324)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65324", }, { name: "ADV-2011-0330", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0330", }, { name: "[kerberos] 20101222 LDAP handle unavailable: Can't contact LDAP server", refsource: "MLIST", url: "http://mailman.mit.edu/pipermail/kerberos/2010-December/016800.html", }, { name: "43275", refsource: "SECUNIA", url: "http://secunia.com/advisories/43275", }, { name: "RHSA-2011:0200", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2011-0200.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2011-0281", datePublished: "2011-02-10T17:00:00", dateReserved: "2011-01-03T00:00:00", dateUpdated: "2024-08-06T21:51:07.754Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2000-0549
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.cert.org/advisories/CA-2000-11.html | third-party-advisory, x_refsource_CERT | |
http://ciac.llnl.gov/ciac/bulletins/k-051.shtml | third-party-advisory, government-resource, x_refsource_CIAC | |
http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html | mailing-list, x_refsource_BUGTRAQ | |
http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt | x_refsource_CONFIRM | |
http://www.redhat.com/support/errata/RHSA-2000-031.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T05:21:31.092Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "CA-2000-11", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.cert.org/advisories/CA-2000-11.html", }, { name: "K-051", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred", ], url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { name: "20000609 Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, { name: "RHSA-2000:031", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2000-031.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2000-06-09T00:00:00", descriptions: [ { lang: "en", value: "Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2004-09-02T09:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "CA-2000-11", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.cert.org/advisories/CA-2000-11.html", }, { name: "K-051", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", ], url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { name: "20000609 Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, { name: "RHSA-2000:031", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2000-031.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2000-0549", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "CA-2000-11", refsource: "CERT", url: "http://www.cert.org/advisories/CA-2000-11.html", }, { name: "K-051", refsource: "CIAC", url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { name: "20000609 Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC", refsource: "BUGTRAQ", url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { name: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", refsource: "CONFIRM", url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, { name: "RHSA-2000:031", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2000-031.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2000-0549", datePublished: "2000-10-13T04:00:00", dateReserved: "2000-07-11T00:00:00", dateUpdated: "2024-08-08T05:21:31.092Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2000-0390
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html | vendor-advisory, x_refsource_FREEBSD | |
http://www.redhat.com/support/errata/RHSA-2000-025.html | vendor-advisory, x_refsource_REDHAT | |
http://www.osvdb.org/4884 | vdb-entry, x_refsource_OSVDB | |
http://www.cert.org/advisories/CA-2000-06.html | third-party-advisory, x_refsource_CERT | |
http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html | mailing-list, x_refsource_BUGTRAQ | |
http://www.securityfocus.com/bid/1220 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T05:14:21.484Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "FreeBSD-SA-00:20", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html", }, { name: "RHSA-2000:025", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2000-025.html", }, { name: "4884", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/4884", }, { name: "CA-2000-06", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.cert.org/advisories/CA-2000-06.html", }, { name: "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html", }, { name: "1220", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/1220", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2000-05-16T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2004-09-02T09:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "FreeBSD-SA-00:20", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html", }, { name: "RHSA-2000:025", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2000-025.html", }, { name: "4884", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/4884", }, { name: "CA-2000-06", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.cert.org/advisories/CA-2000-06.html", }, { name: "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html", }, { name: "1220", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/1220", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2000-0390", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "FreeBSD-SA-00:20", refsource: "FREEBSD", url: "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html", }, { name: "RHSA-2000:025", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2000-025.html", }, { name: "4884", refsource: "OSVDB", url: "http://www.osvdb.org/4884", }, { name: "CA-2000-06", refsource: "CERT", url: "http://www.cert.org/advisories/CA-2000-06.html", }, { name: "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", refsource: "BUGTRAQ", url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html", }, { name: "1220", refsource: "BID", url: "http://www.securityfocus.com/bid/1220", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2000-0390", datePublished: "2000-07-12T04:00:00", dateReserved: "2000-06-14T00:00:00", dateUpdated: "2024-08-08T05:14:21.484Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2003-0138
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T01:43:36.035Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-269", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2003/dsa-269", }, { name: "RHSA-2003:052", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2003-052.html", }, { name: "20030331 GLSA: krb5 & mit-krb5 (200303-28)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt", }, { name: "oval:org.mitre.oval:def:248", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A248", }, { name: "RHSA-2003:091", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2003-091.html", }, { name: "DSA-273", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2003/dsa-273", }, { name: "RHSA-2003:051", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2003-051.html", }, { name: "VU#623217", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/623217", }, { name: "DSA-266", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2003/dsa-266", }, { name: "20030317 MITKRB5-SA-2003-004: Cryptographic weaknesses in Kerberos v4 protocol", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=104791775804776&w=2", }, { name: "7113", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/7113", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2003-03-17T00:00:00", descriptions: [ { lang: "en", value: "Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-19T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-269", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2003/dsa-269", }, { name: "RHSA-2003:052", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2003-052.html", }, { name: "20030331 GLSA: krb5 & mit-krb5 (200303-28)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt", }, { name: "oval:org.mitre.oval:def:248", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A248", }, { name: "RHSA-2003:091", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2003-091.html", }, { name: "DSA-273", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2003/dsa-273", }, { name: "RHSA-2003:051", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2003-051.html", }, { name: "VU#623217", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/623217", }, { name: "DSA-266", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2003/dsa-266", }, { name: "20030317 MITKRB5-SA-2003-004: Cryptographic weaknesses in Kerberos v4 protocol", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=104791775804776&w=2", }, { name: "7113", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/7113", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2003-0138", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-269", refsource: "DEBIAN", url: "http://www.debian.org/security/2003/dsa-269", }, { name: "RHSA-2003:052", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-052.html", }, { name: "20030331 GLSA: krb5 & mit-krb5 (200303-28)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", }, { name: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt", refsource: "CONFIRM", url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt", }, { name: "oval:org.mitre.oval:def:248", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A248", }, { name: "RHSA-2003:091", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-091.html", }, { name: "DSA-273", refsource: "DEBIAN", url: "http://www.debian.org/security/2003/dsa-273", }, { name: "RHSA-2003:051", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-051.html", }, { name: "VU#623217", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/623217", }, { name: "DSA-266", refsource: "DEBIAN", url: "http://www.debian.org/security/2003/dsa-266", }, { name: "20030317 MITKRB5-SA-2003-004: Cryptographic weaknesses in Kerberos v4 protocol", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=104791775804776&w=2", }, { name: "7113", refsource: "BID", url: "http://www.securityfocus.com/bid/7113", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2003-0138", datePublished: "2003-03-21T05:00:00", dateReserved: "2003-03-13T00:00:00", dateUpdated: "2024-08-08T01:43:36.035Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2000-0391
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html | vendor-advisory, x_refsource_FREEBSD | |
http://www.osvdb.org/4876 | vdb-entry, x_refsource_OSVDB | |
http://www.redhat.com/support/errata/RHSA-2000-025.html | vendor-advisory, x_refsource_REDHAT | |
http://www.cert.org/advisories/CA-2000-06.html | third-party-advisory, x_refsource_CERT | |
http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html | mailing-list, x_refsource_BUGTRAQ | |
http://www.securityfocus.com/bid/1220 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T05:14:21.492Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "FreeBSD-SA-00:20", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html", }, { name: "4876", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/4876", }, { name: "RHSA-2000:025", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2000-025.html", }, { name: "CA-2000-06", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.cert.org/advisories/CA-2000-06.html", }, { name: "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html", }, { name: "1220", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/1220", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2000-05-16T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2004-09-02T09:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "FreeBSD-SA-00:20", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html", }, { name: "4876", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/4876", }, { name: "RHSA-2000:025", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2000-025.html", }, { name: "CA-2000-06", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.cert.org/advisories/CA-2000-06.html", }, { name: "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html", }, { name: "1220", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/1220", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2000-0391", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "FreeBSD-SA-00:20", refsource: "FREEBSD", url: "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html", }, { name: "4876", refsource: "OSVDB", url: "http://www.osvdb.org/4876", }, { name: "RHSA-2000:025", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2000-025.html", }, { name: "CA-2000-06", refsource: "CERT", url: "http://www.cert.org/advisories/CA-2000-06.html", }, { name: "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", refsource: "BUGTRAQ", url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html", }, { name: "1220", refsource: "BID", url: "http://www.securityfocus.com/bid/1220", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2000-0391", datePublished: "2000-07-12T04:00:00", dateReserved: "2000-06-14T00:00:00", dateUpdated: "2024-08-08T05:14:21.492Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-1999-1321
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://lists.netspace.org/cgi-bin/wa?A2=ind9811A&L=bugtraq&P=R4814 | mailing-list, x_refsource_BUGTRAQ | |
http://www.osvdb.org/4883 | vdb-entry, x_refsource_OSVDB |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-01T17:11:02.751Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "19981105 security patch for ssh-1.2.26 kerberos code", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://lists.netspace.org/cgi-bin/wa?A2=ind9811A&L=bugtraq&P=R4814", }, { name: "4883", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/4883", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "1998-11-05T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could allow remote attackers to cause a denial of service or execute arbitrary commands via a long DNS hostname that is not properly handled during TGT ticket passing.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2002-03-01T10:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "19981105 security patch for ssh-1.2.26 kerberos code", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://lists.netspace.org/cgi-bin/wa?A2=ind9811A&L=bugtraq&P=R4814", }, { name: "4883", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/4883", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-1999-1321", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could allow remote attackers to cause a denial of service or execute arbitrary commands via a long DNS hostname that is not properly handled during TGT ticket passing.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "19981105 security patch for ssh-1.2.26 kerberos code", refsource: "BUGTRAQ", url: "http://lists.netspace.org/cgi-bin/wa?A2=ind9811A&L=bugtraq&P=R4814", }, { name: "4883", refsource: "OSVDB", url: "http://www.osvdb.org/4883", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-1999-1321", datePublished: "2002-03-09T05:00:00", dateReserved: "2001-08-31T00:00:00", dateUpdated: "2024-08-01T17:11:02.751Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-5354
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-updates/2015-03/msg00061.html | vendor-advisory, x_refsource_SUSE | |
http://www.securityfocus.com/bid/71680 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1031376 | vdb-entry, x_refsource_SECTRACK | |
http://www.ubuntu.com/usn/USN-2498-1 | vendor-advisory, x_refsource_UBUNTU | |
https://github.com/krb5/krb5/commit/04038bf3633c4b909b5ded3072dc88c8c419bf16 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T11:41:49.227Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "openSUSE-SU-2015:0542", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00061.html", }, { name: "71680", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/71680", }, { name: "1031376", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1031376", }, { name: "USN-2498-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2498-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/krb5/krb5/commit/04038bf3633c4b909b5ded3072dc88c8c419bf16", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-11-19T00:00:00", descriptions: [ { lang: "en", value: "plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by creating a database entry for a keyless principal, as demonstrated by a kadmin \"add_principal -nokey\" or \"purgekeys -all\" command.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-30T16:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "openSUSE-SU-2015:0542", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00061.html", }, { name: "71680", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/71680", }, { name: "1031376", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1031376", }, { name: "USN-2498-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2498-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/krb5/krb5/commit/04038bf3633c4b909b5ded3072dc88c8c419bf16", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-5354", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by creating a database entry for a keyless principal, as demonstrated by a kadmin \"add_principal -nokey\" or \"purgekeys -all\" command.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "openSUSE-SU-2015:0542", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-03/msg00061.html", }, { name: "71680", refsource: "BID", url: "http://www.securityfocus.com/bid/71680", }, { name: "1031376", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1031376", }, { name: "USN-2498-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2498-1", }, { name: "https://github.com/krb5/krb5/commit/04038bf3633c4b909b5ded3072dc88c8c419bf16", refsource: "CONFIRM", url: "https://github.com/krb5/krb5/commit/04038bf3633c4b909b5ded3072dc88c8c419bf16", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-5354", datePublished: "2014-12-16T23:00:00", dateReserved: "2014-08-19T00:00:00", dateUpdated: "2024-08-06T11:41:49.227Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2000-0392
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html | vendor-advisory, x_refsource_FREEBSD | |
http://www.redhat.com/support/errata/RHSA-2000-025.html | vendor-advisory, x_refsource_REDHAT | |
http://www.cert.org/advisories/CA-2000-06.html | third-party-advisory, x_refsource_CERT | |
http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html | mailing-list, x_refsource_BUGTRAQ | |
http://www.securityfocus.com/bid/1220 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T05:14:21.512Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "FreeBSD-SA-00:20", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html", }, { name: "RHSA-2000:025", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2000-025.html", }, { name: "CA-2000-06", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.cert.org/advisories/CA-2000-06.html", }, { name: "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html", }, { name: "1220", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/1220", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2000-05-16T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2004-09-02T09:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "FreeBSD-SA-00:20", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html", }, { name: "RHSA-2000:025", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2000-025.html", }, { name: "CA-2000-06", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.cert.org/advisories/CA-2000-06.html", }, { name: "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html", }, { name: "1220", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/1220", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2000-0392", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "FreeBSD-SA-00:20", refsource: "FREEBSD", url: "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html", }, { name: "RHSA-2000:025", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2000-025.html", }, { name: "CA-2000-06", refsource: "CERT", url: "http://www.cert.org/advisories/CA-2000-06.html", }, { name: "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", refsource: "BUGTRAQ", url: "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html", }, { name: "1220", refsource: "BID", url: "http://www.securityfocus.com/bid/1220", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2000-0392", datePublished: "2000-07-12T04:00:00", dateReserved: "2000-06-14T00:00:00", dateUpdated: "2024-08-08T05:14:21.512Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2000-0550
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.cert.org/advisories/CA-2000-11.html | third-party-advisory, x_refsource_CERT | |
http://ciac.llnl.gov/ciac/bulletins/k-051.shtml | third-party-advisory, government-resource, x_refsource_CIAC | |
http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html | mailing-list, x_refsource_BUGTRAQ | |
http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt | x_refsource_CONFIRM | |
http://www.redhat.com/support/errata/RHSA-2000-031.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/1465 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T05:21:31.202Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "CA-2000-11", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.cert.org/advisories/CA-2000-11.html", }, { name: "K-051", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred", ], url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { name: "20000609 Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, { name: "RHSA-2000:031", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2000-031.html", }, { name: "1465", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/1465", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2000-06-09T00:00:00", descriptions: [ { lang: "en", value: "Kerberos 4 KDC program improperly frees memory twice (aka \"double-free\"), which allows remote attackers to cause a denial of service.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2004-09-02T09:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "CA-2000-11", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.cert.org/advisories/CA-2000-11.html", }, { name: "K-051", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", ], url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { name: "20000609 Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, { name: "RHSA-2000:031", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2000-031.html", }, { name: "1465", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/1465", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2000-0550", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Kerberos 4 KDC program improperly frees memory twice (aka \"double-free\"), which allows remote attackers to cause a denial of service.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "CA-2000-11", refsource: "CERT", url: "http://www.cert.org/advisories/CA-2000-11.html", }, { name: "K-051", refsource: "CIAC", url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { name: "20000609 Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC", refsource: "BUGTRAQ", url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { name: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", refsource: "CONFIRM", url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, { name: "RHSA-2000:031", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2000-031.html", }, { name: "1465", refsource: "BID", url: "http://www.securityfocus.com/bid/1465", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2000-0550", datePublished: "2000-10-13T04:00:00", dateReserved: "2000-07-11T00:00:00", dateUpdated: "2024-08-08T05:21:31.202Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2003-0139
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T01:43:36.020Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2003:052", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2003-052.html", }, { name: "20030331 GLSA: krb5 & mit-krb5 (200303-28)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", }, { name: "VU#442569", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/442569", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt", }, { name: "RHSA-2003:091", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2003-091.html", }, { name: "DSA-273", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2003/dsa-273", }, { name: "oval:org.mitre.oval:def:250", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A250", }, { name: "RHSA-2003:051", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2003-051.html", }, { name: "20030319 MITKRB5-SA-2003-004: Cryptographic weaknesses in Kerberos v4", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=104791775804776&w=2", }, { name: "DSA-266", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2003/dsa-266", }, { name: "20030330 GLSA: openafs (200303-26)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/317130/30/25250/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2003-03-19T00:00:00", descriptions: [ { lang: "en", value: "Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an attacker to create krb4 tickets for unauthorized principals using a cut-and-paste attack and \"ticket splicing.\"", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-19T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2003:052", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2003-052.html", }, { name: "20030331 GLSA: krb5 & mit-krb5 (200303-28)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", }, { name: "VU#442569", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/442569", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt", }, { name: "RHSA-2003:091", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2003-091.html", }, { name: "DSA-273", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2003/dsa-273", }, { name: "oval:org.mitre.oval:def:250", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A250", }, { name: "RHSA-2003:051", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2003-051.html", }, { name: "20030319 MITKRB5-SA-2003-004: Cryptographic weaknesses in Kerberos v4", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=104791775804776&w=2", }, { name: "DSA-266", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2003/dsa-266", }, { name: "20030330 GLSA: openafs (200303-26)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/317130/30/25250/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2003-0139", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an attacker to create krb4 tickets for unauthorized principals using a cut-and-paste attack and \"ticket splicing.\"", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2003:052", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-052.html", }, { name: "20030331 GLSA: krb5 & mit-krb5 (200303-28)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", }, { name: "VU#442569", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/442569", }, { name: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt", refsource: "CONFIRM", url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt", }, { name: "RHSA-2003:091", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-091.html", }, { name: "DSA-273", refsource: "DEBIAN", url: "http://www.debian.org/security/2003/dsa-273", }, { name: "oval:org.mitre.oval:def:250", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A250", }, { name: "RHSA-2003:051", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-051.html", }, { name: "20030319 MITKRB5-SA-2003-004: Cryptographic weaknesses in Kerberos v4", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=104791775804776&w=2", }, { name: "DSA-266", refsource: "DEBIAN", url: "http://www.debian.org/security/2003/dsa-266", }, { name: "20030330 GLSA: openafs (200303-26)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/317130/30/25250/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2003-0139", datePublished: "2003-03-21T05:00:00", dateReserved: "2003-03-13T00:00:00", dateUpdated: "2024-08-08T01:43:36.020Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2009-0846
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T04:48:52.498Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20090701 VMSA-2009-0008 ESX Service Console update for krb5", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/504683/100/0/threaded", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", }, { name: "oval:org.mitre.oval:def:6301", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6301", }, { name: "MDVSA-2009:098", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:098", }, { name: "VU#662091", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/662091", }, { name: "20090407 MITKRB5-SA-2009-002: ASN.1 decoder frees uninitialized pointer [CVE-2009-0846]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/502527/100/0/threaded", }, { name: "ADV-2009-0960", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/0960", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.apple.com/kb/HT3549", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", }, { name: "35667", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/35667", }, { name: "RHSA-2009:0408", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2009-0408.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2009-0008.html", }, { name: "34637", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34637", }, { name: "SSRT100495", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { name: "ADV-2009-2084", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/2084", }, { name: "oval:org.mitre.oval:def:10694", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10694", }, { name: "34640", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34640", }, { name: "35074", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/35074", }, { name: "256728", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256728-1", }, { name: "GLSA-200904-09", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200904-09.xml", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", }, { name: "ADV-2009-0976", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/0976", }, { name: "APPLE-SA-2009-05-12", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", }, { name: "USN-755-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/usn-755-1", }, { name: "34630", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34630", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", }, { name: "oval:org.mitre.oval:def:5483", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5483", }, { name: "ADV-2009-1057", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/1057", }, { name: "34617", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34617", }, { name: "34628", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34628", }, { name: "34734", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34734", }, { name: "ADV-2009-2248", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/2248", }, { name: "TA09-133A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", }, { name: "34598", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34598", }, { name: "RHSA-2009:0409", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2009-0409.html", }, { name: "ADV-2009-1297", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/1297", }, { name: "34622", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34622", }, { name: "1021994", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1021994", }, { name: "FEDORA-2009-2852", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html", }, { name: "FEDORA-2009-2834", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html", }, { name: "RHSA-2009:0410", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2009-0410.html", }, { name: "[security-announce] 20090701 VMSA-2009-0008 ESX Service Console update for krb5", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lists.vmware.com/pipermail/security-announce/2009/000059.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", }, { name: "20090407 rPSA-2009-0058-1 krb5 krb5-server krb5-services krb5-test krb5-workstation", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/502546/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-002.txt", }, { name: "HPSBOV02682", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { name: "34594", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34594", }, { name: "ADV-2009-1106", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/1106", }, { name: "HPSBUX02421", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=124896429301168&w=2", }, { name: "34409", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/34409", }, { name: "SSRT090047", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=124896429301168&w=2", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2009-04-07T00:00:00", descriptions: [ { lang: "en", value: "The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20090701 VMSA-2009-0008 ESX Service Console update for krb5", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/504683/100/0/threaded", }, { tags: [ "x_refsource_MISC", ], url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", }, { name: "oval:org.mitre.oval:def:6301", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6301", }, { name: "MDVSA-2009:098", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:098", }, { name: "VU#662091", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/662091", }, { name: "20090407 MITKRB5-SA-2009-002: ASN.1 decoder frees uninitialized pointer [CVE-2009-0846]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/502527/100/0/threaded", }, { name: "ADV-2009-0960", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/0960", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.apple.com/kb/HT3549", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", }, { name: "35667", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/35667", }, { name: "RHSA-2009:0408", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2009-0408.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2009-0008.html", }, { name: "34637", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34637", }, { name: "SSRT100495", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { name: "ADV-2009-2084", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/2084", }, { name: "oval:org.mitre.oval:def:10694", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10694", }, { name: "34640", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34640", }, { name: "35074", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/35074", }, { name: "256728", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256728-1", }, { name: "GLSA-200904-09", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200904-09.xml", }, { tags: [ "x_refsource_MISC", ], url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", }, { name: "ADV-2009-0976", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/0976", }, { name: "APPLE-SA-2009-05-12", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", }, { name: "USN-755-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/usn-755-1", }, { name: "34630", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34630", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", }, { name: "oval:org.mitre.oval:def:5483", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5483", }, { name: "ADV-2009-1057", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/1057", }, { name: "34617", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34617", }, { name: "34628", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34628", }, { name: "34734", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34734", }, { name: "ADV-2009-2248", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/2248", }, { name: "TA09-133A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", }, { tags: [ "x_refsource_MISC", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", }, { name: "34598", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34598", }, { name: "RHSA-2009:0409", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2009-0409.html", }, { name: "ADV-2009-1297", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/1297", }, { name: "34622", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34622", }, { name: "1021994", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1021994", }, { name: "FEDORA-2009-2852", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html", }, { name: "FEDORA-2009-2834", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html", }, { name: "RHSA-2009:0410", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2009-0410.html", }, { name: "[security-announce] 20090701 VMSA-2009-0008 ESX Service Console update for krb5", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lists.vmware.com/pipermail/security-announce/2009/000059.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", }, { name: "20090407 rPSA-2009-0058-1 krb5 krb5-server krb5-services krb5-test krb5-workstation", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/502546/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-002.txt", }, { name: "HPSBOV02682", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { name: "34594", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34594", }, { name: "ADV-2009-1106", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/1106", }, { name: "HPSBUX02421", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=124896429301168&w=2", }, { name: "34409", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/34409", }, { name: "SSRT090047", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=124896429301168&w=2", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2009-0846", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20090701 VMSA-2009-0008 ESX Service Console update for krb5", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/504683/100/0/threaded", }, { name: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", refsource: "MISC", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", }, { name: "oval:org.mitre.oval:def:6301", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6301", }, { name: "MDVSA-2009:098", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:098", }, { name: "VU#662091", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/662091", }, { name: "20090407 MITKRB5-SA-2009-002: ASN.1 decoder frees uninitialized pointer [CVE-2009-0846]", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/502527/100/0/threaded", }, { name: "ADV-2009-0960", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/0960", }, { name: "http://support.apple.com/kb/HT3549", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT3549", }, { name: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", refsource: "CONFIRM", url: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", }, { name: "35667", refsource: "SECUNIA", url: "http://secunia.com/advisories/35667", }, { name: "RHSA-2009:0408", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2009-0408.html", }, { name: "http://www.vmware.com/security/advisories/VMSA-2009-0008.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2009-0008.html", }, { name: "34637", refsource: "SECUNIA", url: "http://secunia.com/advisories/34637", }, { name: "SSRT100495", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { name: "ADV-2009-2084", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/2084", }, { name: "oval:org.mitre.oval:def:10694", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10694", }, { name: "34640", refsource: "SECUNIA", url: "http://secunia.com/advisories/34640", }, { name: "35074", refsource: "SECUNIA", url: "http://secunia.com/advisories/35074", }, { name: "256728", refsource: "SUNALERT", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256728-1", }, { name: "GLSA-200904-09", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200904-09.xml", }, { name: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", refsource: "MISC", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", }, { name: "ADV-2009-0976", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/0976", }, { name: "APPLE-SA-2009-05-12", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", }, { name: "USN-755-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/usn-755-1", }, { name: "34630", refsource: "SECUNIA", url: "http://secunia.com/advisories/34630", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", }, { name: "oval:org.mitre.oval:def:5483", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5483", }, { name: "ADV-2009-1057", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/1057", }, { name: "34617", refsource: "SECUNIA", url: "http://secunia.com/advisories/34617", }, { name: "34628", refsource: "SECUNIA", url: "http://secunia.com/advisories/34628", }, { name: "34734", refsource: "SECUNIA", url: "http://secunia.com/advisories/34734", }, { name: "ADV-2009-2248", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/2248", }, { name: "TA09-133A", refsource: "CERT", url: "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", }, { name: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", refsource: "MISC", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", }, { name: "34598", refsource: "SECUNIA", url: "http://secunia.com/advisories/34598", }, { name: "RHSA-2009:0409", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2009-0409.html", }, { name: "ADV-2009-1297", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/1297", }, { name: "34622", refsource: "SECUNIA", url: "http://secunia.com/advisories/34622", }, { name: "1021994", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1021994", }, { name: "FEDORA-2009-2852", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html", }, { name: "FEDORA-2009-2834", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html", }, { name: "RHSA-2009:0410", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2009-0410.html", }, { name: "[security-announce] 20090701 VMSA-2009-0008 ESX Service Console update for krb5", refsource: "MLIST", url: "http://lists.vmware.com/pipermail/security-announce/2009/000059.html", }, { name: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", refsource: "CONFIRM", url: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", }, { name: "20090407 rPSA-2009-0058-1 krb5 krb5-server krb5-services krb5-test krb5-workstation", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/502546/100/0/threaded", }, { name: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-002.txt", refsource: "CONFIRM", url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-002.txt", }, { name: "HPSBOV02682", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=130497213107107&w=2", }, { name: "34594", refsource: "SECUNIA", url: "http://secunia.com/advisories/34594", }, { name: "ADV-2009-1106", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/1106", }, { name: "HPSBUX02421", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=124896429301168&w=2", }, { name: "34409", refsource: "BID", url: "http://www.securityfocus.com/bid/34409", }, { name: "SSRT090047", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=124896429301168&w=2", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2009-0846", datePublished: "2009-04-09T00:00:00", dateReserved: "2009-03-06T00:00:00", dateUpdated: "2024-08-07T04:48:52.498Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2000-0548
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.cert.org/advisories/CA-2000-11.html | third-party-advisory, x_refsource_CERT | |
http://ciac.llnl.gov/ciac/bulletins/k-051.shtml | third-party-advisory, government-resource, x_refsource_CIAC | |
http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html | mailing-list, x_refsource_BUGTRAQ | |
http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt | x_refsource_CONFIRM | |
http://www.redhat.com/support/errata/RHSA-2000-031.html | vendor-advisory, x_refsource_REDHAT | |
http://www.osvdb.org/4875 | vdb-entry, x_refsource_OSVDB |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T05:21:31.013Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "CA-2000-11", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.cert.org/advisories/CA-2000-11.html", }, { name: "K-051", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred", ], url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { name: "20000609 Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, { name: "RHSA-2000:031", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2000-031.html", }, { name: "4875", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/4875", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2000-06-09T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the e_msg variable in the kerb_err_reply function.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2004-09-02T09:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "CA-2000-11", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.cert.org/advisories/CA-2000-11.html", }, { name: "K-051", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", ], url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { name: "20000609 Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, { name: "RHSA-2000:031", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2000-031.html", }, { name: "4875", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/4875", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2000-0548", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the e_msg variable in the kerb_err_reply function.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "CA-2000-11", refsource: "CERT", url: "http://www.cert.org/advisories/CA-2000-11.html", }, { name: "K-051", refsource: "CIAC", url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { name: "20000609 Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC", refsource: "BUGTRAQ", url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { name: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", refsource: "CONFIRM", url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, { name: "RHSA-2000:031", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2000-031.html", }, { name: "4875", refsource: "OSVDB", url: "http://www.osvdb.org/4875", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2000-0548", datePublished: "2000-10-13T04:00:00", dateReserved: "2000-07-11T00:00:00", dateUpdated: "2024-08-08T05:21:31.013Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-11368
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970 | x_refsource_CONFIRM | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4HNWXM6OQU7G23MG7XWIOBRGP43ECLDT/ | vendor-advisory, x_refsource_FEDORA | |
https://access.redhat.com/errata/RHSA-2018:0666 | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/100291 | vdb-entry, x_refsource_BID | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBUTXMNZWMVJLQ4NDX5OQFPUVCJRLV3W/ | vendor-advisory, x_refsource_FEDORA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T18:05:30.590Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970", }, { name: "FEDORA-2017-e5b36383f4", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4HNWXM6OQU7G23MG7XWIOBRGP43ECLDT/", }, { name: "RHSA-2018:0666", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:0666", }, { name: "100291", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/100291", }, { name: "FEDORA-2017-8e9d9771c4", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBUTXMNZWMVJLQ4NDX5OQFPUVCJRLV3W/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-07-13T00:00:00", descriptions: [ { lang: "en", value: "In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-04-11T09:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970", }, { name: "FEDORA-2017-e5b36383f4", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4HNWXM6OQU7G23MG7XWIOBRGP43ECLDT/", }, { name: "RHSA-2018:0666", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:0666", }, { name: "100291", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/100291", }, { name: "FEDORA-2017-8e9d9771c4", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBUTXMNZWMVJLQ4NDX5OQFPUVCJRLV3W/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-11368", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970", refsource: "CONFIRM", url: "https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970", }, { name: "FEDORA-2017-e5b36383f4", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HNWXM6OQU7G23MG7XWIOBRGP43ECLDT/", }, { name: "RHSA-2018:0666", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:0666", }, { name: "100291", refsource: "BID", url: "http://www.securityfocus.com/bid/100291", }, { name: "FEDORA-2017-8e9d9771c4", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBUTXMNZWMVJLQ4NDX5OQFPUVCJRLV3W/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-11368", datePublished: "2017-08-09T18:00:00", dateReserved: "2017-07-17T00:00:00", dateUpdated: "2024-08-05T18:05:30.590Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-5709
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow | x_refsource_MISC | |
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T05:40:51.202Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { name: "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-16T00:00:00", descriptions: [ { lang: "en", value: "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable \"dbentry->n_key_data\" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a \"u4\" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-25T16:06:34", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { name: "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-5709", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable \"dbentry->n_key_data\" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a \"u4\" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", refsource: "MISC", url: "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow", }, { name: "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-5709", datePublished: "2018-01-16T09:00:00", dateReserved: "2018-01-16T00:00:00", dateUpdated: "2024-08-05T05:40:51.202Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2003-0082
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T01:43:35.215Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2003:052", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2003-052.html", }, { name: "20030331 GLSA: krb5 & mit-krb5 (200303-28)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt", }, { name: "7185", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/7185", }, { name: "RHSA-2003:091", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2003-091.html", }, { name: "oval:org.mitre.oval:def:4430", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4430", }, { name: "oval:org.mitre.oval:def:244", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A244", }, { name: "RHSA-2003:051", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2003-051.html", }, { name: "DSA-266", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2003/dsa-266", }, { name: "54042", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-54042-1", }, { name: "oval:org.mitre.oval:def:2536", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2536", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2003-03-19T00:00:00", descriptions: [ { lang: "en", value: "The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap (aka \"buffer underrun\").", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-19T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2003:052", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2003-052.html", }, { name: "20030331 GLSA: krb5 & mit-krb5 (200303-28)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt", }, { name: "7185", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/7185", }, { name: "RHSA-2003:091", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2003-091.html", }, { name: "oval:org.mitre.oval:def:4430", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4430", }, { name: "oval:org.mitre.oval:def:244", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A244", }, { name: "RHSA-2003:051", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2003-051.html", }, { name: "DSA-266", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2003/dsa-266", }, { name: "54042", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-54042-1", }, { name: "oval:org.mitre.oval:def:2536", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2536", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2003-0082", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap (aka \"buffer underrun\").", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2003:052", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-052.html", }, { name: "20030331 GLSA: krb5 & mit-krb5 (200303-28)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", }, { name: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt", refsource: "CONFIRM", url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt", }, { name: "7185", refsource: "BID", url: "http://www.securityfocus.com/bid/7185", }, { name: "RHSA-2003:091", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-091.html", }, { name: "oval:org.mitre.oval:def:4430", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4430", }, { name: "oval:org.mitre.oval:def:244", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A244", }, { name: "RHSA-2003:051", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-051.html", }, { name: "DSA-266", refsource: "DEBIAN", url: "http://www.debian.org/security/2003/dsa-266", }, { name: "54042", refsource: "SUNALERT", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-54042-1", }, { name: "oval:org.mitre.oval:def:2536", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2536", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2003-0082", datePublished: "2003-03-26T05:00:00", dateReserved: "2003-02-10T00:00:00", dateUpdated: "2024-08-08T01:43:35.215Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2000-0547
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.cert.org/advisories/CA-2000-11.html | third-party-advisory, x_refsource_CERT | |
http://ciac.llnl.gov/ciac/bulletins/k-051.shtml | third-party-advisory, government-resource, x_refsource_CIAC | |
http://www.securityfocus.com/bid/1338 | vdb-entry, x_refsource_BID | |
http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html | mailing-list, x_refsource_BUGTRAQ | |
http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T05:21:31.011Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "CA-2000-11", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.cert.org/advisories/CA-2000-11.html", }, { name: "K-051", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred", ], url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { name: "1338", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/1338", }, { name: "20000609 Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2000-06-09T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the localrealm variable in the process_v4 function.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2002-07-23T09:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "CA-2000-11", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.cert.org/advisories/CA-2000-11.html", }, { name: "K-051", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", ], url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { name: "1338", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/1338", }, { name: "20000609 Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2000-0547", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the localrealm variable in the process_v4 function.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "CA-2000-11", refsource: "CERT", url: "http://www.cert.org/advisories/CA-2000-11.html", }, { name: "K-051", refsource: "CIAC", url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { name: "1338", refsource: "BID", url: "http://www.securityfocus.com/bid/1338", }, { name: "20000609 Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC", refsource: "BUGTRAQ", url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { name: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", refsource: "CONFIRM", url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2000-0547", datePublished: "2000-07-12T04:00:00", dateReserved: "2000-07-11T00:00:00", dateUpdated: "2024-08-08T05:21:31.011Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2003-0072
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.redhat.com/support/errata/RHSA-2003-052.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/archive/1/316960/30/25250/threaded | mailing-list, x_refsource_BUGTRAQ | |
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt | x_refsource_CONFIRM | |
http://www.redhat.com/support/errata/RHSA-2003-051.html | vendor-advisory, x_refsource_REDHAT | |
http://www.securityfocus.com/bid/7184 | vdb-entry, x_refsource_BID | |
http://www.debian.org/security/2003/dsa-266 | vendor-advisory, x_refsource_DEBIAN | |
http://sunsolve.sun.com/search/document.do?assetkey=1-26-54042-1 | vendor-advisory, x_refsource_SUNALERT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T01:43:35.113Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2003:052", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2003-052.html", }, { name: "20030331 GLSA: krb5 & mit-krb5 (200303-28)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt", }, { name: "RHSA-2003:051", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2003-051.html", }, { name: "7184", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/7184", }, { name: "DSA-266", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2003/dsa-266", }, { name: "54042", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-54042-1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2003-03-19T00:00:00", descriptions: [ { lang: "en", value: "The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka \"array overrun\").", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-19T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2003:052", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2003-052.html", }, { name: "20030331 GLSA: krb5 & mit-krb5 (200303-28)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt", }, { name: "RHSA-2003:051", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2003-051.html", }, { name: "7184", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/7184", }, { name: "DSA-266", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2003/dsa-266", }, { name: "54042", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-54042-1", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2003-0072", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka \"array overrun\").", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2003:052", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-052.html", }, { name: "20030331 GLSA: krb5 & mit-krb5 (200303-28)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/316960/30/25250/threaded", }, { name: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt", refsource: "CONFIRM", url: "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt", }, { name: "RHSA-2003:051", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-051.html", }, { name: "7184", refsource: "BID", url: "http://www.securityfocus.com/bid/7184", }, { name: "DSA-266", refsource: "DEBIAN", url: "http://www.debian.org/security/2003/dsa-266", }, { name: "54042", refsource: "SUNALERT", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-54042-1", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2003-0072", datePublished: "2003-03-26T05:00:00", dateReserved: "2003-02-04T00:00:00", dateUpdated: "2024-08-08T01:43:35.113Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2000-0546
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.cert.org/advisories/CA-2000-11.html | third-party-advisory, x_refsource_CERT | |
http://ciac.llnl.gov/ciac/bulletins/k-051.shtml | third-party-advisory, government-resource, x_refsource_CIAC | |
http://www.securityfocus.com/bid/1338 | vdb-entry, x_refsource_BID | |
http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html | mailing-list, x_refsource_BUGTRAQ | |
http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T05:21:31.148Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "CA-2000-11", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.cert.org/advisories/CA-2000-11.html", }, { name: "K-051", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred", ], url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { name: "1338", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/1338", }, { name: "20000609 Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2000-06-09T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2002-07-23T09:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "CA-2000-11", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.cert.org/advisories/CA-2000-11.html", }, { name: "K-051", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", ], url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { name: "1338", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/1338", }, { name: "20000609 Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2000-0546", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "CA-2000-11", refsource: "CERT", url: "http://www.cert.org/advisories/CA-2000-11.html", }, { name: "K-051", refsource: "CIAC", url: "http://ciac.llnl.gov/ciac/bulletins/k-051.shtml", }, { name: "1338", refsource: "BID", url: "http://www.securityfocus.com/bid/1338", }, { name: "20000609 Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC", refsource: "BUGTRAQ", url: "http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html", }, { name: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", refsource: "CONFIRM", url: "http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2000-0546", datePublished: "2000-07-12T04:00:00", dateReserved: "2000-07-11T00:00:00", dateUpdated: "2024-08-08T05:21:31.148Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2001-0417
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://archives.neohapsis.com/archives/bugtraq/2001-03/0078.html | mailing-list, x_refsource_BUGTRAQ | |
http://www.redhat.com/support/errata/RHSA-2001-025.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T04:21:37.901Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20010307 Security advisory: Unsafe temporary file handling in krb4", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2001-03/0078.html", }, { name: "RHSA-2001:025", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2001-025.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2001-03-07T00:00:00", descriptions: [ { lang: "en", value: "Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2002-04-27T09:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20010307 Security advisory: Unsafe temporary file handling in krb4", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://archives.neohapsis.com/archives/bugtraq/2001-03/0078.html", }, { name: "RHSA-2001:025", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2001-025.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2001-0417", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20010307 Security advisory: Unsafe temporary file handling in krb4", refsource: "BUGTRAQ", url: "http://archives.neohapsis.com/archives/bugtraq/2001-03/0078.html", }, { name: "RHSA-2001:025", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2001-025.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2001-0417", datePublished: "2001-05-24T04:00:00", dateReserved: "2001-05-24T00:00:00", dateUpdated: "2024-08-08T04:21:37.901Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-5710
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T05:40:51.143Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Denial%20Of%20Service%28DoS%29", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-16T00:00:00", descriptions: [ { lang: "en", value: "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function \"strlen\" is getting a \"NULL\" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-16T09:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Denial%20Of%20Service%28DoS%29", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-5710", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function \"strlen\" is getting a \"NULL\" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Denial%20Of%20Service(DoS)", refsource: "MISC", url: "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Denial%20Of%20Service(DoS)", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-5710", datePublished: "2018-01-16T09:00:00", dateReserved: "2018-01-16T00:00:00", dateUpdated: "2024-08-05T05:40:51.143Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2009-0844
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T04:48:52.434Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", }, { name: "MDVSA-2009:098", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:098", }, { name: "20090407 MITKRB5-SA-2009-001: multiple vulnerabilities in SPNEGO, ASN.1 decoder [CVE-2009-0844 CVE-2009-0845 CVE-2009-0847]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/502526/100/0/threaded", }, { name: "VU#662091", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/662091", }, { name: "ADV-2009-0960", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/0960", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.apple.com/kb/HT3549", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", }, { name: "RHSA-2009:0408", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2009-0408.html", }, { name: "34637", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34637", }, { name: "oval:org.mitre.oval:def:9474", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9474", }, { name: "34408", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/34408", }, { name: "34640", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34640", }, { name: "35074", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/35074", }, { name: "256728", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256728-1", }, { name: "oval:org.mitre.oval:def:6339", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6339", }, { name: "GLSA-200904-09", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200904-09.xml", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", }, { name: "ADV-2009-0976", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/0976", }, { name: "APPLE-SA-2009-05-12", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", }, { name: "USN-755-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/usn-755-1", }, { name: "34630", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34630", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", }, { name: "ADV-2009-1057", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/1057", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-001.txt", }, { name: "34617", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34617", }, { name: "34628", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34628", }, { name: "34734", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34734", }, { name: "ADV-2009-2248", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/2248", }, { name: "TA09-133A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", }, { name: "ADV-2009-1297", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/1297", }, { name: "34622", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34622", }, { name: "FEDORA-2009-2852", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html", }, { name: "1021867", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1021867", }, { name: "FEDORA-2009-2834", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", }, { name: "20090407 rPSA-2009-0058-1 krb5 krb5-server krb5-services krb5-test krb5-workstation", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/502546/100/0/threaded", }, { name: "34594", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34594", }, { name: "ADV-2009-1106", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/1106", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2009-04-07T00:00:00", descriptions: [ { lang: "en", value: "The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote attackers to cause a denial of service (daemon crash) and possibly obtain sensitive information via a crafted length value that triggers a buffer over-read.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", }, { name: "MDVSA-2009:098", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:098", }, { name: "20090407 MITKRB5-SA-2009-001: multiple vulnerabilities in SPNEGO, ASN.1 decoder [CVE-2009-0844 CVE-2009-0845 CVE-2009-0847]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/502526/100/0/threaded", }, { name: "VU#662091", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/662091", }, { name: "ADV-2009-0960", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/0960", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.apple.com/kb/HT3549", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", }, { name: "RHSA-2009:0408", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2009-0408.html", }, { name: "34637", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34637", }, { name: "oval:org.mitre.oval:def:9474", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9474", }, { name: "34408", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/34408", }, { name: "34640", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34640", }, { name: "35074", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/35074", }, { name: "256728", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256728-1", }, { name: "oval:org.mitre.oval:def:6339", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6339", }, { name: "GLSA-200904-09", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200904-09.xml", }, { tags: [ "x_refsource_MISC", ], url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", }, { name: "ADV-2009-0976", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/0976", }, { name: "APPLE-SA-2009-05-12", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", }, { name: "USN-755-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/usn-755-1", }, { name: "34630", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34630", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", }, { name: "ADV-2009-1057", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/1057", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-001.txt", }, { name: "34617", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34617", }, { name: "34628", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34628", }, { name: "34734", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34734", }, { name: "ADV-2009-2248", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/2248", }, { name: "TA09-133A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", }, { tags: [ "x_refsource_MISC", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", }, { name: "ADV-2009-1297", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/1297", }, { name: "34622", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34622", }, { name: "FEDORA-2009-2852", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html", }, { name: "1021867", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1021867", }, { name: "FEDORA-2009-2834", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", }, { name: "20090407 rPSA-2009-0058-1 krb5 krb5-server krb5-services krb5-test krb5-workstation", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/502546/100/0/threaded", }, { name: "34594", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34594", }, { name: "ADV-2009-1106", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/1106", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2009-0844", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote attackers to cause a denial of service (daemon crash) and possibly obtain sensitive information via a crafted length value that triggers a buffer over-read.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", refsource: "MISC", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047181.html", }, { name: "MDVSA-2009:098", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:098", }, { name: "20090407 MITKRB5-SA-2009-001: multiple vulnerabilities in SPNEGO, ASN.1 decoder [CVE-2009-0844 CVE-2009-0845 CVE-2009-0847]", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/502526/100/0/threaded", }, { name: "VU#662091", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/662091", }, { name: "ADV-2009-0960", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/0960", }, { name: "http://support.apple.com/kb/HT3549", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT3549", }, { name: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", refsource: "CONFIRM", url: "http://support.avaya.com/elmodocs2/security/ASA-2009-142.htm", }, { name: "RHSA-2009:0408", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2009-0408.html", }, { name: "34637", refsource: "SECUNIA", url: "http://secunia.com/advisories/34637", }, { name: "oval:org.mitre.oval:def:9474", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9474", }, { name: "34408", refsource: "BID", url: "http://www.securityfocus.com/bid/34408", }, { name: "34640", refsource: "SECUNIA", url: "http://secunia.com/advisories/34640", }, { name: "35074", refsource: "SECUNIA", url: "http://secunia.com/advisories/35074", }, { name: "256728", refsource: "SUNALERT", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256728-1", }, { name: "oval:org.mitre.oval:def:6339", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6339", }, { name: "GLSA-200904-09", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200904-09.xml", }, { name: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", refsource: "MISC", url: "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5047180.html", }, { name: "ADV-2009-0976", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/0976", }, { name: "APPLE-SA-2009-05-12", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", }, { name: "USN-755-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/usn-755-1", }, { name: "34630", refsource: "SECUNIA", url: "http://secunia.com/advisories/34630", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21396120", }, { name: "ADV-2009-1057", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/1057", }, { name: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-001.txt", refsource: "CONFIRM", url: "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-001.txt", }, { name: "34617", refsource: "SECUNIA", url: "http://secunia.com/advisories/34617", }, { name: "34628", refsource: "SECUNIA", url: "http://secunia.com/advisories/34628", }, { name: "34734", refsource: "SECUNIA", url: "http://secunia.com/advisories/34734", }, { name: "ADV-2009-2248", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/2248", }, { name: "TA09-133A", refsource: "CERT", url: "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", }, { name: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", refsource: "MISC", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0058", }, { name: "ADV-2009-1297", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/1297", }, { name: "34622", refsource: "SECUNIA", url: "http://secunia.com/advisories/34622", }, { name: "FEDORA-2009-2852", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00206.html", }, { name: "1021867", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1021867", }, { name: "FEDORA-2009-2834", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00205.html", }, { name: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", refsource: "CONFIRM", url: "http://wiki.rpath.com/Advisories:rPSA-2009-0058", }, { name: "20090407 rPSA-2009-0058-1 krb5 krb5-server krb5-services krb5-test krb5-workstation", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/502546/100/0/threaded", }, { name: "34594", refsource: "SECUNIA", url: "http://secunia.com/advisories/34594", }, { name: "ADV-2009-1106", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/1106", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2009-0844", datePublished: "2009-04-09T00:00:00", dateReserved: "2009-03-06T00:00:00", dateUpdated: "2024-08-07T04:48:52.434Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-6800
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://github.com/krb5/krb5/commit/c2ccf4197f697c4ff143b8a786acdd875e70a89d | x_refsource_CONFIRM | |
http://krbdev.mit.edu/rt/Ticket/Display.html?id=7757 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/63770 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T17:46:23.610Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/krb5/krb5/commit/c2ccf4197f697c4ff143b8a786acdd875e70a89d", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7757", }, { name: "63770", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/63770", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-11-04T00:00:00", descriptions: [ { lang: "en", value: "An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request, a different vulnerability than CVE-2013-1418.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-01-04T17:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/krb5/krb5/commit/c2ccf4197f697c4ff143b8a786acdd875e70a89d", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7757", }, { name: "63770", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/63770", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2013-6800", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request, a different vulnerability than CVE-2013-1418.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/krb5/krb5/commit/c2ccf4197f697c4ff143b8a786acdd875e70a89d", refsource: "CONFIRM", url: "https://github.com/krb5/krb5/commit/c2ccf4197f697c4ff143b8a786acdd875e70a89d", }, { name: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7757", refsource: "CONFIRM", url: "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7757", }, { name: "63770", refsource: "BID", url: "http://www.securityfocus.com/bid/63770", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2013-6800", datePublished: "2013-11-16T11:00:00", dateReserved: "2013-11-15T00:00:00", dateUpdated: "2024-08-06T17:46:23.610Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-1999-0143
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0143 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-01T16:27:57.749Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0143", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-17T06:46:52", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0143", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-1999-0143", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0143", refsource: "MISC", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0143", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-1999-0143", datePublished: "1999-09-29T04:00:00", dateReserved: "1999-06-07T00:00:00", dateUpdated: "2024-08-01T16:27:57.749Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }