Search...

Solaris Update for rpcsec_gss 126928-02

2009-06-03T00:00:00

ID OPENVAS:1361412562310855158
Type openvas
Reporter Copyright (C) 2009 Greenbone Networks GmbH
Modified 2018-04-06T00:00:00

Description

Check for the Version of rpcsec_gss

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
#
# Solaris Update for rpcsec_gss 126928-02
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

tag_affected = "rpcsec_gss on solaris_5.8_sparc";
tag_insight = "The remote host is missing a patch containing a security fix,
  which affects the following component(s): 
  rpcsec_gss
  For more information please visit the below reference link.";
tag_solution = "Please Install the Updated Packages.";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.855158");
  script_version("$Revision: 9370 $");
  script_cve_id("CVE-2007-3999");
  script_tag(name:"last_modification", value:"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $");
  script_tag(name:"creation_date", value:"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_xref(name: "SUNSolve", value: "126928-02");
  script_name( "Solaris Update for rpcsec_gss 126928-02");

  script_xref(name : "URL" , value : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126928-02-1");

  script_tag(name:"summary", value:"Check for the Version of rpcsec_gss");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
  script_family("Solaris Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/solosversion");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("solaris.inc");

release = get_kb_item("ssh/login/solosversion");

if(release == NULL){
  exit(0);
}

if(solaris_check_patch(release:"5.8", arch:"sparc", patch:"126928-02", package:"SUNWrsg SUNWrsgx SUNWrsgk") &lt; 0)
{
  security_message(0);
  exit(0);
}

JSON Vulners Source

Initial Source

{"id": "OPENVAS:1361412562310855158", "type": "openvas", "bulletinFamily": "scanner", "title": "Solaris Update for rpcsec_gss 126928-02", "description": "Check for the Version of rpcsec_gss", "published": "2009-06-03T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855158", "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "references": ["126928-02", "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126928-02-1"], "cvelist": ["CVE-2007-3999"], "lastseen": "2018-04-09T11:40:40", "viewCount": 1, "enchantments": {"score": {"value": 8.8, "vector": "NONE"}, "dependencies": {"references": [{"type": "centos", "idList": ["CESA-2007:0858", "CESA-2007:0892", "CESA-2007:0913", "CESA-2007:0951"]}, {"type": "cert", "idList": ["VU:883632"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2007-126"]}, {"type": "cve", "idList": ["CVE-2007-3999", "CVE-2007-4743"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1367-1:8D223", "DEBIAN:DSA-1367-2:5B35E", "DEBIAN:DSA-1368-1:B3AD4", "DEBIAN:DSA-1387-1:AFB79"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2007-3999", "DEBIANCVE:CVE-2007-4743"]}, {"type": "fedora", "idList": ["FEDORA:L84LSHKJ025738", "FEDORA:L84MDMEP030074", "FEDORA:L87GHKOH024917", "FEDORA:L87HKEOO000802", "FEDORA:M26GAWJI013140", "FEDORA:M2LMMNJ4021372"]}, {"type": "gentoo", "idList": ["GLSA-200709-01", "GLSA-200710-01"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/GENTOO-LINUX-CVE-2007-3999/", "MSF:ILITIES/LINUXRPM-CESA-2007-0951/", "MSF:ILITIES/LINUXRPM-RHSA-2007-0858/", "MSF:ILITIES/UBUNTU-USN-511-1/"]}, {"type": "nessus", "idList": ["4284.PRM", "CENTOS_RHSA-2007-0858.NASL", "CENTOS_RHSA-2007-0892.NASL", "CENTOS_RHSA-2007-0913.NASL", "CENTOS_RHSA-2007-0951.NASL", "DEBIAN_DSA-1367.NASL", "DEBIAN_DSA-1368.NASL", "FEDORA_2007-2017.NASL", "FEDORA_2008-1017.NASL", "GENTOO_GLSA-200709-01.NASL", "GENTOO_GLSA-200710-01.NASL", "MACOSX_10_4_11.NASL", "MANDRAKE_MDKSA-2007-174.NASL", "MANDRAKE_MDKSA-2007-181.NASL", "ORACLELINUX_ELSA-2007-0858.NASL", "ORACLELINUX_ELSA-2007-0892.NASL", "ORACLELINUX_ELSA-2007-0913.NASL", "ORACLELINUX_ELSA-2007-0951.NASL", "REDHAT-RHSA-2007-0858.NASL", "REDHAT-RHSA-2007-0892.NASL", "REDHAT-RHSA-2007-0913.NASL", "REDHAT-RHSA-2007-0951.NASL", "SL_20070904_KRB5_ON_SL5_X.NASL", "SL_20070919_NFS_UTILS_LIB_ON_SL4_X.NASL", "SL_20071004_NFS_UTILS_LIB_ON_SL5_X.NASL", "SOLARIS10_126661.NASL", "SOLARIS10_X86_126662.NASL", "SOLARIS8_126928.NASL", "SOLARIS8_X86_126929.NASL", "SOLARIS9_113318.NASL", "SOLARIS9_X86_117468.NASL", "SUSE_KRB5-4191.NASL", "SUSE_KRB5-4192.NASL", "SUSE_LIBRPCSECGSS-4600.NASL", "SUSE_LIBRPCSECGSS-4601.NASL", "UBUNTU_USN-511-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231065954", "OPENVAS:1361412562310830034", "OPENVAS:1361412562310830272", "OPENVAS:1361412562310830306", "OPENVAS:1361412562310855503", "OPENVAS:58587", "OPENVAS:58588", "OPENVAS:58589", "OPENVAS:58599", "OPENVAS:58649", "OPENVAS:58670", "OPENVAS:65954", "OPENVAS:830034", "OPENVAS:830272", "OPENVAS:830306", "OPENVAS:840047", "OPENVAS:855158", "OPENVAS:855503", "OPENVAS:860003", "OPENVAS:860852", "OPENVAS:861237", "OPENVAS:861241", "OPENVAS:861477", "OPENVAS:861526"]}, {"type": "oraclelinux", "idList": ["ELSA-2007-0858", "ELSA-2007-0892", "ELSA-2007-0913", "ELSA-2007-0951"]}, {"type": "redhat", "idList": ["RHSA-2007:0858", "RHSA-2007:0892", "RHSA-2007:0913", "RHSA-2007:0951"]}, {"type": "saint", "idList": ["SAINT:1F1FEA144C05EC87A9DD8734EB048689", "SAINT:401232C1024DF63F0E21DAEE9A92482F", "SAINT:7F8A383884D03944BEBA710BB9BDB5A4", "SAINT:B2FAAF96F724892FF09F8E2FBC95C803"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:17996", "SECURITYVULNS:VULN:8119"]}, {"type": "ubuntu", "idList": ["USN-511-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2007-3999"]}, {"type": "zdi", "idList": ["ZDI-07-052"]}]}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2007:0858", "CESA-2007:0892", "CESA-2007:0913", "CESA-2007:0951"]}, {"type": "cve", "idList": ["CVE-2007-3999"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1368-1:B3AD4"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2007-3999"]}, {"type": "fedora", "idList": ["FEDORA:M2LMMNJ4021372"]}, {"type": "gentoo", "idList": ["GLSA-200709-01"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/UBUNTU-USN-511-1/"]}, {"type": "nessus", "idList": ["SL_20070919_NFS_UTILS_LIB_ON_SL4_X.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:58587", "OPENVAS:58589"]}, {"type": "oraclelinux", "idList": ["ELSA-2007-0858", "ELSA-2007-0892", "ELSA-2007-0913", "ELSA-2007-0951"]}, {"type": "redhat", "idList": ["RHSA-2007:0858", "RHSA-2007:0892", "RHSA-2007:0913", "RHSA-2007:0951"]}, {"type": "saint", "idList": ["SAINT:401232C1024DF63F0E21DAEE9A92482F"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:8119"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2007-3999"]}]}, "exploitation": null, "vulnersScore": 8.8}, "pluginID": "1361412562310855158", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for rpcsec_gss 126928-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"rpcsec_gss on solaris_5.8_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n rpcsec_gss\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855158\");\n script_version(\"$Revision: 9370 $\");\n script_cve_id(\"CVE-2007-3999\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"126928-02\");\n script_name( \"Solaris Update for rpcsec_gss 126928-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-126928-02-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of rpcsec_gss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.8\", arch:\"sparc\", patch:\"126928-02\", package:\"SUNWrsg SUNWrsgx SUNWrsgk\") < 0)\n{\n security_message(0);\n exit(0);\n}\n", "naslFamily": "Solaris Local Security Checks", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647589307, "score": 0}}

{"securityvulns": [{"lastseen": "2018-08-31T11:09:26", "description": "Buffer overflow on oversized string in RPC library svcauth_gss_validate() function.", "edition": 1, "cvss3": {}, "published": "2007-09-13T00:00:00", "title": "MIT Kerberos buffer overflow", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2007-09-13T00:00:00", "id": "SECURITYVULNS:VULN:8119", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8119", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:23", "description": "ZDI-07-052: Multiple Kerberos Implementations Authentication Context\r\n Stack Overflow Vulnerability\r\nhttp://www.zerodayinitiative.com/advisories/ZDI-07-052.html\r\nSeptember 12, 2007\r\n\r\n-- CVE ID:\r\nCVE-2007-3999\r\n\r\n-- Affected Vendor:\r\nMIT\r\n\r\n-- Affected Products:\r\nMIT Kerberos krb5-1.6.2\r\n\r\n-- TippingPoint(TM) IPS Customer Protection:\r\nTippingPoint IPS customers have been protected against this\r\nvulnerability since September 7, 2007 by Digital Vaccine protection\r\nfilter ID 5503. For further product information on the TippingPoint IPS:\r\n\r\n http://www.tippingpoint.com \r\n\r\n-- Vulnerability Details:\r\nThis vulnerability allows remote attackers to execute arbitrary code on\r\nvulnerable installations of MIT Kerberos. Authentication is not\r\nrequired to exploit this vulnerability.\r\n\r\nThe specific flaw exists in the svcauth_gss_validate() function. By\r\nsending a large authentication context over RPC, a stack based buffer\r\noverflow occurs, resulting in a situation allowing for remote code\r\nexecution.\r\n\r\nThe vulnerable line of the function is: \r\n memcpy((caddr_t)buf, oa->oa_base, oa->oa_length);\r\n\r\nIf 128 < oa->oa_length < 400, the exploitable situation occurs. Over\r\n400 bytes is caught during a separate check for MAX_AUTH_SIZE earlier\r\nin the RPC packet decoding process.\r\n\r\n-- Vendor Response:\r\nMIT has issued an update to correct this vulnerability. More details can\r\nbe found at:\r\n\r\nhttp://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-006.txt\r\n\r\n-- Disclosure Timeline:\r\n2007.07.20 - Vulnerability reported to vendor\r\n2007.09.07 - Digital Vaccine released to TippingPoint customers\r\n2007.09.07 - Coordinated public release of advisory\r\n\r\n-- Credit:\r\nThis vulnerability was discovered by Tenable Network Security.\r\n\r\n-- About the Zero Day Initiative (ZDI):\r\nEstablished by TippingPoint, a division of 3Com, The Zero Day Initiative\r\n(ZDI) represents a best-of-breed model for rewarding security\r\nresearchers for responsibly disclosing discovered vulnerabilities.\r\n\r\nResearchers interested in getting paid for their security research\r\nthrough the ZDI can find more information and sign-up at:\r\n\r\n http://www.zerodayinitiative.com\r\n\r\nThe ZDI is unique in how the acquired vulnerability information is used.\r\n3Com does not re-sell the vulnerability details or any exploit code.\r\nInstead, upon notifying the affected product vendor, 3Com provides its\r\ncustomers with zero day protection through its intrusion prevention\r\ntechnology. Explicit details regarding the specifics of the\r\nvulnerability are not exposed to any parties until an official vendor\r\npatch is publicly available. Furthermore, with the altruistic aim of\r\nhelping to secure a broader user base, 3Com provides this vulnerability\r\ninformation confidentially to security vendors (including competitors)\r\nwho have a vulnerability protection or mitigation product.", "edition": 1, "cvss3": {}, "published": "2007-09-13T00:00:00", "title": "ZDI-07-052: Multiple Kerberos Implementations Authentication Context Stack Overflow Vulnerability", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2007-09-13T00:00:00", "id": "SECURITYVULNS:DOC:17996", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:17996", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-04-09T11:40:16", "description": "Check for the Version of librpcsecgss", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for librpcsecgss MDKSA-2007:181 (librpcsecgss)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310830306", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830306", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for librpcsecgss MDKSA-2007:181 (librpcsecgss)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A stack buffer overflow vulnerability was discovered in the RPCSEC_GSS\n RPC library by Tenable Network Security that could potentially allow\n for the execution of arbitrary code.\n\n Updated packages have been patched to prevent these issues.\";\n\ntag_affected = \"librpcsecgss on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-09/msg00012.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830306\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 13:57:01 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDKSA\", value: \"2007:181\");\n script_cve_id(\"CVE-2007-3999\");\n script_name( \"Mandriva Update for librpcsecgss MDKSA-2007:181 (librpcsecgss)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of librpcsecgss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"librpcsecgss3\", rpm:\"librpcsecgss3~0.14~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpcsecgss3-devel\", rpm:\"librpcsecgss3-devel~0.14~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpcsecgss\", rpm:\"librpcsecgss~0.14~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpcsecgss3\", rpm:\"lib64rpcsecgss3~0.14~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpcsecgss3-devel\", rpm:\"lib64rpcsecgss3-devel~0.14~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"librpcsecgss2\", rpm:\"librpcsecgss2~0.12~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpcsecgss2-devel\", rpm:\"librpcsecgss2-devel~0.12~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpcsecgss\", rpm:\"librpcsecgss~0.12~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpcsecgss2\", rpm:\"lib64rpcsecgss2~0.12~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpcsecgss2-devel\", rpm:\"lib64rpcsecgss2-devel~0.12~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:54", "description": "The remote host is missing an update to librpcsecgss\nannounced via advisory DSA 1368-1.", "cvss3": {}, "published": "2008-01-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1368-1 (librpcsecgss)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:58588", "href": "http://plugins.openvas.org/nasl.php?oid=58588", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1368_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1368-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that a buffer overflow of the library for secure RPC\ncommunication over the rpcsec_gss protocol allows the execution of\narbitrary code.\n\nThe oldstable distribution (sarge) doesn't contain librpcsecgss.\n\nFor the stable distribution (etch) this problem has been fixed in\nversion 0.14-2etch1.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you upgrade your librpcsecgss packages.\";\ntag_summary = \"The remote host is missing an update to librpcsecgss\nannounced via advisory DSA 1368-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201368-1\";\n\nif(description)\n{\n script_id(58588);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:19:52 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2007-3999\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1368-1 (librpcsecgss)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"librpcsecgss-dev\", ver:\"0.14-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"librpcsecgss3\", ver:\"0.14-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:04", "description": "The remote host is missing updates announced in\nadvisory GLSA 200710-01.", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200710-01 (librcpsecgss)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:58649", "href": "http://plugins.openvas.org/nasl.php?oid=58649", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A buffer overflow vulnerability has been discovered in librpcsecgss.\";\ntag_solution = \"All librpcsecgss users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-libs/librpcsecgss-0.16'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200710-01\nhttp://bugs.gentoo.org/show_bug.cgi?id=191479\nhttp://www.gentoo.org/security/en/glsa/glsa-200709-01.xml\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200710-01.\";\n\n \n\nif(description)\n{\n script_id(58649);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2007-3999\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200710-01 (librcpsecgss)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-libs/librpcsecgss\", unaffected: make_list(\"ge 0.16\"), vulnerable: make_list(\"lt 0.16\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:19", "description": "Check for the Version of rpcsec_gss", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for rpcsec_gss 126929-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855503", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855503", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for rpcsec_gss 126929-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"rpcsec_gss on solaris_5.8_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n rpcsec_gss\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855503\");\n script_version(\"$Revision: 9370 $\");\n script_cve_id(\"CVE-2007-3999\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"126929-02\");\n script_name( \"Solaris Update for rpcsec_gss 126929-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-126929-02-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of rpcsec_gss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.8\", arch:\"i386\", patch:\"126929-02\", package:\"SUNWrsg SUNWrsgk SUNWcsr\") < 0)\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:28:37", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-511-1", "cvss3": {}, "published": "2009-03-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for krb5, librpcsecgss vulnerability USN-511-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840047", "href": "http://plugins.openvas.org/nasl.php?oid=840047", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_511_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for krb5, librpcsecgss vulnerability USN-511-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that the libraries handling RPCSEC_GSS did not correctly\n validate the size of certain packet structures. An unauthenticated remote\n user could send a specially crafted request and execute arbitrary code\n with root privileges.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-511-1\";\ntag_affected = \"krb5, librpcsecgss vulnerability on Ubuntu 6.06 LTS ,\n Ubuntu 6.10 ,\n Ubuntu 7.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-511-1/\");\n script_id(840047);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"511-1\");\n script_cve_id(\"CVE-2007-3999\");\n script_name( \"Ubuntu Update for krb5, librpcsecgss vulnerability USN-511-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libkadm55\", ver:\"1.4.4-5ubuntu3.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libkrb5-dbg\", ver:\"1.4.4-5ubuntu3.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libkrb5-dev\", ver:\"1.4.4-5ubuntu3.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libkrb53\", ver:\"1.4.4-5ubuntu3.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"librpcsecgss-dev\", ver:\"0.14-2ubuntu1.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"librpcsecgss3\", ver:\"0.14-2ubuntu1.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-admin-server\", ver:\"1.4.4-5ubuntu3.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-clients\", ver:\"1.4.4-5ubuntu3.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-ftpd\", ver:\"1.4.4-5ubuntu3.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-kdc\", ver:\"1.4.4-5ubuntu3.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-rsh-server\", ver:\"1.4.4-5ubuntu3.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-telnetd\", ver:\"1.4.4-5ubuntu3.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-user\", ver:\"1.4.4-5ubuntu3.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-doc\", ver:\"1.4.4-5ubuntu3.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libkadm55\", ver:\"1.4.3-5ubuntu0.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libkrb5-dev\", ver:\"1.4.3-5ubuntu0.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libkrb53\", ver:\"1.4.3-5ubuntu0.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-admin-server\", ver:\"1.4.3-5ubuntu0.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-clients\", ver:\"1.4.3-5ubuntu0.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-ftpd\", ver:\"1.4.3-5ubuntu0.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-kdc\", ver:\"1.4.3-5ubuntu0.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-rsh-server\", ver:\"1.4.3-5ubuntu0.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-telnetd\", ver:\"1.4.3-5ubuntu0.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-user\", ver:\"1.4.3-5ubuntu0.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"librpcsecgss-dev\", ver:\"0.7-0ubuntu1.1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"librpcsecgss1\", ver:\"0.7-0ubuntu1.1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-doc\", ver:\"1.4.3-5ubuntu0.5\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libkadm55\", ver:\"1.4.3-9ubuntu1.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libkrb5-dbg\", ver:\"1.4.3-9ubuntu1.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libkrb5-dev\", ver:\"1.4.3-9ubuntu1.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libkrb53\", ver:\"1.4.3-9ubuntu1.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"librpcsecgss-dev\", ver:\"0.13-2ubuntu0.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"librpcsecgss2\", ver:\"0.13-2ubuntu0.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-admin-server\", ver:\"1.4.3-9ubuntu1.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-clients\", ver:\"1.4.3-9ubuntu1.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-ftpd\", ver:\"1.4.3-9ubuntu1.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-kdc\", ver:\"1.4.3-9ubuntu1.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-rsh-server\", ver:\"1.4.3-9ubuntu1.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-telnetd\", ver:\"1.4.3-9ubuntu1.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-user\", ver:\"1.4.3-9ubuntu1.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krb5-doc\", ver:\"1.4.3-9ubuntu1.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:02", "description": "The remote host is missing an update to krb5\nannounced via advisory DSA 1367-1.", "cvss3": {}, "published": "2008-01-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1367-1 (krb5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:58587", "href": "http://plugins.openvas.org/nasl.php?oid=58587", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1367_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1367-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that a buffer overflow of the RPC library of the MIT\nKerberos reference implementation allows the execution of arbitrary code.\n\nThe oldstable distribution (sarge) is not affected by this problem.\n\nFor the stable distribution (etch) this problem has been fixed in\nversion 1.4.4-7etch3.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 1.6.dfsg.1-7.\n\nWe recommend that you upgrade your Kerberos packages.\";\ntag_summary = \"The remote host is missing an update to krb5\nannounced via advisory DSA 1367-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201367-1\";\n\nif(description)\n{\n script_id(58587);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:19:52 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2007-3999\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1367-1 (krb5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"krb5-doc\", ver:\"1.4.4-7etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-admin-server\", ver:\"1.4.4-7etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-clients\", ver:\"1.4.4-7etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-ftpd\", ver:\"1.4.4-7etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-kdc\", ver:\"1.4.4-7etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-rsh-server\", ver:\"1.4.4-7etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-telnetd\", ver:\"1.4.4-7etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-user\", ver:\"1.4.4-7etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm55\", ver:\"1.4.4-7etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb5-dbg\", ver:\"1.4.4-7etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb5-dev\", ver:\"1.4.4-7etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb53\", ver:\"1.4.4-7etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:41", "description": "The remote host is missing an update to krb5\nannounced via advisory DSA 1367-2.", "cvss3": {}, "published": "2008-01-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1367-2 (krb5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:58589", "href": "http://plugins.openvas.org/nasl.php?oid=58589", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1367_2.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1367-2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that a buffer overflow of the RPC library of the MIT\nKerberos reference implementation allows the execution of arbitrary code.\nThe original patch from DSA-1367-1 didn't address the problem fully.\nThis update delivers an updated fix.\n\nThe oldstable distribution (sarge) is not affected by this problem.\n\nFor the stable distribution (etch) this problem has been fixed in\nversion 1.4.4-7etch4.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you upgrade your Kerberos packages.\";\ntag_summary = \"The remote host is missing an update to krb5\nannounced via advisory DSA 1367-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201367-2\";\n\nif(description)\n{\n script_id(58589);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:19:52 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2007-3999\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1367-2 (krb5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"krb5-doc\", ver:\"1.4.4-7etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-admin-server\", ver:\"1.4.4-7etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-clients\", ver:\"1.4.4-7etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-ftpd\", ver:\"1.4.4-7etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-kdc\", ver:\"1.4.4-7etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-rsh-server\", ver:\"1.4.4-7etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-telnetd\", ver:\"1.4.4-7etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krb5-user\", ver:\"1.4.4-7etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm55\", ver:\"1.4.4-7etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb5-dbg\", ver:\"1.4.4-7etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb5-dev\", ver:\"1.4.4-7etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb53\", ver:\"1.4.4-7etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:41", "description": "Check for the Version of librpcsecgss", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for librpcsecgss MDKSA-2007:181 (librpcsecgss)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:830306", "href": "http://plugins.openvas.org/nasl.php?oid=830306", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for librpcsecgss MDKSA-2007:181 (librpcsecgss)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A stack buffer overflow vulnerability was discovered in the RPCSEC_GSS\n RPC library by Tenable Network Security that could potentially allow\n for the execution of arbitrary code.\n\n Updated packages have been patched to prevent these issues.\";\n\ntag_affected = \"librpcsecgss on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-09/msg00012.php\");\n script_id(830306);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 13:57:01 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDKSA\", value: \"2007:181\");\n script_cve_id(\"CVE-2007-3999\");\n script_name( \"Mandriva Update for librpcsecgss MDKSA-2007:181 (librpcsecgss)\");\n\n script_summary(\"Check for the Version of librpcsecgss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"librpcsecgss3\", rpm:\"librpcsecgss3~0.14~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpcsecgss3-devel\", rpm:\"librpcsecgss3-devel~0.14~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpcsecgss\", rpm:\"librpcsecgss~0.14~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpcsecgss3\", rpm:\"lib64rpcsecgss3~0.14~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpcsecgss3-devel\", rpm:\"lib64rpcsecgss3-devel~0.14~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"librpcsecgss2\", rpm:\"librpcsecgss2~0.12~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpcsecgss2-devel\", rpm:\"librpcsecgss2-devel~0.12~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpcsecgss\", rpm:\"librpcsecgss~0.12~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpcsecgss2\", rpm:\"lib64rpcsecgss2~0.12~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpcsecgss2-devel\", rpm:\"lib64rpcsecgss2-devel~0.12~2.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:49", "description": "Check for the Version of libtirpc", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for libtirpc FEDORA-2008-1017", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860852", "href": "http://plugins.openvas.org/nasl.php?oid=860852", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libtirpc FEDORA-2008-1017\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This package contains SunLib's implementation of transport-independent\n RPC (TI-RPC) documentation. This library forms a piece of the base of\n Open Network Computing (ONC), and is derived directly from the\n Solaris 2.3 source.\n\n TI-RPC is an enhanced version of TS-RPC that requires the UNIX System V\n Transport Layer Interface (TLI) or an equivalent X/Open Transport Interface\n (XTI). TI-RPC is on-the-wire compatible with the TS-RPC, which is supported\n by almost 70 vendors on all major operating systems. TS-RPC source code\n (RPCSRC 4.0) remains available from several internet sites.\";\n\ntag_affected = \"libtirpc on Fedora 8\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00173.html\");\n script_id(860852);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1017\");\n script_cve_id(\"CVE-2007-3999\");\n script_name( \"Fedora Update for libtirpc FEDORA-2008-1017\");\n\n script_summary(\"Check for the Version of libtirpc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"libtirpc\", rpm:\"libtirpc~0.1.7~15.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:08", "description": "Check for the Version of krb5", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "Fedora Update for krb5 FEDORA-2007-694", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:861241", "href": "http://plugins.openvas.org/nasl.php?oid=861241", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for krb5 FEDORA-2007-694\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"krb5 on Fedora Core 6\";\ntag_insight = \"Kerberos V5 is a trusted-third-party network authentication system,\n which can improve your network's security by eliminating the insecure\n practice of cleartext passwords.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00140.html\");\n script_id(861241);\n script_version(\"$Revision: 6622 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 07:52:50 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:31:39 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2007-694\");\n script_cve_id(\"CVE-2007-3999\");\n script_name( \"Fedora Update for krb5 FEDORA-2007-694\");\n\n script_summary(\"Check for the Version of krb5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora_core\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC6\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.5~23.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/debug/krb5-debuginfo\", rpm:\"x86_64/debug/krb5-debuginfo~1.5~23.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/krb5-workstation\", rpm:\"x86_64/krb5-workstation~1.5~23.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/krb5-server\", rpm:\"x86_64/krb5-server~1.5~23.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/krb5-libs\", rpm:\"x86_64/krb5-libs~1.5~23.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/krb5-devel\", rpm:\"x86_64/krb5-devel~1.5~23.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/debug/krb5-debuginfo\", rpm:\"i386/debug/krb5-debuginfo~1.5~23.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/krb5-devel\", rpm:\"i386/krb5-devel~1.5~23.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/krb5-libs\", rpm:\"i386/krb5-libs~1.5~23.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/krb5-server\", rpm:\"i386/krb5-server~1.5~23.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/krb5-workstation\", rpm:\"i386/krb5-workstation~1.5~23.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:42", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n librpcsecgss\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for librpcsecgss", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65954", "href": "http://plugins.openvas.org/nasl.php?oid=65954", "sourceData": "#\n#VID slesp1-librpcsecgss-4601\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for librpcsecgss\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n librpcsecgss\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65954);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2007-3999\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for librpcsecgss\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"librpcsecgss\", rpm:\"librpcsecgss~0.7~13.8\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:04", "description": "Check for the Version of rpcsec_gss", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for rpcsec_gss 126929-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855503", "href": "http://plugins.openvas.org/nasl.php?oid=855503", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for rpcsec_gss 126929-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"rpcsec_gss on solaris_5.8_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n rpcsec_gss\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855503);\n script_version(\"$Revision: 5359 $\");\n script_cve_id(\"CVE-2007-3999\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"126929-02\");\n script_name( \"Solaris Update for rpcsec_gss 126929-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-126929-02-1\");\n\n script_summary(\"Check for the Version of rpcsec_gss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.8\", arch:\"i386\", patch:\"126929-02\", package:\"SUNWrsg SUNWrsgk SUNWcsr\") < 0)\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:08", "description": "Check for the Version of rpcsec_gss", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "openvas", "title": "Solaris Update for rpcsec_gss 126928-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855158", "href": "http://plugins.openvas.org/nasl.php?oid=855158", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for rpcsec_gss 126928-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"rpcsec_gss on solaris_5.8_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n rpcsec_gss\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855158);\n script_version(\"$Revision: 5359 $\");\n script_cve_id(\"CVE-2007-3999\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:31:50 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"126928-02\");\n script_name( \"Solaris Update for rpcsec_gss 126928-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-126928-02-1\");\n\n script_summary(\"Check for the Version of rpcsec_gss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.8\", arch:\"sparc\", patch:\"126928-02\", package:\"SUNWrsg SUNWrsgx SUNWrsgk\") < 0)\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:43", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n librpcsecgss\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for librpcsecgss", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065954", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065954", "sourceData": "#\n#VID slesp1-librpcsecgss-4601\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for librpcsecgss\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n librpcsecgss\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65954\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2007-3999\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for librpcsecgss\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"librpcsecgss\", rpm:\"librpcsecgss~0.7~13.8\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-30T10:46:25", "description": "The remote host is missing updates announced in\nadvisory GLSA 200709-01.", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200709-01 (mit-krb5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4000", "CVE-2007-3999"], "modified": "2017-10-26T00:00:00", "id": "OPENVAS:58599", "href": "http://plugins.openvas.org/nasl.php?oid=58599", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Two vulnerabilities have been found in MIT Kerberos 5, which could allow a\nremote unauthenticated user to execute arbitrary code with root\nprivileges.\";\ntag_solution = \"All MIT Kerberos 5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-crypt/mit-krb5-1.5.3-r1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200709-01\nhttp://bugs.gentoo.org/show_bug.cgi?id=191301\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200709-01.\";\n\n \n\nif(description)\n{\n script_id(58599);\n script_version(\"$Revision: 7585 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-10-26 17:03:01 +0200 (Thu, 26 Oct 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4000\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200709-01 (mit-krb5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-crypt/mit-krb5\", unaffected: make_list(\"ge 1.5.3-r1\"), vulnerable: make_list(\"lt 1.5.3-r1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:45", "description": "Check for the Version of krb5", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "Fedora Update for krb5 FEDORA-2007-690", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4000", "CVE-2007-3999"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:861477", "href": "http://plugins.openvas.org/nasl.php?oid=861477", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for krb5 FEDORA-2007-690\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"krb5 on Fedora Core 6\";\ntag_insight = \"Kerberos V5 is a trusted-third-party network authentication system,\n which can improve your network's security by eliminating the insecure\n practice of cleartext passwords.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00100.html\");\n script_id(861477);\n script_version(\"$Revision: 6622 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 07:52:50 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:31:39 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2007-690\");\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4000\");\n script_name( \"Fedora Update for krb5 FEDORA-2007-690\");\n\n script_summary(\"Check for the Version of krb5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora_core\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC6\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.5~22.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/krb5-workstation\", rpm:\"x86_64/krb5-workstation~1.5~22.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/krb5-libs\", rpm:\"x86_64/krb5-libs~1.5~22.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/debug/krb5-debuginfo\", rpm:\"x86_64/debug/krb5-debuginfo~1.5~22.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/krb5-server\", rpm:\"x86_64/krb5-server~1.5~22.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/krb5-devel\", rpm:\"x86_64/krb5-devel~1.5~22.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/krb5-libs\", rpm:\"i386/krb5-libs~1.5~22.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/krb5-workstation\", rpm:\"i386/krb5-workstation~1.5~22.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/krb5-devel\", rpm:\"i386/krb5-devel~1.5~22.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/krb5-server\", rpm:\"i386/krb5-server~1.5~22.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/debug/krb5-debuginfo\", rpm:\"i386/debug/krb5-debuginfo~1.5~22.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:34", "description": "Check for the Version of krb5", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for krb5 MDKSA-2007:174 (krb5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4000", "CVE-2007-3999"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310830034", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830034", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for krb5 MDKSA-2007:174 (krb5)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A stack buffer overflow vulnerability was discovered in the RPC\n library used by Kerberos' kadmind program by Tenable Network Security.\n A remote unauthenticated user who could access kadmind would be\n able to trigger the flaw and cause it to crash (CVE-2007-3999).\n This issue is only applicable to Kerberos 1.4 and higher.\n\n Garrett Wollman found an uninitialized pointer vulnerability in\n kadmind which a remote unauthenticated attacker able to access\n kadmind could exploit to cause kadmind to crash (CVE-2007-4000).\n This issue is only applicable to Kerberos 1.5 and higher.\n \n Updated packages have been patched to prevent these issues.\";\n\ntag_affected = \"krb5 on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-09/msg00002.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830034\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 13:57:01 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDKSA\", value: \"2007:174\");\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4000\");\n script_name( \"Mandriva Update for krb5 MDKSA-2007:174 (krb5)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of krb5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"ftp-client-krb5\", rpm:\"ftp-client-krb5~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ftp-server-krb5\", rpm:\"ftp-server-krb5~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkrb53\", rpm:\"libkrb53~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkrb53-devel\", rpm:\"libkrb53-devel~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"telnet-client-krb5\", rpm:\"telnet-client-krb5~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"telnet-server-krb5\", rpm:\"telnet-server-krb5~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64krb53\", rpm:\"lib64krb53~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64krb53-devel\", rpm:\"lib64krb53-devel~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"ftp-client-krb5\", rpm:\"ftp-client-krb5~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ftp-server-krb5\", rpm:\"ftp-server-krb5~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkrb53\", rpm:\"libkrb53~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkrb53-devel\", rpm:\"libkrb53-devel~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"telnet-client-krb5\", rpm:\"telnet-client-krb5~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"telnet-server-krb5\", rpm:\"telnet-server-krb5~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64krb53\", rpm:\"lib64krb53~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64krb53-devel\", rpm:\"lib64krb53-devel~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:05", "description": "The remote host is missing an update to librpcsecgss\nannounced via advisory DSA 1387-1.", "cvss3": {}, "published": "2008-01-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1387-1 (librpcsecgss)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4743", "CVE-2007-3999"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:58670", "href": "http://plugins.openvas.org/nasl.php?oid=58670", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1387_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1387-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It has been discovered that the original patch for a buffer overflow in\nsvc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5\n(CVE-2007-3999, DSA-1368-1) was insufficient to protect from arbitrary\ncode execution in some environments.\n\nThe old stable distribution (sarge) does not contain a librpcseggss\npackage.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 0.14-2etch3.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 0.14-4.\n\nWe recommend that you upgrade your librpcsecgss package.\";\ntag_summary = \"The remote host is missing an update to librpcsecgss\nannounced via advisory DSA 1387-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201387-1\";\n\nif(description)\n{\n script_id(58670);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:19:52 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2007-4743\", \"CVE-2007-3999\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1387-1 (librpcsecgss)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"librpcsecgss3\", ver:\"0.14-2etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"librpcsecgss-dev\", ver:\"0.14-2etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:47", "description": "Check for the Version of krb5", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for krb5 MDKSA-2007:174 (krb5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4000", "CVE-2007-3999"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:830034", "href": "http://plugins.openvas.org/nasl.php?oid=830034", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for krb5 MDKSA-2007:174 (krb5)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A stack buffer overflow vulnerability was discovered in the RPC\n library used by Kerberos' kadmind program by Tenable Network Security.\n A remote unauthenticated user who could access kadmind would be\n able to trigger the flaw and cause it to crash (CVE-2007-3999).\n This issue is only applicable to Kerberos 1.4 and higher.\n\n Garrett Wollman found an uninitialized pointer vulnerability in\n kadmind which a remote unauthenticated attacker able to access\n kadmind could exploit to cause kadmind to crash (CVE-2007-4000).\n This issue is only applicable to Kerberos 1.5 and higher.\n \n Updated packages have been patched to prevent these issues.\";\n\ntag_affected = \"krb5 on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-09/msg00002.php\");\n script_id(830034);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 13:57:01 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDKSA\", value: \"2007:174\");\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4000\");\n script_name( \"Mandriva Update for krb5 MDKSA-2007:174 (krb5)\");\n\n script_summary(\"Check for the Version of krb5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"ftp-client-krb5\", rpm:\"ftp-client-krb5~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ftp-server-krb5\", rpm:\"ftp-server-krb5~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkrb53\", rpm:\"libkrb53~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkrb53-devel\", rpm:\"libkrb53-devel~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"telnet-client-krb5\", rpm:\"telnet-client-krb5~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"telnet-server-krb5\", rpm:\"telnet-server-krb5~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64krb53\", rpm:\"lib64krb53~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64krb53-devel\", rpm:\"lib64krb53-devel~1.5.2~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"ftp-client-krb5\", rpm:\"ftp-client-krb5~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ftp-server-krb5\", rpm:\"ftp-server-krb5~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkrb53\", rpm:\"libkrb53~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkrb53-devel\", rpm:\"libkrb53-devel~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"telnet-client-krb5\", rpm:\"telnet-client-krb5~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"telnet-server-krb5\", rpm:\"telnet-server-krb5~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64krb53\", rpm:\"lib64krb53~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64krb53-devel\", rpm:\"lib64krb53-devel~1.4.3~7.2mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:30", "description": "Check for the Version of krb5", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for krb5 MDKSA-2007:174-1 (krb5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4743", "CVE-2007-4000", "CVE-2007-3999"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:830272", "href": "http://plugins.openvas.org/nasl.php?oid=830272", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for krb5 MDKSA-2007:174-1 (krb5)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A stack buffer overflow vulnerability was discovered in the RPC\n library used by Kerberos' kadmind program by Tenable Network Security.\n A remote unauthenticated user who could access kadmind would be\n able to trigger the flaw and cause it to crash (CVE-2007-3999).\n This issue is only applicable to Kerberos 1.4 and higher.\n\n Garrett Wollman found an uninitialized pointer vulnerability in\n kadmind which a remote unauthenticated attacker able to access\n kadmind could exploit to cause kadmind to crash (CVE-2007-4000).\n This issue is only applicable to Kerberos 1.5 and higher.\n \n Update:\n \n The MIT Kerberos Team found a problem with the originally published\n patch for CVE-2007-3999. A remote unauthenticated attacker able to\n access kadmind could trigger this flaw and cause kadmind to crash.\n \n Updated packages have been patched to prevent these issues.\";\n\ntag_affected = \"krb5 on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-09/msg00007.php\");\n script_id(830272);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 13:57:01 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDKSA\", value: \"2007:174-1\");\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4000\", \"CVE-2007-4743\");\n script_name( \"Mandriva Update for krb5 MDKSA-2007:174-1 (krb5)\");\n\n script_summary(\"Check for the Version of krb5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"ftp-client-krb5\", rpm:\"ftp-client-krb5~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ftp-server-krb5\", rpm:\"ftp-server-krb5~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkrb53\", rpm:\"libkrb53~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkrb53-devel\", rpm:\"libkrb53-devel~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"telnet-client-krb5\", rpm:\"telnet-client-krb5~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"telnet-server-krb5\", rpm:\"telnet-server-krb5~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64krb53\", rpm:\"lib64krb53~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64krb53-devel\", rpm:\"lib64krb53-devel~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"ftp-client-krb5\", rpm:\"ftp-client-krb5~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ftp-server-krb5\", rpm:\"ftp-server-krb5~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkrb53\", rpm:\"libkrb53~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkrb53-devel\", rpm:\"libkrb53-devel~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"telnet-client-krb5\", rpm:\"telnet-client-krb5~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"telnet-server-krb5\", rpm:\"telnet-server-krb5~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64krb53\", rpm:\"lib64krb53~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64krb53-devel\", rpm:\"lib64krb53-devel~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:46", "description": "Check for the Version of krb5", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for krb5 MDKSA-2007:174-1 (krb5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4743", "CVE-2007-4000", "CVE-2007-3999"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310830272", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830272", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for krb5 MDKSA-2007:174-1 (krb5)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A stack buffer overflow vulnerability was discovered in the RPC\n library used by Kerberos' kadmind program by Tenable Network Security.\n A remote unauthenticated user who could access kadmind would be\n able to trigger the flaw and cause it to crash (CVE-2007-3999).\n This issue is only applicable to Kerberos 1.4 and higher.\n\n Garrett Wollman found an uninitialized pointer vulnerability in\n kadmind which a remote unauthenticated attacker able to access\n kadmind could exploit to cause kadmind to crash (CVE-2007-4000).\n This issue is only applicable to Kerberos 1.5 and higher.\n \n Update:\n \n The MIT Kerberos Team found a problem with the originally published\n patch for CVE-2007-3999. A remote unauthenticated attacker able to\n access kadmind could trigger this flaw and cause kadmind to crash.\n \n Updated packages have been patched to prevent these issues.\";\n\ntag_affected = \"krb5 on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-09/msg00007.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830272\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 13:57:01 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDKSA\", value: \"2007:174-1\");\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4000\", \"CVE-2007-4743\");\n script_name( \"Mandriva Update for krb5 MDKSA-2007:174-1 (krb5)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of krb5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"ftp-client-krb5\", rpm:\"ftp-client-krb5~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ftp-server-krb5\", rpm:\"ftp-server-krb5~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkrb53\", rpm:\"libkrb53~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkrb53-devel\", rpm:\"libkrb53-devel~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"telnet-client-krb5\", rpm:\"telnet-client-krb5~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"telnet-server-krb5\", rpm:\"telnet-server-krb5~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64krb53\", rpm:\"lib64krb53~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64krb53-devel\", rpm:\"lib64krb53-devel~1.5.2~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"ftp-client-krb5\", rpm:\"ftp-client-krb5~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ftp-server-krb5\", rpm:\"ftp-server-krb5~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkrb53\", rpm:\"libkrb53~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkrb53-devel\", rpm:\"libkrb53-devel~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"telnet-client-krb5\", rpm:\"telnet-client-krb5~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"telnet-server-krb5\", rpm:\"telnet-server-krb5~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64krb53\", rpm:\"lib64krb53~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64krb53-devel\", rpm:\"lib64krb53-devel~1.4.3~7.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:56", "description": "Check for the Version of krb5", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "Fedora Update for krb5 FEDORA-2007-2017", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2442", "CVE-2007-2798", "CVE-2007-0957", "CVE-2007-0956", "CVE-2007-1216", "CVE-2007-4000", "CVE-2007-2443", "CVE-2007-3999"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:861526", "href": "http://plugins.openvas.org/nasl.php?oid=861526", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for krb5 FEDORA-2007-2017\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"krb5 on Fedora 7\";\ntag_insight = \"Kerberos V5 is a trusted-third-party network authentication system,\n which can improve your network's security by eliminating the insecure\n practice of cleartext passwords.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00087.html\");\n script_id(861526);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:01:32 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2007-2017\");\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4000\", \"CVE-2007-2442\", \"CVE-2007-2443\", \"CVE-2007-2798\", \"CVE-2007-0956\", \"CVE-2007-0957\", \"CVE-2007-1216\");\n script_name( \"Fedora Update for krb5 FEDORA-2007-2017\");\n\n script_summary(\"Check for the Version of krb5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.1~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.1~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server-ldap\", rpm:\"krb5-server-ldap~1.6.1~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-libs\", rpm:\"krb5-libs~1.6.1~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.6.1~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.1~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation-servers\", rpm:\"krb5-workstation-servers~1.6.1~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-debuginfo\", rpm:\"krb5-debuginfo~1.6.1~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation-clients\", rpm:\"krb5-workstation-clients~1.6.1~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.6.1~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation-servers\", rpm:\"krb5-workstation-servers~1.6.1~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation-clients\", rpm:\"krb5-workstation-clients~1.6.1~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server-ldap\", rpm:\"krb5-server-ldap~1.6.1~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.1~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-debuginfo\", rpm:\"krb5-debuginfo~1.6.1~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.1~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-libs\", rpm:\"krb5-libs~1.6.1~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:17", "description": "Check for the Version of krb5", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "Fedora Update for krb5 FEDORA-2007-2066", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2442", "CVE-2007-2798", "CVE-2007-4743", "CVE-2007-0957", "CVE-2007-0956", "CVE-2007-1216", "CVE-2007-4000", "CVE-2007-2443", "CVE-2007-3999"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:861237", "href": "http://plugins.openvas.org/nasl.php?oid=861237", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for krb5 FEDORA-2007-2066\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"krb5 on Fedora 7\";\ntag_insight = \"Kerberos V5 is a trusted-third-party network authentication system,\n which can improve your network's security by eliminating the insecure\n practice of cleartext passwords.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00128.html\");\n script_id(861237);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:01:32 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2007-2066\");\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4000\", \"CVE-2007-2442\", \"CVE-2007-2443\", \"CVE-2007-2798\", \"CVE-2007-0956\", \"CVE-2007-0957\", \"CVE-2007-1216\", \"CVE-2007-4743\");\n script_name( \"Fedora Update for krb5 FEDORA-2007-2066\");\n\n script_summary(\"Check for the Version of krb5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.1~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation-servers\", rpm:\"krb5-workstation-servers~1.6.1~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.1~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-libs\", rpm:\"krb5-libs~1.6.1~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.6.1~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-debuginfo\", rpm:\"krb5-debuginfo~1.6.1~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation-clients\", rpm:\"krb5-workstation-clients~1.6.1~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server-ldap\", rpm:\"krb5-server-ldap~1.6.1~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.1~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server-ldap\", rpm:\"krb5-server-ldap~1.6.1~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-debuginfo\", rpm:\"krb5-debuginfo~1.6.1~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.1~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-libs\", rpm:\"krb5-libs~1.6.1~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation-servers\", rpm:\"krb5-workstation-servers~1.6.1~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation-clients\", rpm:\"krb5-workstation-clients~1.6.1~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.6.1~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.1~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:33", "description": "Check for the Version of krb5", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for krb5 FEDORA-2008-2637", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0063", "CVE-2007-2442", "CVE-2007-2798", "CVE-2007-5901", "CVE-2008-0947", "CVE-2007-4743", "CVE-2007-0957", "CVE-2007-5971", "CVE-2007-0956", "CVE-2007-1216", "CVE-2007-4000", "CVE-2007-2443", "CVE-2007-3999", "CVE-2008-0062"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860003", "href": "http://plugins.openvas.org/nasl.php?oid=860003", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for krb5 FEDORA-2008-2637\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"krb5 on Fedora 7\";\ntag_insight = \"Kerberos V5 is a trusted-third-party network authentication system,\n which can improve your network's security by eliminating the insecure\n practice of cleartext passwords.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00537.html\");\n script_id(860003);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 16:22:52 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-2637\");\n script_cve_id(\"CVE-2007-5971\", \"CVE-2007-5901\", \"CVE-2008-0062\", \"CVE-2008-0063\", \"CVE-2008-0947\", \"CVE-2007-3999\", \"CVE-2007-4743\", \"CVE-2007-4000\", \"CVE-2007-2442\", \"CVE-2007-2443\", \"CVE-2007-2798\", \"CVE-2007-0956\", \"CVE-2007-0957\", \"CVE-2007-1216\");\n script_name( \"Fedora Update for krb5 FEDORA-2008-2637\");\n\n script_summary(\"Check for the Version of krb5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.1~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-08-19T13:13:37", "description": "A stack-based buffer overflow vulnerability was discovered in the RPCSEC_GSS RPC library by Tenable Network Security that could potentially allow for the execution of arbitrary code.\n\nUpdated packages have been patched to prevent these issues.", "cvss3": {"score": null, "vector": null}, "published": "2007-09-14T00:00:00", "type": "nessus", "title": "Mandrake Linux Security Advisory : librpcsecgss (MDKSA-2007:181)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64rpcsecgss2", "p-cpe:/a:mandriva:linux:lib64rpcsecgss2-devel", "p-cpe:/a:mandriva:linux:lib64rpcsecgss3", "p-cpe:/a:mandriva:linux:lib64rpcsecgss3-devel", "p-cpe:/a:mandriva:linux:librpcsecgss2", "p-cpe:/a:mandriva:linux:librpcsecgss2-devel", "p-cpe:/a:mandriva:linux:librpcsecgss3", "p-cpe:/a:mandriva:linux:librpcsecgss3-devel", "cpe:/o:mandriva:linux:2007", "cpe:/o:mandriva:linux:2007.1"], "id": "MANDRAKE_MDKSA-2007-181.NASL", "href": "https://www.tenable.com/plugins/nessus/26048", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2007:181. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26048);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-3999\");\n script_bugtraq_id(25534);\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n script_xref(name:\"MDKSA\", value:\"2007:181\");\n\n script_name(english:\"Mandrake Linux Security Advisory : librpcsecgss (MDKSA-2007:181)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A stack-based buffer overflow vulnerability was discovered in the\nRPCSEC_GSS RPC library by Tenable Network Security that could\npotentially allow for the execution of arbitrary code.\n\nUpdated packages have been patched to prevent these issues.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/research/tra-2007-07\");\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64rpcsecgss2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64rpcsecgss2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64rpcsecgss3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64rpcsecgss3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:librpcsecgss2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:librpcsecgss2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:librpcsecgss3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:librpcsecgss3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64rpcsecgss2-0.12-2.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64rpcsecgss2-devel-0.12-2.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"librpcsecgss2-0.12-2.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"librpcsecgss2-devel-0.12-2.1mdv2007.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64rpcsecgss3-0.14-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64rpcsecgss3-devel-0.14-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"librpcsecgss3-0.14-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"librpcsecgss3-devel-0.14-1.1mdv2007.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:57:36", "description": "Tenable Network Security discovered a stack-based buffer overflow flaw in the RPC library used by nfs-utils-lib. A remote unauthenticated attacker who can access an application linked against nfs-utils-lib could trigger this flaw and cause the application to crash. On Red Hat Enterprise Linux 4 it is not possible to exploit this flaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE.\n(CVE-2007-3999)", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : nfs-utils-lib on SL4.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20070919_NFS_UTILS_LIB_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60253", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60253);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3999\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"Scientific Linux Security Update : nfs-utils-lib on SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Tenable Network Security discovered a stack-based buffer overflow flaw\nin the RPC library used by nfs-utils-lib. A remote unauthenticated\nattacker who can access an application linked against nfs-utils-lib\ncould trigger this flaw and cause the application to crash. On Red Hat\nEnterprise Linux 4 it is not possible to exploit this flaw to run\narbitrary code as the overflow is blocked by FORTIFY_SOURCE.\n(CVE-2007-3999)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0709&L=scientific-linux-errata&T=0&P=1514\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?105e1437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected nfs-utils-lib and / or nfs-utils-lib-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"nfs-utils-lib-1.0.6-8.z1\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"nfs-utils-lib-devel-1.0.6-8.z1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:13:30", "description": "An updated nfs-utils-lib package to correct a security flaw is now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe nfs-utils-lib package contains support libraries that are needed by the commands and daemons of the nfs-utils package.\n\nTenable Network Security discovered a stack-based buffer overflow flaw in the RPC library used by nfs-utils-lib. A remote unauthenticated attacker who can access an application linked against nfs-utils-lib could trigger this flaw and cause the application to crash. On Red Hat Enterprise Linux 4 it is not possible to exploit this flaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE.\n(CVE-2007-3999)\n\nUsers of nfs-utils-lib are advised to upgrade to this updated package, which contains a backported patch that resolves this issue.", "cvss3": {"score": null, "vector": null}, "published": "2007-09-24T00:00:00", "type": "nessus", "title": "CentOS 4 : nfs-utils-lib (CESA-2007:0913)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:nfs-utils-lib", "p-cpe:/a:centos:centos:nfs-utils-lib-devel", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2007-0913.NASL", "href": "https://www.tenable.com/plugins/nessus/26077", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0913 and \n# CentOS Errata and Security Advisory 2007:0913 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26077);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-3999\");\n script_bugtraq_id(25534);\n script_xref(name:\"RHSA\", value:\"2007:0913\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"CentOS 4 : nfs-utils-lib (CESA-2007:0913)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated nfs-utils-lib package to correct a security flaw is now\navailable for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe nfs-utils-lib package contains support libraries that are needed\nby the commands and daemons of the nfs-utils package.\n\nTenable Network Security discovered a stack-based buffer overflow flaw\nin the RPC library used by nfs-utils-lib. A remote unauthenticated\nattacker who can access an application linked against nfs-utils-lib\ncould trigger this flaw and cause the application to crash. On Red Hat\nEnterprise Linux 4 it is not possible to exploit this flaw to run\narbitrary code as the overflow is blocked by FORTIFY_SOURCE.\n(CVE-2007-3999)\n\nUsers of nfs-utils-lib are advised to upgrade to this updated package,\nwhich contains a backported patch that resolves this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-September/014207.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?84463253\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-September/014233.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bdc2494a\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-September/014234.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3d1d7c3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nfs-utils-lib packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nfs-utils-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nfs-utils-lib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"nfs-utils-lib-1.0.6-8.z1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"nfs-utils-lib-1.0.6-8.z1.c4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"nfs-utils-lib-1.0.6-8.z1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"nfs-utils-lib-devel-1.0.6-8.z1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"nfs-utils-lib-devel-1.0.6-8.z1.c4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"nfs-utils-lib-devel-1.0.6-8.z1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nfs-utils-lib / nfs-utils-lib-devel\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:12:09", "description": "This update fixes a security problem in the librpcsecgss library used by NFSv4 also found in krb5. A invalid packet could underflow and potentially cause memory corruption and code execution.\n(CVE-2007-3999)", "cvss3": {"score": null, "vector": null}, "published": "2007-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : librpcsecgss (ZYPP Patch Number 4601)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_LIBRPCSECGSS-4601.NASL", "href": "https://www.tenable.com/plugins/nessus/29510", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29510);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3999\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"SuSE 10 Security Update : librpcsecgss (ZYPP Patch Number 4601)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a security problem in the librpcsecgss library used\nby NFSv4 also found in krb5. A invalid packet could underflow and\npotentially cause memory corruption and code execution.\n(CVE-2007-3999)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3999.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 4601.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"librpcsecgss-0.7-13.8\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"librpcsecgss-0.7-13.8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:54:17", "description": "From Red Hat Security Advisory 2007:0913 :\n\nAn updated nfs-utils-lib package to correct a security flaw is now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe nfs-utils-lib package contains support libraries that are needed by the commands and daemons of the nfs-utils package.\n\nTenable Network Security discovered a stack-based buffer overflow flaw in the RPC library used by nfs-utils-lib. A remote unauthenticated attacker who can access an application linked against nfs-utils-lib could trigger this flaw and cause the application to crash. On Red Hat Enterprise Linux 4 it is not possible to exploit this flaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE.\n(CVE-2007-3999)\n\nUsers of nfs-utils-lib are advised to upgrade to this updated package, which contains a backported patch that resolves this issue.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 : nfs-utils-lib (ELSA-2007-0913)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:nfs-utils-lib", "p-cpe:/a:oracle:linux:nfs-utils-lib-devel", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2007-0913.NASL", "href": "https://www.tenable.com/plugins/nessus/67575", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2007:0913 and \n# Oracle Linux Security Advisory ELSA-2007-0913 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67575);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3999\");\n script_bugtraq_id(25534);\n script_xref(name:\"RHSA\", value:\"2007:0913\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"Oracle Linux 4 : nfs-utils-lib (ELSA-2007-0913)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2007:0913 :\n\nAn updated nfs-utils-lib package to correct a security flaw is now\navailable for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe nfs-utils-lib package contains support libraries that are needed\nby the commands and daemons of the nfs-utils package.\n\nTenable Network Security discovered a stack-based buffer overflow flaw\nin the RPC library used by nfs-utils-lib. A remote unauthenticated\nattacker who can access an application linked against nfs-utils-lib\ncould trigger this flaw and cause the application to crash. On Red Hat\nEnterprise Linux 4 it is not possible to exploit this flaw to run\narbitrary code as the overflow is blocked by FORTIFY_SOURCE.\n(CVE-2007-3999)\n\nUsers of nfs-utils-lib are advised to upgrade to this updated package,\nwhich contains a backported patch that resolves this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2007-September/000331.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nfs-utils-lib packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nfs-utils-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nfs-utils-lib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"nfs-utils-lib-1.0.6-8.z1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"nfs-utils-lib-1.0.6-8.z1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"nfs-utils-lib-devel-1.0.6-8.z1\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"nfs-utils-lib-devel-1.0.6-8.z1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nfs-utils-lib / nfs-utils-lib-devel\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:13:49", "description": "SunOS 5.8_x86: rpcsec_gss patch.\nDate this patch was last updated by Sun : Oct/19/07", "cvss3": {"score": null, "vector": null}, "published": "2007-07-02T00:00:00", "type": "nessus", "title": "Solaris 8 (x86) : 126929-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:sun:solaris"], "id": "SOLARIS8_X86_126929.NASL", "href": "https://www.tenable.com/plugins/nessus/25652", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25652);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3999\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"Solaris 8 (x86) : 126929-02\");\n script_summary(english:\"Check for patch 126929-02\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 126929-02\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.8_x86: rpcsec_gss patch.\nDate this patch was last updated by Sun : Oct/19/07\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://download.oracle.com/sunalerts/1000994.1.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"You should install this patch for your system to be up-to-date.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/07/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.8_x86\", arch:\"i386\", patch:\"126929-02\", obsoleted_by:\"\", package:\"SUNWrsg\", version:\"11.8.0,REV=2000.01.08.18.17\") < 0) flag++;\nif (solaris_check_patch(release:\"5.8_x86\", arch:\"i386\", patch:\"126929-02\", obsoleted_by:\"\", package:\"SUNWrsgk\", version:\"11.8.0,REV=2000.01.08.18.17\") < 0) flag++;\nif (solaris_check_patch(release:\"5.8_x86\", arch:\"i386\", patch:\"126929-02\", obsoleted_by:\"\", package:\"SUNWcsr\", version:\"11.8.0,REV=2000.01.08.18.17\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report());\n else security_hole(0);\n exit(0);\n}\naudit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:13:04", "description": "SunOS 5.10_x86: rpcsec patch.\nDate this patch was last updated by Sun : Oct/12/07", "cvss3": {"score": null, "vector": null}, "published": "2007-10-17T00:00:00", "type": "nessus", "title": "Solaris 10 (x86) : 126662-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "SOLARIS10_X86_126662.NASL", "href": "https://www.tenable.com/plugins/nessus/27081", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n# @DEPRECATED@\n#\n# This script has been deprecated as the associated patch is not\n# currently a recommended security fix.\n#\n# Disabled on 2011/10/24.\n#\n\n#\n# (C) Tenable Network Security, Inc.\n#\n#\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif(description)\n{\n script_id(27081);\n script_version(\"1.26\");\n\n script_name(english: \"Solaris 10 (x86) : 126662-02\");\n script_cve_id(\"CVE-2007-3999\");\n script_set_attribute(attribute: \"synopsis\", value:\n\"The remote host is missing Sun Security Patch number 126662-02\");\n script_set_attribute(attribute: \"description\", value:\n'SunOS 5.10_x86: rpcsec patch.\nDate this patch was last updated by Sun : Oct/12/07');\n script_set_attribute(attribute: \"solution\", value:\n\"You should install this patch for your system to be up-to-date.\");\n script_set_attribute(attribute: \"see_also\", value:\n\"http://download.oracle.com/sunalerts/1000994.1.html\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119,20);\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2007/10/17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2007/09/04\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2007/09/04\");\n script_end_attributes();\n\n script_summary(english: \"Check for patch 126662-02\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n family[\"english\"] = \"Solaris Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Solaris/showrev\");\n exit(0);\n}\n\n# Deprecated.\nexit(0, \"The associated patch is not currently a recommended security fix.\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T14:26:45", "description": "The originally-used patch for CVE-2007-3999 didn't completely fix the bug. This update includes the revised patch.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2007-09-14T00:00:00", "type": "nessus", "title": "Fedora Core 6 : krb5-1.5-23.fc6 (2007-694)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:krb5-debuginfo", "p-cpe:/a:fedoraproject:fedora:krb5-devel", "p-cpe:/a:fedoraproject:fedora:krb5-libs", "p-cpe:/a:fedoraproject:fedora:krb5-server", "p-cpe:/a:fedoraproject:fedora:krb5-workstation", "cpe:/o:fedoraproject:fedora_core:6"], "id": "FEDORA_2007-694.NASL", "href": "https://www.tenable.com/plugins/nessus/26036", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-694.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26036);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2007-694\");\n\n script_name(english:\"Fedora Core 6 : krb5-1.5-23.fc6 (2007-694)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The originally-used patch for CVE-2007-3999 didn't completely fix the\nbug. This update includes the revised patch.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-September/003665.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8101fec1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 6.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC6\", reference:\"krb5-debuginfo-1.5-23.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"krb5-devel-1.5-23.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"krb5-libs-1.5-23.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"krb5-server-1.5-23.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"krb5-workstation-1.5-23.fc6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-debuginfo / krb5-devel / krb5-libs / krb5-server / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-08-19T13:13:11", "description": "SunOS 5.10: rpcsec patch.\nDate this patch was last updated by Sun : Oct/12/07", "cvss3": {"score": null, "vector": null}, "published": "2007-09-25T00:00:00", "type": "nessus", "title": "Solaris 10 (sparc) : 126661-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "SOLARIS10_126661.NASL", "href": "https://www.tenable.com/plugins/nessus/26162", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n# @DEPRECATED@\n#\n# This script has been deprecated as the associated patch is not\n# currently a recommended security fix.\n#\n# Disabled on 2011/10/24.\n#\n\n#\n# (C) Tenable Network Security, Inc.\n#\n#\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif(description)\n{\n script_id(26162);\n script_version(\"1.30\");\n\n script_name(english: \"Solaris 10 (sparc) : 126661-02\");\n script_cve_id(\"CVE-2007-3999\");\n script_set_attribute(attribute: \"synopsis\", value:\n\"The remote host is missing Sun Security Patch number 126661-02\");\n script_set_attribute(attribute: \"description\", value:\n'SunOS 5.10: rpcsec patch.\nDate this patch was last updated by Sun : Oct/12/07');\n script_set_attribute(attribute: \"solution\", value:\n\"You should install this patch for your system to be up-to-date.\");\n script_set_attribute(attribute: \"see_also\", value:\n\"http://download.oracle.com/sunalerts/1000994.1.html\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119,20);\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2007/09/25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2007/09/04\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2007/09/04\");\n script_end_attributes();\n\n script_summary(english: \"Check for patch 126661-02\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n family[\"english\"] = \"Solaris Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Solaris/showrev\");\n exit(0);\n}\n\n# Deprecated.\nexit(0, \"The associated patch is not currently a recommended security fix.\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:11:07", "description": "- Thu Jan 24 2008 Steve Dickson <steved at redhat.com> 0.1.7-15\n\n - Protect from buffer overflow in the GSS code. (bz 362121)\n\n - Mon Dec 17 2007 Steve Dickson <steved at redhat.com> 0.1.7-14\n\n - Fixed typo in /etc/netconfig file (bz 414471)\n\n - Thu Oct 25 2007 Steve Dickson <steved at redhat.com> 0.1.7-13\n\n - Added a check for the ARM arch (bz 351071)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2008-03-07T00:00:00", "type": "nessus", "title": "Fedora 8 : libtirpc-0.1.7-15.fc8 (2008-1017)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libtirpc", "cpe:/o:fedoraproject:fedora:8"], "id": "FEDORA_2008-1017.NASL", "href": "https://www.tenable.com/plugins/nessus/31362", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-1017.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31362);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-3999\");\n script_bugtraq_id(25534);\n script_xref(name:\"FEDORA\", value:\"2008-1017\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"Fedora 8 : libtirpc-0.1.7-15.fc8 (2008-1017)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Thu Jan 24 2008 Steve Dickson <steved at redhat.com>\n 0.1.7-15\n\n - Protect from buffer overflow in the GSS code. (bz\n 362121)\n\n - Mon Dec 17 2007 Steve Dickson <steved at redhat.com>\n 0.1.7-14\n\n - Fixed typo in /etc/netconfig file (bz 414471)\n\n - Thu Oct 25 2007 Steve Dickson <steved at redhat.com>\n 0.1.7-13\n\n - Added a check for the ARM arch (bz 351071)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=250973\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-March/008512.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ca29b430\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libtirpc package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libtirpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/03/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"libtirpc-0.1.7-15.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtirpc\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:12:41", "description": "This update fixes a security problem in the librpcsecgss library used by NFSv4 also found in krb5. A invalid packet could underflow and potentially cause memory corruption and code execution.\n(CVE-2007-3999)", "cvss3": {"score": null, "vector": null}, "published": "2007-11-12T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : librpcsecgss (librpcsecgss-4600)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:librpcsecgss", "cpe:/o:novell:opensuse:10.1", "cpe:/o:novell:opensuse:10.2", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_LIBRPCSECGSS-4600.NASL", "href": "https://www.tenable.com/plugins/nessus/28176", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update librpcsecgss-4600.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(28176);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3999\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"openSUSE 10 Security Update : librpcsecgss (librpcsecgss-4600)\");\n script_summary(english:\"Check for the librpcsecgss-4600 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a security problem in the librpcsecgss library used\nby NFSv4 also found in krb5. A invalid packet could underflow and\npotentially cause memory corruption and code execution.\n(CVE-2007-3999)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected librpcsecgss package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:librpcsecgss\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2|SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2 / 10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"librpcsecgss-0.7-13.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"librpcsecgss-0.14-23\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"librpcsecgss-0.14-71.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"librpcsecgss\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:13:03", "description": "The remote host is affected by the vulnerability described in GLSA-200710-01 (RPCSEC_GSS library: Buffer overflow)\n\n A stack based buffer overflow has been discovered in the svcauth_gss_validate() function in file lib/rpc/svc_auth_gss.c when processing an overly long string in a RPC message.\n Impact :\n\n A remote attacker could send a specially crafted RPC request to an application relying on this library, e.g NFSv4 or Kerberos (GLSA-200709-01), resulting in the execution of arbitrary code with the privileges of the user running the application.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2007-10-09T00:00:00", "type": "nessus", "title": "GLSA-200710-01 : RPCSEC_GSS library: Buffer overflow", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:librpcsecgss", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200710-01.NASL", "href": "https://www.tenable.com/plugins/nessus/26941", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200710-01.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26941);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-3999\");\n script_xref(name:\"GLSA\", value:\"200710-01\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"GLSA-200710-01 : RPCSEC_GSS library: Buffer overflow\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200710-01\n(RPCSEC_GSS library: Buffer overflow)\n\n A stack based buffer overflow has been discovered in the\n svcauth_gss_validate() function in file lib/rpc/svc_auth_gss.c when\n processing an overly long string in a RPC message.\n \nImpact :\n\n A remote attacker could send a specially crafted RPC request to an\n application relying on this library, e.g NFSv4 or Kerberos\n (GLSA-200709-01), resulting in the execution of arbitrary code with the\n privileges of the user running the application.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200709-01\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200710-01\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All librpcsecgss users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-libs/librpcsecgss-0.16'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:librpcsecgss\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-libs/librpcsecgss\", unaffected:make_list(\"ge 0.16\"), vulnerable:make_list(\"lt 0.16\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"RPCSEC_GSS library\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:13:35", "description": "It was discovered that a buffer overflow of the RPC library of the MIT Kerberos reference implementation allows the execution of arbitrary code.\n\nThe oldstable distribution (sarge) is not affected by this problem.", "cvss3": {"score": null, "vector": null}, "published": "2007-09-05T00:00:00", "type": "nessus", "title": "Debian DSA-1367-1 : krb5 - buffer overflow", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:krb5", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1367.NASL", "href": "https://www.tenable.com/plugins/nessus/25974", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1367. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25974);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-3999\");\n script_bugtraq_id(25534);\n script_xref(name:\"DSA\", value:\"1367\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"Debian DSA-1367-1 : krb5 - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a buffer overflow of the RPC library of the MIT\nKerberos reference implementation allows the execution of arbitrary\ncode.\n\nThe oldstable distribution (sarge) is not affected by this problem.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2007/dsa-1367\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the Kerberos packages.\n\nFor the stable distribution (etch) this problem has been fixed in\nversion 1.4.4-7etch3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"krb5-admin-server\", reference:\"1.4.4-7etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"krb5-clients\", reference:\"1.4.4-7etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"krb5-doc\", reference:\"1.4.4-7etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"krb5-ftpd\", reference:\"1.4.4-7etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"krb5-kdc\", reference:\"1.4.4-7etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"krb5-rsh-server\", reference:\"1.4.4-7etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"krb5-telnetd\", reference:\"1.4.4-7etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"krb5-user\", reference:\"1.4.4-7etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libkadm55\", reference:\"1.4.4-7etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libkrb5-dbg\", reference:\"1.4.4-7etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libkrb5-dev\", reference:\"1.4.4-7etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libkrb53\", reference:\"1.4.4-7etch3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:13:36", "description": "It was discovered that a buffer overflow of the library for secure RPC communication over the rpcsec_gss protocol allows the execution of arbitrary code.\n\nThe oldstable distribution (sarge) doesn't contain librpcsecgss.", "cvss3": {"score": null, "vector": null}, "published": "2007-09-14T00:00:00", "type": "nessus", "title": "Debian DSA-1368-1 : librpcsecgss - buffer overflow", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:librpcsecgss", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1368.NASL", "href": "https://www.tenable.com/plugins/nessus/26029", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1368. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26029);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-3999\");\n script_xref(name:\"DSA\", value:\"1368\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"Debian DSA-1368-1 : librpcsecgss - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a buffer overflow of the library for secure RPC\ncommunication over the rpcsec_gss protocol allows the execution of\narbitrary code.\n\nThe oldstable distribution (sarge) doesn't contain librpcsecgss.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2007/dsa-1368\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the librpcsecgss packages.\n\nFor the stable distribution (etch) this problem has been fixed in\nversion 0.14-2etch1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:librpcsecgss\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"librpcsecgss-dev\", reference:\"0.14-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"librpcsecgss3\", reference:\"0.14-2etch1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:13:03", "description": "An updated nfs-utils-lib package to correct a security flaw is now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe nfs-utils-lib package contains support libraries that are needed by the commands and daemons of the nfs-utils package.\n\nTenable Network Security discovered a stack-based buffer overflow flaw in the RPC library used by nfs-utils-lib. A remote unauthenticated attacker who can access an application linked against nfs-utils-lib could trigger this flaw and cause the application to crash. On Red Hat Enterprise Linux 4 it is not possible to exploit this flaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE.\n(CVE-2007-3999)\n\nUsers of nfs-utils-lib are advised to upgrade to this updated package, which contains a backported patch that resolves this issue.", "cvss3": {"score": null, "vector": null}, "published": "2007-09-24T00:00:00", "type": "nessus", "title": "RHEL 4 : nfs-utils-lib (RHSA-2007:0913)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:nfs-utils-lib", "p-cpe:/a:redhat:enterprise_linux:nfs-utils-lib-devel", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.5"], "id": "REDHAT-RHSA-2007-0913.NASL", "href": "https://www.tenable.com/plugins/nessus/26112", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0913. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26112);\n script_version(\"1.35\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3999\");\n script_bugtraq_id(25534);\n script_xref(name:\"RHSA\", value:\"2007:0913\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"RHEL 4 : nfs-utils-lib (RHSA-2007:0913)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated nfs-utils-lib package to correct a security flaw is now\navailable for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe nfs-utils-lib package contains support libraries that are needed\nby the commands and daemons of the nfs-utils package.\n\nTenable Network Security discovered a stack-based buffer overflow flaw\nin the RPC library used by nfs-utils-lib. A remote unauthenticated\nattacker who can access an application linked against nfs-utils-lib\ncould trigger this flaw and cause the application to crash. On Red Hat\nEnterprise Linux 4 it is not possible to exploit this flaw to run\narbitrary code as the overflow is blocked by FORTIFY_SOURCE.\n(CVE-2007-3999)\n\nUsers of nfs-utils-lib are advised to upgrade to this updated package,\nwhich contains a backported patch that resolves this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3999\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2007:0913\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected nfs-utils-lib and / or nfs-utils-lib-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nfs-utils-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nfs-utils-lib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2007:0913\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"nfs-utils-lib-1.0.6-8.z1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"nfs-utils-lib-devel-1.0.6-8.z1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nfs-utils-lib / nfs-utils-lib-devel\");\n }\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:13:49", "description": "SunOS 5.8: rpcsec_gss patch.\nDate this patch was last updated by Sun : Oct/19/07", "cvss3": {"score": null, "vector": null}, "published": "2007-07-02T00:00:00", "type": "nessus", "title": "Solaris 8 (sparc) : 126928-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:sun:solaris"], "id": "SOLARIS8_126928.NASL", "href": "https://www.tenable.com/plugins/nessus/25650", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25650);\n script_version(\"1.29\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3999\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"Solaris 8 (sparc) : 126928-02\");\n script_summary(english:\"Check for patch 126928-02\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 126928-02\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.8: rpcsec_gss patch.\nDate this patch was last updated by Sun : Oct/19/07\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://download.oracle.com/sunalerts/1000994.1.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"You should install this patch for your system to be up-to-date.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/07/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.8\", arch:\"sparc\", patch:\"126928-02\", obsoleted_by:\"\", package:\"SUNWrsg\", version:\"11.8.0,REV=2000.01.08.18.12\") < 0) flag++;\nif (solaris_check_patch(release:\"5.8\", arch:\"sparc\", patch:\"126928-02\", obsoleted_by:\"\", package:\"SUNWrsgk\", version:\"11.8.0,REV=2000.01.08.18.12\") < 0) flag++;\nif (solaris_check_patch(release:\"5.8\", arch:\"sparc\", patch:\"126928-02\", obsoleted_by:\"\", package:\"SUNWrsgx\", version:\"11.8.0,REV=2000.01.08.18.12\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report());\n else security_hole(0);\n exit(0);\n}\naudit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:13:37", "description": "Updated krb5 packages that correct a security flaw are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nKerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. kadmind is the KADM5 administration server.\n\nThe MIT Kerberos Team discovered a problem with the originally published patch for svc_auth_gss.c (CVE-2007-3999). A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash. On Red Hat Enterprise Linux 5 it is not possible to exploit this flaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE. (CVE-2007-4743)\n\nThis issue did not affect the versions of Kerberos distributed with Red Hat Enterprise Linux 2.1, 3, or 4.\n\nUsers of krb5-server are advised to update to these erratum packages which contain a corrected backported fix for this issue.", "cvss3": {"score": null, "vector": null}, "published": "2007-09-14T00:00:00", "type": "nessus", "title": "RHEL 5 : krb5 (RHSA-2007:0892)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4743"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:krb5-devel", "p-cpe:/a:redhat:enterprise_linux:krb5-libs", "p-cpe:/a:redhat:enterprise_linux:krb5-server", "p-cpe:/a:redhat:enterprise_linux:krb5-workstation", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2007-0892.NASL", "href": "https://www.tenable.com/plugins/nessus/26052", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0892. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26052);\n script_version(\"1.32\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4743\");\n script_bugtraq_id(25534);\n script_xref(name:\"RHSA\", value:\"2007:0892\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"RHEL 5 : krb5 (RHSA-2007:0892)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated krb5 packages that correct a security flaw are now available\nfor Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nKerberos is a network authentication system which allows clients and\nservers to authenticate to each other through use of symmetric\nencryption and a trusted third party, the KDC. kadmind is the KADM5\nadministration server.\n\nThe MIT Kerberos Team discovered a problem with the originally\npublished patch for svc_auth_gss.c (CVE-2007-3999). A remote\nunauthenticated attacker who can access kadmind could trigger this\nflaw and cause kadmind to crash. On Red Hat Enterprise Linux 5 it is\nnot possible to exploit this flaw to run arbitrary code as the\noverflow is blocked by FORTIFY_SOURCE. (CVE-2007-4743)\n\nThis issue did not affect the versions of Kerberos distributed with\nRed Hat Enterprise Linux 2.1, 3, or 4.\n\nUsers of krb5-server are advised to update to these erratum packages\nwhich contain a corrected backported fix for this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-4743\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2007:0892\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2007:0892\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"krb5-devel-1.5-29\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"krb5-libs-1.5-29\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"krb5-server-1.5-29\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"krb5-server-1.5-29\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"krb5-server-1.5-29\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"krb5-workstation-1.5-29\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"krb5-workstation-1.5-29\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"krb5-workstation-1.5-29\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-devel / krb5-libs / krb5-server / krb5-workstation\");\n }\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:58:00", "description": "Details :\n\nTenable Network Security discovered a stack-based buffer overflow flaw in the RPC library used by nfs-utils-lib. A remote unauthenticated attacker who can access an application linked against nfs-utils-lib could trigger this flaw and cause the application to crash. On Red Hat Enterprise Linux 5 it is not possible to exploit this flaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE.\n(CVE-2007-3999)\n\nTony Ernst from SGI has discovered a flaw in the way nfsidmap maps NFSv4 unknown uids. If an unknown user ID is encountered on an NFSv4 mounted filesystem, the files will default to being owned by 'root' rather than 'nobody'. (CVE-2007-4135)", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : nfs-utils-lib on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4135"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20071004_NFS_UTILS_LIB_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60260", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60260);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4135\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"Scientific Linux Security Update : nfs-utils-lib on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Details :\n\nTenable Network Security discovered a stack-based buffer overflow flaw\nin the RPC library used by nfs-utils-lib. A remote unauthenticated\nattacker who can access an application linked against nfs-utils-lib\ncould trigger this flaw and cause the application to crash. On Red Hat\nEnterprise Linux 5 it is not possible to exploit this flaw to run\narbitrary code as the overflow is blocked by FORTIFY_SOURCE.\n(CVE-2007-3999)\n\nTony Ernst from SGI has discovered a flaw in the way nfsidmap maps\nNFSv4 unknown uids. If an unknown user ID is encountered on an NFSv4\nmounted filesystem, the files will default to being owned by 'root'\nrather than 'nobody'. (CVE-2007-4135)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0710&L=scientific-linux-errata&T=0&P=187\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?940c225a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected nfs-utils-lib and / or nfs-utils-lib-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"nfs-utils-lib-1.0.8-7.2.z2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"nfs-utils-lib-devel-1.0.8-7.2.z2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:58:00", "description": "Tenable Network Security discovered a stack-based buffer overflow flaw in the RPC library used by kadmind. A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash. On Red Hat Enterprise Linux 5 it is not possible to exploit this flaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE. (CVE-2007-3999)\n\nGarrett Wollman discovered an uninitialized pointer flaw in kadmind. A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash. (CVE-2007-4000)", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : krb5 on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4000"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20070904_KRB5_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60248", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60248);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4000\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"Scientific Linux Security Update : krb5 on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Tenable Network Security discovered a stack-based buffer overflow flaw\nin the RPC library used by kadmind. A remote unauthenticated attacker\nwho can access kadmind could trigger this flaw and cause kadmind to\ncrash. On Red Hat Enterprise Linux 5 it is not possible to exploit\nthis flaw to run arbitrary code as the overflow is blocked by\nFORTIFY_SOURCE. (CVE-2007-3999)\n\nGarrett Wollman discovered an uninitialized pointer flaw in kadmind. A\nremote unauthenticated attacker who can access kadmind could trigger\nthis flaw and cause kadmind to crash. (CVE-2007-4000)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0709&L=scientific-linux-errata&T=0&P=191\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?90c17dc3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"krb5-devel-1.5-28\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"krb5-libs-1.5-28\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"krb5-server-1.5-28\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"krb5-workstation-1.5-28\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:53:47", "description": "From Red Hat Security Advisory 2007:0951 :\n\nAn updated nfs-utils-lib package to correct two security flaws is now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe nfs-utils-lib package contains support libraries that are needed by the commands and daemons of the nfs-utils package.\n\nThe updated nfs-utils package fixes the following vulnerabilities :\n\nTenable Network Security discovered a stack-based buffer overflow flaw in the RPC library used by nfs-utils-lib. A remote unauthenticated attacker who can access an application linked against nfs-utils-lib could trigger this flaw and cause the application to crash. On Red Hat Enterprise Linux 5 it is not possible to exploit this flaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE.\n(CVE-2007-3999)\n\nTony Ernst from SGI has discovered a flaw in the way nfsidmap maps NFSv4 unknown uids. If an unknown user ID is encountered on an NFSv4 mounted filesystem, the files will default to being owned by 'root' rather than 'nobody'. (CVE-2007-4135)\n\nUsers of nfs-utils-lib are advised to upgrade to this updated package, which contains backported patches to resolve these issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : nfs-utils-lib (ELSA-2007-0951)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4135"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:nfs-utils-lib", "p-cpe:/a:oracle:linux:nfs-utils-lib-devel", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2007-0951.NASL", "href": "https://www.tenable.com/plugins/nessus/67582", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2007:0951 and \n# Oracle Linux Security Advisory ELSA-2007-0951 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67582);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4135\");\n script_bugtraq_id(25534);\n script_xref(name:\"RHSA\", value:\"2007:0951\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"Oracle Linux 5 : nfs-utils-lib (ELSA-2007-0951)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2007:0951 :\n\nAn updated nfs-utils-lib package to correct two security flaws is now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe nfs-utils-lib package contains support libraries that are needed\nby the commands and daemons of the nfs-utils package.\n\nThe updated nfs-utils package fixes the following vulnerabilities :\n\nTenable Network Security discovered a stack-based buffer overflow flaw\nin the RPC library used by nfs-utils-lib. A remote unauthenticated\nattacker who can access an application linked against nfs-utils-lib\ncould trigger this flaw and cause the application to crash. On Red Hat\nEnterprise Linux 5 it is not possible to exploit this flaw to run\narbitrary code as the overflow is blocked by FORTIFY_SOURCE.\n(CVE-2007-3999)\n\nTony Ernst from SGI has discovered a flaw in the way nfsidmap maps\nNFSv4 unknown uids. If an unknown user ID is encountered on an NFSv4\nmounted filesystem, the files will default to being owned by 'root'\nrather than 'nobody'. (CVE-2007-4135)\n\nUsers of nfs-utils-lib are advised to upgrade to this updated package,\nwhich contains backported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2007-October/000347.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nfs-utils-lib packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nfs-utils-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nfs-utils-lib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"nfs-utils-lib-1.0.8-7.2.z2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nfs-utils-lib-devel-1.0.8-7.2.z2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nfs-utils-lib / nfs-utils-lib-devel\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:13:16", "description": "An updated nfs-utils-lib package to correct two security flaws is now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe nfs-utils-lib package contains support libraries that are needed by the commands and daemons of the nfs-utils package.\n\nThe updated nfs-utils package fixes the following vulnerabilities :\n\nTenable Network Security discovered a stack-based buffer overflow flaw in the RPC library used by nfs-utils-lib. A remote unauthenticated attacker who can access an application linked against nfs-utils-lib could trigger this flaw and cause the application to crash. On Red Hat Enterprise Linux 5 it is not possible to exploit this flaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE.\n(CVE-2007-3999)\n\nTony Ernst from SGI has discovered a flaw in the way nfsidmap maps NFSv4 unknown uids. If an unknown user ID is encountered on an NFSv4 mounted filesystem, the files will default to being owned by 'root' rather than 'nobody'. (CVE-2007-4135)\n\nUsers of nfs-utils-lib are advised to upgrade to this updated package, which contains backported patches to resolve these issues.", "cvss3": {"score": null, "vector": null}, "published": "2007-10-03T00:00:00", "type": "nessus", "title": "RHEL 5 : nfs-utils-lib (RHSA-2007:0951)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4135"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:nfs-utils-lib", "p-cpe:/a:redhat:enterprise_linux:nfs-utils-lib-devel", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2007-0951.NASL", "href": "https://www.tenable.com/plugins/nessus/26907", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0951. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26907);\n script_version(\"1.35\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4135\");\n script_bugtraq_id(25534);\n script_xref(name:\"RHSA\", value:\"2007:0951\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"RHEL 5 : nfs-utils-lib (RHSA-2007:0951)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated nfs-utils-lib package to correct two security flaws is now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe nfs-utils-lib package contains support libraries that are needed\nby the commands and daemons of the nfs-utils package.\n\nThe updated nfs-utils package fixes the following vulnerabilities :\n\nTenable Network Security discovered a stack-based buffer overflow flaw\nin the RPC library used by nfs-utils-lib. A remote unauthenticated\nattacker who can access an application linked against nfs-utils-lib\ncould trigger this flaw and cause the application to crash. On Red Hat\nEnterprise Linux 5 it is not possible to exploit this flaw to run\narbitrary code as the overflow is blocked by FORTIFY_SOURCE.\n(CVE-2007-3999)\n\nTony Ernst from SGI has discovered a flaw in the way nfsidmap maps\nNFSv4 unknown uids. If an unknown user ID is encountered on an NFSv4\nmounted filesystem, the files will default to being owned by 'root'\nrather than 'nobody'. (CVE-2007-4135)\n\nUsers of nfs-utils-lib are advised to upgrade to this updated package,\nwhich contains backported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3999\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-4135\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2007:0951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected nfs-utils-lib and / or nfs-utils-lib-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nfs-utils-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nfs-utils-lib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2007:0951\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"nfs-utils-lib-1.0.8-7.2.z2\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"nfs-utils-lib-devel-1.0.8-7.2.z2\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nfs-utils-lib / nfs-utils-lib-devel\");\n }\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:13:04", "description": "This update of krb5 fixes two bugs in kadmind that can be used to execute arbitrary code remotely. (CVE-2007-3999, CVE-2007-4000)", "cvss3": {"score": null, "vector": null}, "published": "2007-10-17T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : krb5 (krb5-4191)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4000"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:krb5", "p-cpe:/a:novell:opensuse:krb5-32bit", "p-cpe:/a:novell:opensuse:krb5-apps-clients", "p-cpe:/a:novell:opensuse:krb5-apps-servers", "p-cpe:/a:novell:opensuse:krb5-client", "p-cpe:/a:novell:opensuse:krb5-devel", "p-cpe:/a:novell:opensuse:krb5-devel-32bit", "p-cpe:/a:novell:opensuse:krb5-server", "cpe:/o:novell:opensuse:10.1", "cpe:/o:novell:opensuse:10.2"], "id": "SUSE_KRB5-4191.NASL", "href": "https://www.tenable.com/plugins/nessus/27310", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update krb5-4191.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27310);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4000\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"openSUSE 10 Security Update : krb5 (krb5-4191)\");\n script_summary(english:\"Check for the krb5-4191 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of krb5 fixes two bugs in kadmind that can be used to\nexecute arbitrary code remotely. (CVE-2007-3999, CVE-2007-4000)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-apps-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-apps-servers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/08/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"krb5-1.4.3-19.25\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"krb5-apps-clients-1.4.3-19.25\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"krb5-apps-servers-1.4.3-19.25\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"krb5-client-1.4.3-19.25\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"krb5-devel-1.4.3-19.25\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"krb5-server-1.4.3-19.25\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", cpu:\"x86_64\", reference:\"krb5-32bit-1.4.3-19.25\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", cpu:\"x86_64\", reference:\"krb5-devel-32bit-1.4.3-19.25\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"krb5-1.5.1-23.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"krb5-apps-clients-1.5.1-23.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"krb5-apps-servers-1.5.1-23.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"krb5-client-1.5.1-23.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"krb5-devel-1.5.1-23.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"krb5-server-1.5.1-23.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", cpu:\"x86_64\", reference:\"krb5-32bit-1.5.1-23.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", cpu:\"x86_64\", reference:\"krb5-devel-32bit-1.5.1-23.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:54:04", "description": "From Red Hat Security Advisory 2007:0858 :\n\nUpdated krb5 packages that fix two security flaws are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nKerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. kadmind is the KADM5 administration server.\n\nTenable Network Security discovered a stack-based buffer overflow flaw in the RPC library used by kadmind. A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash. On Red Hat Enterprise Linux 5 it is not possible to exploit this flaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE. (CVE-2007-3999)\n\nGarrett Wollman discovered an uninitialized pointer flaw in kadmind. A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash. (CVE-2007-4000)\n\nThese issues did not affect the versions of Kerberos distributed with Red Hat Enterprise Linux 2.1, 3, or 4.\n\nUsers of krb5-server are advised to update to these erratum packages which contain backported fixes to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : krb5 (ELSA-2007-0858)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4000"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:krb5-devel", "p-cpe:/a:oracle:linux:krb5-libs", "p-cpe:/a:oracle:linux:krb5-server", "p-cpe:/a:oracle:linux:krb5-workstation", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2007-0858.NASL", "href": "https://www.tenable.com/plugins/nessus/67562", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2007:0858 and \n# Oracle Linux Security Advisory ELSA-2007-0858 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67562);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4000\");\n script_bugtraq_id(25534);\n script_xref(name:\"RHSA\", value:\"2007:0858\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"Oracle Linux 5 : krb5 (ELSA-2007-0858)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2007:0858 :\n\nUpdated krb5 packages that fix two security flaws are now available\nfor Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nKerberos is a network authentication system which allows clients and\nservers to authenticate to each other through use of symmetric\nencryption and a trusted third party, the KDC. kadmind is the KADM5\nadministration server.\n\nTenable Network Security discovered a stack-based buffer overflow flaw\nin the RPC library used by kadmind. A remote unauthenticated attacker\nwho can access kadmind could trigger this flaw and cause kadmind to\ncrash. On Red Hat Enterprise Linux 5 it is not possible to exploit\nthis flaw to run arbitrary code as the overflow is blocked by\nFORTIFY_SOURCE. (CVE-2007-3999)\n\nGarrett Wollman discovered an uninitialized pointer flaw in kadmind. A\nremote unauthenticated attacker who can access kadmind could trigger\nthis flaw and cause kadmind to crash. (CVE-2007-4000)\n\nThese issues did not affect the versions of Kerberos distributed with\nRed Hat Enterprise Linux 2.1, 3, or 4.\n\nUsers of krb5-server are advised to update to these erratum packages\nwhich contain backported fixes to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2007-September/000318.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"krb5-devel-1.5-28\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"krb5-libs-1.5-28\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"krb5-server-1.5-28\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"krb5-workstation-1.5-28\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-devel / krb5-libs / krb5-server / krb5-workstation\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:54:04", "description": "From Red Hat Security Advisory 2007:0892 :\n\nUpdated krb5 packages that correct a security flaw are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nKerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. kadmind is the KADM5 administration server.\n\nThe MIT Kerberos Team discovered a problem with the originally published patch for svc_auth_gss.c (CVE-2007-3999). A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash. On Red Hat Enterprise Linux 5 it is not possible to exploit this flaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE. (CVE-2007-4743)\n\nThis issue did not affect the versions of Kerberos distributed with Red Hat Enterprise Linux 2.1, 3, or 4.\n\nUsers of krb5-server are advised to update to these erratum packages which contain a corrected backported fix for this issue.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : krb5 (ELSA-2007-0892)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4743"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:krb5-devel", "p-cpe:/a:oracle:linux:krb5-libs", "p-cpe:/a:oracle:linux:krb5-server", "p-cpe:/a:oracle:linux:krb5-workstation", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2007-0892.NASL", "href": "https://www.tenable.com/plugins/nessus/67571", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2007:0892 and \n# Oracle Linux Security Advisory ELSA-2007-0892 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67571);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4743\");\n script_bugtraq_id(25534);\n script_xref(name:\"RHSA\", value:\"2007:0892\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"Oracle Linux 5 : krb5 (ELSA-2007-0892)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2007:0892 :\n\nUpdated krb5 packages that correct a security flaw are now available\nfor Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nKerberos is a network authentication system which allows clients and\nservers to authenticate to each other through use of symmetric\nencryption and a trusted third party, the KDC. kadmind is the KADM5\nadministration server.\n\nThe MIT Kerberos Team discovered a problem with the originally\npublished patch for svc_auth_gss.c (CVE-2007-3999). A remote\nunauthenticated attacker who can access kadmind could trigger this\nflaw and cause kadmind to crash. On Red Hat Enterprise Linux 5 it is\nnot possible to exploit this flaw to run arbitrary code as the\noverflow is blocked by FORTIFY_SOURCE. (CVE-2007-4743)\n\nThis issue did not affect the versions of Kerberos distributed with\nRed Hat Enterprise Linux 2.1, 3, or 4.\n\nUsers of krb5-server are advised to update to these erratum packages\nwhich contain a corrected backported fix for this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2007-September/000321.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"krb5-devel-1.5-29\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"krb5-libs-1.5-29\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"krb5-server-1.5-29\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"krb5-workstation-1.5-29\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-devel / krb5-libs / krb5-server / krb5-workstation\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T14:27:18", "description": "This update incorporates fixes for a stack overflow in the rpcsec_gss implementation in libgssrpc (CVE-2007-3999) and a potential write through an uninitialized pointer in kadmind (CVE-2007-4000).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2007-09-05T00:00:00", "type": "nessus", "title": "Fedora Core 6 : krb5-1.5-22.fc6 (2007-690)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4000"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:krb5-debuginfo", "p-cpe:/a:fedoraproject:fedora:krb5-devel", "p-cpe:/a:fedoraproject:fedora:krb5-libs", "p-cpe:/a:fedoraproject:fedora:krb5-server", "p-cpe:/a:fedoraproject:fedora:krb5-workstation", "cpe:/o:fedoraproject:fedora_core:6"], "id": "FEDORA_2007-690.NASL", "href": "https://www.tenable.com/plugins/nessus/25980", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-690.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25980);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2007-690\");\n\n script_name(english:\"Fedora Core 6 : krb5-1.5-22.fc6 (2007-690)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update incorporates fixes for a stack overflow in the rpcsec_gss\nimplementation in libgssrpc (CVE-2007-3999) and a potential write\nthrough an uninitialized pointer in kadmind (CVE-2007-4000).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-September/003625.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d7d8207b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 6.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC6\", reference:\"krb5-debuginfo-1.5-22.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"krb5-devel-1.5-22.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"krb5-libs-1.5-22.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"krb5-server-1.5-22.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"krb5-workstation-1.5-22.fc6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-debuginfo / krb5-devel / krb5-libs / krb5-server / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-03-27T14:33:59", "description": "The originally-used patch for CVE-2007-3999 didn't completely fix the bug. This update includes the revised patch.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2007-11-06T00:00:00", "type": "nessus", "title": "Fedora 7 : krb5-1.6.1-4.fc7 (2007-2066)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4743"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:krb5-debuginfo", "p-cpe:/a:fedoraproject:fedora:krb5-devel", "p-cpe:/a:fedoraproject:fedora:krb5-libs", "p-cpe:/a:fedoraproject:fedora:krb5-server", "p-cpe:/a:fedoraproject:fedora:krb5-server-ldap", "p-cpe:/a:fedoraproject:fedora:krb5-workstation", "p-cpe:/a:fedoraproject:fedora:krb5-workstation-clients", "p-cpe:/a:fedoraproject:fedora:krb5-workstation-servers", "cpe:/o:fedoraproject:fedora:7"], "id": "FEDORA_2007-2066.NASL", "href": "https://www.tenable.com/plugins/nessus/27750", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-2066.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27750);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-4743\");\n script_xref(name:\"FEDORA\", value:\"2007-2066\");\n\n script_name(english:\"Fedora 7 : krb5-1.6.1-4.fc7 (2007-2066)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The originally-used patch for CVE-2007-3999 didn't completely fix the\nbug. This update includes the revised patch.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-September/003653.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?78bc34da\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-server-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-workstation-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-workstation-servers\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 7.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC7\", reference:\"krb5-debuginfo-1.6.1-4.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"krb5-devel-1.6.1-4.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"krb5-libs-1.6.1-4.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"krb5-server-1.6.1-4.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"krb5-server-ldap-1.6.1-4.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"krb5-workstation-1.6.1-4.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"krb5-workstation-clients-1.6.1-4.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"krb5-workstation-servers-1.6.1-4.fc7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-debuginfo / krb5-devel / krb5-libs / krb5-server / etc\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T14:32:17", "description": "It has been discovered that the original patch for a buffer overflow in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (CVE-2007-3999, DSA-1368-1) was insufficient to protect from arbitrary code execution in some environments.", "cvss3": {"score": null, "vector": null}, "published": "2007-10-17T00:00:00", "type": "nessus", "title": "Debian DSA-1387-1 : librpcsecgss - buffer overflow", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4743"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:librpcsecgss", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1387.NASL", "href": "https://www.tenable.com/plugins/nessus/27066", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1387. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27066);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-4743\");\n script_xref(name:\"DSA\", value:\"1387\");\n\n script_name(english:\"Debian DSA-1387-1 : librpcsecgss - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It has been discovered that the original patch for a buffer overflow\nin svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5\n(CVE-2007-3999, DSA-1368-1) was insufficient to protect from arbitrary\ncode execution in some environments.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-3999\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2007/dsa-1387\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the librpcsecgss package.\n\nThe old stable distribution (sarge) does not contain a librpcsecgss\npackage.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 0.14-2etch3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:librpcsecgss\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"librpcsecgss-dev\", reference:\"0.14-2etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"librpcsecgss3\", reference:\"0.14-2etch3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:05:35", "description": "Updated krb5 packages that correct a security flaw are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nKerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. kadmind is the KADM5 administration server.\n\nThe MIT Kerberos Team discovered a problem with the originally published patch for svc_auth_gss.c (CVE-2007-3999). A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash. On Red Hat Enterprise Linux 5 it is not possible to exploit this flaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE. (CVE-2007-4743)\n\nThis issue did not affect the versions of Kerberos distributed with Red Hat Enterprise Linux 2.1, 3, or 4.\n\nUsers of krb5-server are advised to update to these erratum packages which contain a corrected backported fix for this issue.", "cvss3": {"score": null, "vector": null}, "published": "2010-01-06T00:00:00", "type": "nessus", "title": "CentOS 5 : krb5 (CESA-2007:0892)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4743"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:krb5-devel", "p-cpe:/a:centos:centos:krb5-libs", "p-cpe:/a:centos:centos:krb5-server", "p-cpe:/a:centos:centos:krb5-workstation", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2007-0892.NASL", "href": "https://www.tenable.com/plugins/nessus/43652", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0892 and \n# CentOS Errata and Security Advisory 2007:0892 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43652);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4743\");\n script_bugtraq_id(25534);\n script_xref(name:\"RHSA\", value:\"2007:0892\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"CentOS 5 : krb5 (CESA-2007:0892)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated krb5 packages that correct a security flaw are now available\nfor Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nKerberos is a network authentication system which allows clients and\nservers to authenticate to each other through use of symmetric\nencryption and a trusted third party, the KDC. kadmind is the KADM5\nadministration server.\n\nThe MIT Kerberos Team discovered a problem with the originally\npublished patch for svc_auth_gss.c (CVE-2007-3999). A remote\nunauthenticated attacker who can access kadmind could trigger this\nflaw and cause kadmind to crash. On Red Hat Enterprise Linux 5 it is\nnot possible to exploit this flaw to run arbitrary code as the\noverflow is blocked by FORTIFY_SOURCE. (CVE-2007-4743)\n\nThis issue did not affect the versions of Kerberos distributed with\nRed Hat Enterprise Linux 2.1, 3, or 4.\n\nUsers of krb5-server are advised to update to these erratum packages\nwhich contain a corrected backported fix for this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-September/014186.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ecead817\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-September/014187.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e308d272\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"krb5-devel-1.5-29\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"krb5-libs-1.5-29\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"krb5-server-1.5-29\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"krb5-workstation-1.5-29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-devel / krb5-libs / krb5-server / krb5-workstation\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:05:35", "description": "Updated krb5 packages that fix two security flaws are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nKerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. kadmind is the KADM5 administration server.\n\nTenable Network Security discovered a stack-based buffer overflow flaw in the RPC library used by kadmind. A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash. On Red Hat Enterprise Linux 5 it is not possible to exploit this flaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE. (CVE-2007-3999)\n\nGarrett Wollman discovered an uninitialized pointer flaw in kadmind. A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash. (CVE-2007-4000)\n\nThese issues did not affect the versions of Kerberos distributed with Red Hat Enterprise Linux 2.1, 3, or 4.\n\nUsers of krb5-server are advised to update to these erratum packages which contain backported fixes to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-01-06T00:00:00", "type": "nessus", "title": "CentOS 5 : krb5 (CESA-2007:0858)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4000"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:krb5-devel", "p-cpe:/a:centos:centos:krb5-libs", "p-cpe:/a:centos:centos:krb5-server", "p-cpe:/a:centos:centos:krb5-workstation", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2007-0858.NASL", "href": "https://www.tenable.com/plugins/nessus/43650", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0858 and \n# CentOS Errata and Security Advisory 2007:0858 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43650);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4000\");\n script_bugtraq_id(25534);\n script_xref(name:\"RHSA\", value:\"2007:0858\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"CentOS 5 : krb5 (CESA-2007:0858)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated krb5 packages that fix two security flaws are now available\nfor Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nKerberos is a network authentication system which allows clients and\nservers to authenticate to each other through use of symmetric\nencryption and a trusted third party, the KDC. kadmind is the KADM5\nadministration server.\n\nTenable Network Security discovered a stack-based buffer overflow flaw\nin the RPC library used by kadmind. A remote unauthenticated attacker\nwho can access kadmind could trigger this flaw and cause kadmind to\ncrash. On Red Hat Enterprise Linux 5 it is not possible to exploit\nthis flaw to run arbitrary code as the overflow is blocked by\nFORTIFY_SOURCE. (CVE-2007-3999)\n\nGarrett Wollman discovered an uninitialized pointer flaw in kadmind. A\nremote unauthenticated attacker who can access kadmind could trigger\nthis flaw and cause kadmind to crash. (CVE-2007-4000)\n\nThese issues did not affect the versions of Kerberos distributed with\nRed Hat Enterprise Linux 2.1, 3, or 4.\n\nUsers of krb5-server are advised to update to these erratum packages\nwhich contain backported fixes to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-September/014176.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6cc751bc\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-September/014177.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?58cc8155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"krb5-devel-1.5-28\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"krb5-libs-1.5-28\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"krb5-server-1.5-28\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"krb5-workstation-1.5-28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-devel / krb5-libs / krb5-server / krb5-workstation\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:13:37", "description": "Updated krb5 packages that fix two security flaws are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nKerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. kadmind is the KADM5 administration server.\n\nTenable Network Security discovered a stack-based buffer overflow flaw in the RPC library used by kadmind. A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash. On Red Hat Enterprise Linux 5 it is not possible to exploit this flaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE. (CVE-2007-3999)\n\nGarrett Wollman discovered an uninitialized pointer flaw in kadmind. A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash. (CVE-2007-4000)\n\nThese issues did not affect the versions of Kerberos distributed with Red Hat Enterprise Linux 2.1, 3, or 4.\n\nUsers of krb5-server are advised to update to these erratum packages which contain backported fixes to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2007-09-05T00:00:00", "type": "nessus", "title": "RHEL 5 : krb5 (RHSA-2007:0858)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4000"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:krb5-devel", "p-cpe:/a:redhat:enterprise_linux:krb5-libs", "p-cpe:/a:redhat:enterprise_linux:krb5-server", "p-cpe:/a:redhat:enterprise_linux:krb5-workstation", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2007-0858.NASL", "href": "https://www.tenable.com/plugins/nessus/25987", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0858. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25987);\n script_version(\"1.35\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4000\");\n script_bugtraq_id(25534);\n script_xref(name:\"RHSA\", value:\"2007:0858\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"RHEL 5 : krb5 (RHSA-2007:0858)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated krb5 packages that fix two security flaws are now available\nfor Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nKerberos is a network authentication system which allows clients and\nservers to authenticate to each other through use of symmetric\nencryption and a trusted third party, the KDC. kadmind is the KADM5\nadministration server.\n\nTenable Network Security discovered a stack-based buffer overflow flaw\nin the RPC library used by kadmind. A remote unauthenticated attacker\nwho can access kadmind could trigger this flaw and cause kadmind to\ncrash. On Red Hat Enterprise Linux 5 it is not possible to exploit\nthis flaw to run arbitrary code as the overflow is blocked by\nFORTIFY_SOURCE. (CVE-2007-3999)\n\nGarrett Wollman discovered an uninitialized pointer flaw in kadmind. A\nremote unauthenticated attacker who can access kadmind could trigger\nthis flaw and cause kadmind to crash. (CVE-2007-4000)\n\nThese issues did not affect the versions of Kerberos distributed with\nRed Hat Enterprise Linux 2.1, 3, or 4.\n\nUsers of krb5-server are advised to update to these erratum packages\nwhich contain backported fixes to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3999\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-4000\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2007:0858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2007:0858\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"krb5-devel-1.5-28\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"krb5-libs-1.5-28\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"krb5-server-1.5-28\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"krb5-server-1.5-28\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"krb5-server-1.5-28\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"krb5-workstation-1.5-28\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"krb5-workstation-1.5-28\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"krb5-workstation-1.5-28\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-devel / krb5-libs / krb5-server / krb5-workstation\");\n }\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:12:47", "description": "This update incorporates fixes for a stack overflow in the rpcsec_gss implementation in libgssrpc (CVE-2007-3999) and a potential write through an uninitialized pointer in kadmind (CVE-2007-4000).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2007-11-06T00:00:00", "type": "nessus", "title": "Fedora 7 : krb5-1.6.1-3.fc7 (2007-2017)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4000"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:krb5-debuginfo", "p-cpe:/a:fedoraproject:fedora:krb5-devel", "p-cpe:/a:fedoraproject:fedora:krb5-libs", "p-cpe:/a:fedoraproject:fedora:krb5-server", "p-cpe:/a:fedoraproject:fedora:krb5-server-ldap", "p-cpe:/a:fedoraproject:fedora:krb5-workstation", "p-cpe:/a:fedoraproject:fedora:krb5-workstation-clients", "p-cpe:/a:fedoraproject:fedora:krb5-workstation-servers", "cpe:/o:fedoraproject:fedora:7"], "id": "FEDORA_2007-2017.NASL", "href": "https://www.tenable.com/plugins/nessus/27744", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-2017.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27744);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4000\");\n script_bugtraq_id(25534);\n script_xref(name:\"FEDORA\", value:\"2007-2017\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"Fedora 7 : krb5-1.6.1-3.fc7 (2007-2017)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update incorporates fixes for a stack overflow in the rpcsec_gss\nimplementation in libgssrpc (CVE-2007-3999) and a potential write\nthrough an uninitialized pointer in kadmind (CVE-2007-4000).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-September/003606.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?64c0c471\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-server-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-workstation-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5-workstation-servers\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 7.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC7\", reference:\"krb5-debuginfo-1.6.1-3.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"krb5-devel-1.6.1-3.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"krb5-libs-1.6.1-3.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"krb5-server-1.6.1-3.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"krb5-server-ldap-1.6.1-3.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"krb5-workstation-1.6.1-3.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"krb5-workstation-clients-1.6.1-3.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"krb5-workstation-servers-1.6.1-3.fc7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-debuginfo / krb5-devel / krb5-libs / krb5-server / etc\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:05:41", "description": "An updated nfs-utils-lib package to correct two security flaws is now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe nfs-utils-lib package contains support libraries that are needed by the commands and daemons of the nfs-utils package.\n\nThe updated nfs-utils package fixes the following vulnerabilities :\n\nTenable Network Security discovered a stack-based buffer overflow flaw in the RPC library used by nfs-utils-lib. A remote unauthenticated attacker who can access an application linked against nfs-utils-lib could trigger this flaw and cause the application to crash. On Red Hat Enterprise Linux 5 it is not possible to exploit this flaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE.\n(CVE-2007-3999)\n\nTony Ernst from SGI has discovered a flaw in the way nfsidmap maps NFSv4 unknown uids. If an unknown user ID is encountered on an NFSv4 mounted filesystem, the files will default to being owned by 'root' rather than 'nobody'. (CVE-2007-4135)\n\nUsers of nfs-utils-lib are advised to upgrade to this updated package, which contains backported patches to resolve these issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-01-06T00:00:00", "type": "nessus", "title": "CentOS 5 : nfs-utils-lib (CESA-2007:0951)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4135"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:nfs-utils-lib", "p-cpe:/a:centos:centos:nfs-utils-lib-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2007-0951.NASL", "href": "https://www.tenable.com/plugins/nessus/43655", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0951 and \n# CentOS Errata and Security Advisory 2007:0951 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43655);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4135\");\n script_bugtraq_id(25534);\n script_xref(name:\"RHSA\", value:\"2007:0951\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"CentOS 5 : nfs-utils-lib (CESA-2007:0951)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated nfs-utils-lib package to correct two security flaws is now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe nfs-utils-lib package contains support libraries that are needed\nby the commands and daemons of the nfs-utils package.\n\nThe updated nfs-utils package fixes the following vulnerabilities :\n\nTenable Network Security discovered a stack-based buffer overflow flaw\nin the RPC library used by nfs-utils-lib. A remote unauthenticated\nattacker who can access an application linked against nfs-utils-lib\ncould trigger this flaw and cause the application to crash. On Red Hat\nEnterprise Linux 5 it is not possible to exploit this flaw to run\narbitrary code as the overflow is blocked by FORTIFY_SOURCE.\n(CVE-2007-3999)\n\nTony Ernst from SGI has discovered a flaw in the way nfsidmap maps\nNFSv4 unknown uids. If an unknown user ID is encountered on an NFSv4\nmounted filesystem, the files will default to being owned by 'root'\nrather than 'nobody'. (CVE-2007-4135)\n\nUsers of nfs-utils-lib are advised to upgrade to this updated package,\nwhich contains backported patches to resolve these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-October/014268.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?47f2b5ee\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-October/014269.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?76b341b8\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nfs-utils-lib packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nfs-utils-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nfs-utils-lib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"nfs-utils-lib-1.0.8-7.2.z2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"nfs-utils-lib-devel-1.0.8-7.2.z2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nfs-utils-lib / nfs-utils-lib-devel\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:12:26", "description": "This update of krb5 fixes two bugs in kadmind that can be used to execute arbitrary code remotely. (CVE-2007-3999 / CVE-2007-4000)", "cvss3": {"score": null, "vector": null}, "published": "2007-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Kerberos (ZYPP Patch Number 4192)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4000"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KRB5-4192.NASL", "href": "https://www.tenable.com/plugins/nessus/29494", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29494);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4000\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"SuSE 10 Security Update : Kerberos (ZYPP Patch Number 4192)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of krb5 fixes two bugs in kadmind that can be used to\nexecute arbitrary code remotely. (CVE-2007-3999 / CVE-2007-4000)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3999.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-4000.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 4192.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/08/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"krb5-1.4.3-19.25\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"krb5-client-1.4.3-19.25\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"krb5-devel-1.4.3-19.25\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"krb5-32bit-1.4.3-19.25\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"krb5-devel-32bit-1.4.3-19.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"krb5-1.4.3-19.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"krb5-apps-clients-1.4.3-19.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"krb5-apps-servers-1.4.3-19.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"krb5-client-1.4.3-19.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"krb5-devel-1.4.3-19.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"krb5-server-1.4.3-19.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"krb5-32bit-1.4.3-19.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"krb5-devel-32bit-1.4.3-19.25\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:13:36", "description": "The remote host is affected by the vulnerability described in GLSA-200709-01 (MIT Kerberos 5: Multiple vulnerabilities)\n\n A stack-based buffer overflow (CVE-2007-3999) has been reported in svcauth_gss_validate() of the RPC library of kadmind. Another vulnerability (CVE-2007-4000) has been found in kadm5_modify_policy_internal(), which does not check the return values of krb5_db_get_policy() correctly.\n Impact :\n\n The RPC related vulnerability can be exploited by a remote unauthenticated attacker to execute arbitrary code with root privileges on the host running kadmind. The second vulnerability requires the remote attacker to be authenticated and to have 'modify policy' privileges. It could then also allow for the remote execution of arbitrary code.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2007-09-14T00:00:00", "type": "nessus", "title": "GLSA-200709-01 : MIT Kerberos 5: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4000"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:mit-krb5", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200709-01.NASL", "href": "https://www.tenable.com/plugins/nessus/26041", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200709-01.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26041);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4000\");\n script_xref(name:\"GLSA\", value:\"200709-01\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"GLSA-200709-01 : MIT Kerberos 5: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200709-01\n(MIT Kerberos 5: Multiple vulnerabilities)\n\n A stack-based buffer overflow (CVE-2007-3999) has been reported in\n svcauth_gss_validate() of the RPC library of kadmind. Another\n vulnerability (CVE-2007-4000) has been found in\n kadm5_modify_policy_internal(), which does not check the return values\n of krb5_db_get_policy() correctly.\n \nImpact :\n\n The RPC related vulnerability can be exploited by a remote\n unauthenticated attacker to execute arbitrary code with root privileges\n on the host running kadmind. The second vulnerability requires the\n remote attacker to be authenticated and to have 'modify policy'\n privileges. It could then also allow for the remote execution of\n arbitrary code.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200709-01\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All MIT Kerberos 5 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-crypt/mit-krb5-1.5.3-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mit-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-crypt/mit-krb5\", unaffected:make_list(\"ge 1.5.3-r1\"), vulnerable:make_list(\"lt 1.5.3-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MIT Kerberos 5\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:13:56", "description": "SunOS 5.9_x86: NFS patch.\nDate this patch was last updated by Sun : Mar/09/09", "cvss3": {"score": null, "vector": null}, "published": "2007-06-04T00:00:00", "type": "nessus", "title": "Solaris 9 (x86) : 117468-20", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2442", "CVE-2007-2882", "CVE-2007-3999"], "modified": "2013-03-30T00:00:00", "cpe": [], "id": "SOLARIS9_X86_117468.NASL", "href": "https://www.tenable.com/plugins/nessus/25400", "sourceData": "#%NASL_MIN_LEVEL 999999\n\n# @DEPRECATED@\n#\n# This script has been deprecated as the associated patch is not\n# currently a recommended security fix.\n#\n# Disabled on 2011/09/17.\n\n#\n# (C) Tenable Network Security, Inc.\n#\n#\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(25400);\n script_version(\"1.22\");\n\n script_name(english: \"Solaris 9 (x86) : 117468-20\");\n script_cve_id(\"CVE-2007-2442\", \"CVE-2007-2882\", \"CVE-2007-3999\");\n script_set_attribute(attribute: \"synopsis\", value:\n\"The remote host is missing Sun Security Patch number 117468-20\");\n script_set_attribute(attribute: \"description\", value:\n'SunOS 5.9_x86: NFS patch.\nDate this patch was last updated by Sun : Mar/09/09');\n script_set_attribute(attribute: \"solution\", value:\n\"You should install this patch for your system to be up-to-date.\");\n script_set_attribute(attribute: \"see_also\", value:\n\"https://getupdates.oracle.com/readme/117468-20\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119,20);\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2007/06/04\");\n script_cvs_date(\"Date: 2018/08/13 14:32:38\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2007/09/04\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2007/05/24\");\n script_end_attributes();\n\n script_summary(english: \"Check for patch 117468-20\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n family[\"english\"] = \"Solaris Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Solaris/showrev\");\n exit(0);\n}\n\n\n\n# Deprecated.\nexit(0, \"The associated patch is not currently a recommended security fix.\");\n\ninclude(\"solaris.inc\");\n\ne += solaris_check_patch(release:\"5.9_x86\", arch:\"i386\", patch:\"117468-20\", obsoleted_by:\"122301-41 \", package:\"SUNWatfsu\", version:\"11.9.0,REV=2002.11.04.02.51\");\ne += solaris_check_patch(release:\"5.9_x86\", arch:\"i386\", patch:\"117468-20\", obsoleted_by:\"122301-41 \", package:\"SUNWcsr\", version:\"11.9.0,REV=2002.11.04.02.51\");\ne += solaris_check_patch(release:\"5.9_x86\", arch:\"i386\", patch:\"117468-20\", obsoleted_by:\"122301-41 \", package:\"SUNWhea\", version:\"11.9.0,REV=2002.11.04.02.51\");\ne += solaris_check_patch(release:\"5.9_x86\", arch:\"i386\", patch:\"117468-20\", obsoleted_by:\"122301-41 \", package:\"SUNWnfscr\", version:\"11.9.0,REV=2002.11.04.02.51\");\ne += solaris_check_patch(release:\"5.9_x86\", arch:\"i386\", patch:\"117468-20\", obsoleted_by:\"122301-41 \", package:\"SUNWnfscu\", version:\"11.9.0,REV=2002.11.04.02.51\");\ne += solaris_check_patch(release:\"5.9_x86\", arch:\"i386\", patch:\"117468-20\", obsoleted_by:\"122301-41 \", package:\"SUNWnfssr\", version:\"11.9.0,REV=2002.11.04.02.51\");\ne += solaris_check_patch(release:\"5.9_x86\", arch:\"i386\", patch:\"117468-20\", obsoleted_by:\"122301-41 \", package:\"SUNWnfssu\", version:\"11.9.0,REV=2002.11.04.02.51\");\ne += solaris_check_patch(release:\"5.9_x86\", arch:\"i386\", patch:\"117468-20\", obsoleted_by:\"122301-41 \", package:\"SUNWrsg\", version:\"11.9.0,REV=2002.11.04.02.51\");\ne += solaris_check_patch(release:\"5.9_x86\", arch:\"i386\", patch:\"117468-20\", obsoleted_by:\"122301-41 \", package:\"SUNWrsgk\", version:\"11.9.0,REV=2002.11.04.02.51\");\nif ( e < 0 ) { \n\tif ( NASL_LEVEL < 3000 ) \n\t security_hole(0);\n\telse \n\t security_hole(port:0, extra:solaris_get_report());\n\texit(0); \n} \nexit(0, \"Host is not affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T14:40:17", "description": "This update improves the patch for the previously released security update of krb5 to fix CVE-2007-3999 / CVE-2007-4000. (CVE-2007-4743)", "cvss3": {"score": null, "vector": null}, "published": "2007-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Kerberos 5 (ZYPP Patch Number 4249)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4000", "CVE-2007-4743"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KRB5-4249.NASL", "href": "https://www.tenable.com/plugins/nessus/29495", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29495);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-4743\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"SuSE 10 Security Update : Kerberos 5 (ZYPP Patch Number 4249)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update improves the patch for the previously released security\nupdate of krb5 to fix CVE-2007-3999 / CVE-2007-4000. (CVE-2007-4743)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3999.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-4000.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-4743.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 4249.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"krb5-1.4.3-19.28\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"krb5-client-1.4.3-19.28\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"krb5-devel-1.4.3-19.28\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"krb5-32bit-1.4.3-19.28\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"krb5-devel-32bit-1.4.3-19.28\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"krb5-1.4.3-19.28\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"krb5-apps-clients-1.4.3-19.28\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"krb5-apps-servers-1.4.3-19.28\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"krb5-client-1.4.3-19.28\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"krb5-devel-1.4.3-19.28\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"krb5-server-1.4.3-19.28\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"krb5-32bit-1.4.3-19.28\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"krb5-devel-32bit-1.4.3-19.28\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T14:29:54", "description": "This update improves the patch for the previously released security update of krb5 to fix CVE-2007-3999 and CVE-2007-4000. (CVE-2007-4743)", "cvss3": {"score": null, "vector": null}, "published": "2007-10-17T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : krb5 (krb5-4248)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4000", "CVE-2007-4743"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:krb5", "p-cpe:/a:novell:opensuse:krb5-32bit", "p-cpe:/a:novell:opensuse:krb5-apps-clients", "p-cpe:/a:novell:opensuse:krb5-apps-servers", "p-cpe:/a:novell:opensuse:krb5-client", "p-cpe:/a:novell:opensuse:krb5-devel", "p-cpe:/a:novell:opensuse:krb5-devel-32bit", "p-cpe:/a:novell:opensuse:krb5-server", "cpe:/o:novell:opensuse:10.1", "cpe:/o:novell:opensuse:10.2"], "id": "SUSE_KRB5-4248.NASL", "href": "https://www.tenable.com/plugins/nessus/27311", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update krb5-4248.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27311);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-4743\");\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"openSUSE 10 Security Update : krb5 (krb5-4248)\");\n script_summary(english:\"Check for the krb5-4248 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update improves the patch for the previously released security\nupdate of krb5 to fix CVE-2007-3999 and CVE-2007-4000. (CVE-2007-4743)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-apps-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-apps-servers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"krb5-1.4.3-19.28\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"krb5-apps-clients-1.4.3-19.28\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"krb5-apps-servers-1.4.3-19.28\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"krb5-client-1.4.3-19.28\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"krb5-devel-1.4.3-19.28\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"krb5-server-1.4.3-19.28\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", cpu:\"x86_64\", reference:\"krb5-32bit-1.4.3-19.28\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", cpu:\"x86_64\", reference:\"krb5-devel-32bit-1.4.3-19.28\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"krb5-1.5.1-23.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"krb5-apps-clients-1.5.1-23.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"krb5-apps-servers-1.5.1-23.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"krb5-client-1.5.1-23.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"krb5-devel-1.5.1-23.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"krb5-server-1.5.1-23.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", cpu:\"x86_64\", reference:\"krb5-32bit-1.5.1-23.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", cpu:\"x86_64\", reference:\"krb5-devel-32bit-1.5.1-23.10\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:13:37", "description": "A stack-based buffer overflow vulnerability was discovered in the RPC library used by Kerberos' kadmind program by Tenable Network Security.\nA remote unauthenticated user who could access kadmind would be able to trigger the flaw and cause it to crash (CVE-2007-3999). This issue is only applicable to Kerberos 1.4 and higher.\n\nGarrett Wollman found an uninitialized pointer vulnerability in kadmind which a remote unauthenticated attacker able to access kadmind could exploit to cause kadmind to crash (CVE-2007-4000). This issue is only applicable to Kerberos 1.5 and higher.\n\nUpdate :\n\nThe MIT Kerberos Team found a problem with the originally published patch for CVE-2007-3999. A remote unauthenticated attacker able to access kadmind could trigger this flaw and cause kadmind to crash.\n\nUpdated packages have been patched to prevent these issues.", "cvss3": {"score": null, "vector": null}, "published": "2007-09-07T00:00:00", "type": "nessus", "title": "Mandrake Linux Security Advisory : krb5 (MDKSA-2007:174-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4000", "CVE-2007-4743"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:ftp-client-krb5", "p-cpe:/a:mandriva:linux:ftp-server-krb5", "p-cpe:/a:mandriva:linux:krb5-server", "p-cpe:/a:mandriva:linux:krb5-workstation", "p-cpe:/a:mandriva:linux:lib64krb53", "p-cpe:/a:mandriva:linux:lib64krb53-devel", "p-cpe:/a:mandriva:linux:libkrb53", "p-cpe:/a:mandriva:linux:libkrb53-devel", "p-cpe:/a:mandriva:linux:telnet-client-krb5", "p-cpe:/a:mandriva:linux:telnet-server-krb5", "cpe:/o:mandriva:linux:2007", "cpe:/o:mandriva:linux:2007.1"], "id": "MANDRAKE_MDKSA-2007-174.NASL", "href": "https://www.tenable.com/plugins/nessus/26006", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2007:174. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26006);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4000\", \"CVE-2007-4743\");\n script_bugtraq_id(25534);\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n script_xref(name:\"MDKSA\", value:\"2007:174-1\");\n\n script_name(english:\"Mandrake Linux Security Advisory : krb5 (MDKSA-2007:174-1)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A stack-based buffer overflow vulnerability was discovered in the RPC\nlibrary used by Kerberos' kadmind program by Tenable Network Security.\nA remote unauthenticated user who could access kadmind would be able\nto trigger the flaw and cause it to crash (CVE-2007-3999). This issue\nis only applicable to Kerberos 1.4 and higher.\n\nGarrett Wollman found an uninitialized pointer vulnerability in\nkadmind which a remote unauthenticated attacker able to access kadmind\ncould exploit to cause kadmind to crash (CVE-2007-4000). This issue is\nonly applicable to Kerberos 1.5 and higher.\n\nUpdate :\n\nThe MIT Kerberos Team found a problem with the originally published\npatch for CVE-2007-3999. A remote unauthenticated attacker able to\naccess kadmind could trigger this flaw and cause kadmind to crash.\n\nUpdated packages have been patched to prevent these issues.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/research/tra-2007-07\");\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ftp-client-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ftp-server-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64krb53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64krb53-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkrb53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkrb53-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:telnet-client-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:telnet-server-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", reference:\"ftp-client-krb5-1.4.3-7.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"ftp-server-krb5-1.4.3-7.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"krb5-server-1.4.3-7.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"krb5-workstation-1.4.3-7.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64krb53-1.4.3-7.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64krb53-devel-1.4.3-7.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkrb53-1.4.3-7.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkrb53-devel-1.4.3-7.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"telnet-client-krb5-1.4.3-7.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"telnet-server-krb5-1.4.3-7.3mdv2007.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2007.1\", reference:\"ftp-client-krb5-1.5.2-6.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"ftp-server-krb5-1.5.2-6.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"krb5-server-1.5.2-6.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"krb5-workstation-1.5.2-6.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64krb53-1.5.2-6.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64krb53-devel-1.5.2-6.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libkrb53-1.5.2-6.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libkrb53-devel-1.5.2-6.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"telnet-client-krb5-1.5.2-6.5mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"telnet-server-krb5-1.5.2-6.5mdv2007.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:12:55", "description": "It was discovered that the libraries handling RPCSEC_GSS did not correctly validate the size of certain packet structures. An unauthenticated remote user could send a specially crafted request and execute arbitrary code with root privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2007-11-10T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 6.10 / 7.04 : krb5, librpcsecgss vulnerability (USN-511-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3999", "CVE-2007-4000", "CVE-2007-4743"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:krb5-admin-server", "p-cpe:/a:canonical:ubuntu_linux:krb5-clients", "p-cpe:/a:canonical:ubuntu_linux:krb5-doc", "p-cpe:/a:canonical:ubuntu_linux:krb5-ftpd", "p-cpe:/a:canonical:ubuntu_linux:krb5-kdc", "p-cpe:/a:canonical:ubuntu_linux:krb5-rsh-server", "p-cpe:/a:canonical:ubuntu_linux:krb5-telnetd", "p-cpe:/a:canonical:ubuntu_linux:krb5-user", "p-cpe:/a:canonical:ubuntu_linux:libkadm55", "p-cpe:/a:canonical:ubuntu_linux:libkrb5-dbg", "p-cpe:/a:canonical:ubuntu_linux:libkrb5-dev", "p-cpe:/a:canonical:ubuntu_linux:libkrb53", "p-cpe:/a:canonical:ubuntu_linux:librpcsecgss-dev", "p-cpe:/a:canonical:ubuntu_linux:librpcsecgss1", "p-cpe:/a:canonical:ubuntu_linux:librpcsecgss2", "p-cpe:/a:canonical:ubuntu_linux:librpcsecgss3", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:6.10", "cpe:/o:canonical:ubuntu_linux:7.04"], "id": "UBUNTU_USN-511-1.NASL", "href": "https://www.tenable.com/plugins/nessus/28115", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-511-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(28115);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2007-3999\", \"CVE-2007-4000\", \"CVE-2007-4743\");\n script_bugtraq_id(25534);\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n script_xref(name:\"USN\", value:\"511-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 6.10 / 7.04 : krb5, librpcsecgss vulnerability (USN-511-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the libraries handling RPCSEC_GSS did not\ncorrectly validate the size of certain packet structures. An\nunauthenticated remote user could send a specially crafted request and\nexecute arbitrary code with root privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/511-1/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2007-07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:krb5-admin-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:krb5-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:krb5-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:krb5-ftpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:krb5-kdc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:krb5-rsh-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:krb5-telnetd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:krb5-user\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libkadm55\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libkrb5-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libkrb5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libkrb53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:librpcsecgss-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:librpcsecgss1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:librpcsecgss2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:librpcsecgss3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|6\\.10|7\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 6.10 / 7.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"krb5-admin-server\", pkgver:\"1.4.3-5ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"krb5-clients\", pkgver:\"1.4.3-5ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"krb5-doc\", pkgver:\"1.4.3-5ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"krb5-ftpd\", pkgver:\"1.4.3-5ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"krb5-kdc\", pkgver:\"1.4.3-5ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"krb5-rsh-server\", pkgver:\"1.4.3-5ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"krb5-telnetd\", pkgver:\"1.4.3-5ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"krb5-user\", pkgver:\"1.4.3-5ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libkadm55\", pkgver:\"1.4.3-5ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libkrb5-dev\", pkgver:\"1.4.3-5ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libkrb53\", pkgver:\"1.4.3-5ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"librpcsecgss-dev\", pkgver:\"0.7-0ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"librpcsecgss1\", pkgver:\"0.7-0ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"krb5-admin-server\", pkgver:\"1.4.3-9ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"krb5-clients\", pkgver:\"1.4.3-9ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"krb5-doc\", pkgver:\"1.4.3-9ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"krb5-ftpd\", pkgver:\"1.4.3-9ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"krb5-kdc\", pkgver:\"1.4.3-9ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"krb5-rsh-server\", pkgver:\"1.4.3-9ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"krb5-telnetd\", pkgver:\"1.4.3-9ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"krb5-user\", pkgver:\"1.4.3-9ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libkadm55\", pkgver:\"1.4.3-9ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libkrb5-dbg\", pkgver:\"1.4.3-9ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libkrb5-dev\", pkgver:\"1.4.3-9ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libkrb53\", pkgver:\"1.4.3-9ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"librpcsecgss-dev\", pkgver:\"0.13-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"librpcsecgss2\", pkgver:\"0.13-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"krb5-admin-server\", pkgver:\"1.4.4-5ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"krb5-clients\", pkgver:\"1.4.4-5ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"krb5-doc\", pkgver:\"1.4.4-5ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"krb5-ftpd\", pkgver:\"1.4.4-5ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"krb5-kdc\", pkgver:\"1.4.4-5ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"krb5-rsh-server\", pkgver:\"1.4.4-5ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"krb5-telnetd\", pkgver:\"1.4.4-5ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"krb5-user\", pkgver:\"1.4.4-5ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libkadm55\", pkgver:\"1.4.4-5ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libkrb5-dbg\", pkgver:\"1.4.4-5ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libkrb5-dev\", pkgver:\"1.4.4-5ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libkrb53\", pkgver:\"1.4.4-5ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"librpcsecgss-dev\", pkgver:\"0.14-2ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"librpcsecgss3\", pkgver:\"0.14-2ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-admin-server / krb5-clients / krb5-doc / krb5-ftpd / krb5-kdc / etc\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:13:55", "description": "SunOS 5.9: NFS & autofs patch.\nDate this patch was last updated by Sun : Mar/09/09", "cvss3": {"score": null, "vector": null}, "published": "2007-06-04T00:00:00", "type": "nessus", "title": "Solaris 9 (sparc) : 113318-35", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2442", "CVE-2007-2882", "CVE-2007-3999", "CVE-2009-0319"], "modified": "2013-03-30T00:00:00", "cpe": [], "id": "SOLARIS9_113318.NASL", "href": "https://www.tenable.com/plugins/nessus/25397", "sourceData": "#%NASL_MIN_LEVEL 999999\n\n# @DEPRECATED@\n#\n# This script has been deprecated as the associated patch is not\n# currently a recommended security fix.\n#\n# Disabled on 2011/09/17.\n\n#\n# (C) Tenable Network Security, Inc.\n#\n#\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(25397);\n script_version(\"1.25\");\n\n script_name(english: \"Solaris 9 (sparc) : 113318-35\");\n script_cve_id(\"CVE-2007-2442\", \"CVE-2007-2882\", \"CVE-2007-3999\", \"CVE-2009-0319\");\n script_set_attribute(attribute: \"synopsis\", value:\n\"The remote host is missing Sun Security Patch number 113318-35\");\n script_set_attribute(attribute: \"description\", value:\n'SunOS 5.9: NFS & autofs patch.\nDate this patch was last updated by Sun : Mar/09/09');\n script_set_attribute(attribute: \"solution\", value:\n\"You should install this patch for your system to be up-to-date.\");\n script_set_attribute(attribute: \"see_also\", value:\n\"https://getupdates.oracle.com/readme/113318-35\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119,20);\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2007/06/04\");\n script_cvs_date(\"Date: 2018/08/13 14:32:38\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2007/09/04\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2007/05/24\");\n script_end_attributes();\n\n script_summary(english: \"Check for patch 113318-35\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n family[\"english\"] = \"Solaris Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Solaris/showrev\");\n exit(0);\n}\n\n\n\n# Deprecated.\nexit(0, \"The associated patch is not currently a recommended security fix.\");\n\ninclude(\"solaris.inc\");\n\ne += solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113318-35\", obsoleted_by:\"122300-41 \", package:\"SUNWatfsr\", version:\"11.9.0,REV=2002.04.06.15.27\");\ne += solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113318-35\", obsoleted_by:\"122300-41 \", package:\"SUNWatfsu\", version:\"11.9.0,REV=2002.04.06.15.27\");\ne += solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113318-35\", obsoleted_by:\"122300-41 \", package:\"SUNWcarx\", version:\"11.9.0,REV=2002.04.06.15.27\");\ne += solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113318-35\", obsoleted_by:\"122300-41 \", package:\"SUNWcarx\", version:\"11.9.0,REV=2002.04.09.12.25\");\ne += solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113318-35\", obsoleted_by:\"122300-41 \", package:\"SUNWcsr\", version:\"11.9.0,REV=2002.04.06.15.27\");\ne += solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113318-35\", obsoleted_by:\"122300-41 \", package:\"SUNWhea\", version:\"11.9.0,REV=2002.04.06.15.27\");\ne += solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113318-35\", obsoleted_by:\"122300-41 \", package:\"SUNWnfscr\", version:\"11.9.0,REV=2002.04.06.15.27\");\ne += solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113318-35\", obsoleted_by:\"122300-41 \", package:\"SUNWnfscu\", version:\"11.9.0,REV=2002.04.06.15.27\");\ne += solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113318-35\", obsoleted_by:\"122300-41 \", package:\"SUNWnfscx\", version:\"11.9.0,REV=2002.04.06.15.27\");\ne += solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113318-35\", obsoleted_by:\"122300-41 \", package:\"SUNWnfssr\", version:\"11.9.0,REV=2002.04.06.15.27\");\ne += solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113318-35\", obsoleted_by:\"122300-41 \", package:\"SUNWnfssu\", version:\"11.9.0,REV=2002.04.06.15.27\");\ne += solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113318-35\", obsoleted_by:\"122300-41 \", package:\"SUNWnfssx\", version:\"11.9.0,REV=2002.04.06.15.27\");\ne += solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113318-35\", obsoleted_by:\"122300-41 \", package:\"SUNWrsg\", version:\"11.9.0,REV=2002.04.06.15.27\");\ne += solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113318-35\", obsoleted_by:\"122300-41 \", package:\"SUNWrsgk\", version:\"11.9.0,REV=2002.04.06.15.27\");\ne += solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"113318-35\", obsoleted_by:\"122300-41 \", package:\"SUNWrsgx\", version:\"11.9.0,REV=2002.04.06.15.27\");\nif ( e < 0 ) { \n\tif ( NASL_LEVEL < 3000 ) \n\t security_hole(0);\n\telse \n\t security_hole(port:0, extra:solaris_get_report());\n\texit(0); \n} \nexit(0, \"Host is not affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-16T16:01:33", "description": "The remote host is running a version of Mac OS X 10.4 which is older than version 10.4.11 or a version of Mac OS X 10.3 which does not have Security Update 2007-008 applied. \n\nThis update contains several security fixes for the following programs :\n\n - Flash Player Plugin\n - AppleRAID\n - BIND\n - bzip2\n - CFFTP\n - CFNetwork\n - CoreFoundation\n - CoreText\n - Kerberos\n - Kernel\n - remote_cmds\n - Networking\n - NFS\n - NSURL\n - Safari\n - SecurityAgent\n - WebCore\n - WebKit", "cvss3": {"score": null, "vector": null}, "published": "2007-11-14T00:00:00", "type": "nessus", "title": "Mac OS X < 10.4.11 Multiple Vulnerabilities (Security Update 2007-008)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3456", "CVE-2007-4678", "CVE-2007-2926", "CVE-2005-0953", "CVE-2005-1260", "CVE-2007-4679", "CVE-2007-4680", "CVE-2007-0464", "CVE-2007-4681", "CVE-2007-4682", "CVE-2007-3999", "CVE-2007-4743", "CVE-2007-3749", "CVE-2007-4683", "CVE-2007-4684", "CVE-2007-4685", "CVE-2006-6127", "CVE-2007-4686", "CVE-2007-4687", "CVE-2007-4688", "CVE-2007-4269", "CVE-2007-4689", "CVE-2007-4267", "CVE-2007-4268", "CVE-2007-4690", "CVE-2007-4691", "CVE-2007-0646", "CVE-2007-4692", "CVE-2007-4693", "CVE-2007-4694", "CVE-2007-4695", "CVE-2007-4696", "CVE-2007-4697", "CVE-2007-4698", "CVE-2007-3758", "CVE-2007-3760", "CVE-2007-4671", "CVE-2007-3756", "CVE-2007-4699", "CVE-2007-4700", "CVE-2007-4701"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_10_4_11.NASL", "href": "https://www.tenable.com/plugins/nessus/28212", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n#\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(28212);\n script_version (\"1.23\");\n if ( NASL_LEVEL >= 3000 )\n script_cve_id(\"CVE-2007-3456\", \"CVE-2007-4678\", \"CVE-2007-2926\", \"CVE-2005-0953\", \"CVE-2005-1260\", \n \"CVE-2007-4679\", \"CVE-2007-4680\", \"CVE-2007-0464\", \"CVE-2007-4681\", \"CVE-2007-4682\", \n \"CVE-2007-3999\", \"CVE-2007-4743\", \"CVE-2007-3749\", \"CVE-2007-4683\", \"CVE-2007-4684\", \n \"CVE-2007-4685\", \"CVE-2006-6127\", \"CVE-2007-4686\", \"CVE-2007-4687\", \"CVE-2007-4688\", \n \"CVE-2007-4269\", \"CVE-2007-4689\", \"CVE-2007-4267\", \"CVE-2007-4268\", \"CVE-2007-4690\", \n \"CVE-2007-4691\", \"CVE-2007-0646\", \"CVE-2007-4692\", \"CVE-2007-4693\", \"CVE-2007-4694\", \n \"CVE-2007-4695\", \"CVE-2007-4696\", \"CVE-2007-4697\", \"CVE-2007-4698\", \"CVE-2007-3758\", \n \"CVE-2007-3760\", \"CVE-2007-4671\", \"CVE-2007-3756\", \"CVE-2007-4699\", \"CVE-2007-4700\", \n \"CVE-2007-4701\");\n script_bugtraq_id(26444);\n script_xref(name:\"TRA\", value:\"TRA-2007-07\");\n\n script_name(english:\"Mac OS X < 10.4.11 Multiple Vulnerabilities (Security Update 2007-008)\");\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update which fixes a security\nissue.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X 10.4 which is older\nthan version 10.4.11 or a version of Mac OS X 10.3 which does not have\nSecurity Update 2007-008 applied. \n\nThis update contains several security fixes for the following programs :\n\n - Flash Player Plugin\n - AppleRAID\n - BIND\n - bzip2\n - CFFTP\n - CFNetwork\n - CoreFoundation\n - CoreText\n - Kerberos\n - Kernel\n - remote_cmds\n - Networking\n - NFS\n - NSURL\n - Safari\n - SecurityAgent\n - WebCore\n - WebKit\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/research/tra-2007-07\");\n script_set_attribute(attribute:\"see_also\", value:\"http://docs.info.apple.com/article.html?artnum=307041\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Mac OS X 10.4 : Upgrade to Mac OS X 10.4.11 :\n\nhttp://www.apple.com/support/downloads/macosx10411updateppc.html\nhttp://www.apple.com/support/downloads/macosx10411updateintel.html\n\nMac OS X 10.3 : Apply Security Update 2007-008 :\n\nhttp://www.apple.com/support/downloads/securityupdate20070081039client.html\nhttp://www.apple.com/support/downloads/securityupdate20070081039server.html\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(16, 20, 22, 79, 119, 134, 189, 200, 264, 287, 362, 399);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2007/11/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2005/03/31\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2007/09/04\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"combined\");\nscript_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\nscript_end_attributes();\n\n script_summary(english:\"Check for the version of Mac OS X\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_family(english:\"MacOS X Local Security Checks\");\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n exit(0);\n}\n\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif ( ! os ) {\n\tos = get_kb_item(\"Host/OS\");\n\tconfidence = get_kb_item(\"Host/OS/Confidence\");\n\tif ( confidence <= 90 ) exit(0);\n\t}\nif ( ! os ) exit(0);\nif ( ereg(pattern:\"Mac OS X 10\\.4($|\\.([1-9]$|10))\", string:os)) security_hole(0);\nelse if ( ereg(pattern:\"Mac OS X 10\\.3\\.\", string:os) )\n{\n packages = get_kb_item(\"Host/MacOSX/packages\");\n if ( ! packages ) exit(0);\n if (!egrep(pattern:\"^SecUpd(Srvr)?2007-008\", string:packages)) security_hole(0);\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:12:36", "description": "The remote host is running a version of Mac OS X 10.4 that is older than version 10.4.11 or a version of Mac OS X 10.3 that does not have Security Update 2007-008 applied. This update contains several security fixes for the following programs :\n\n\n - Flash Player Plugin\n - AppleRAID\n - BIND\n - bzip2\n - CFFTP\n - CFNetwork\n - CoreFoundation\n - CoreText\n - Kerberos\n - Kernel\n - remote_cmds\n - Networking\n - NFS\n - NSURL\n - Safari\n - SecurityAgent\n - WebCore\n - WebKit", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2007-11-15T00:00:00", "type": "nessus", "title": "Mac OS X < 10.4.11 Multiple Vulnerabilities (Security Update 2007-008)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-0953", "CVE-2005-1260", "CVE-2007-2926", "CVE-2007-3999", "CVE-2007-4743", "CVE-2007-3456", "CVE-2007-3760", "CVE-2007-3756", "CVE-2007-0464", "CVE-2007-4678", "CVE-2007-4680", "CVE-2007-4681", "CVE-2007-4691", "CVE-2007-4671", "CVE-2006-6127", "CVE-2007-3749", "CVE-2007-4267", "CVE-2007-4268", "CVE-2007-4269", "CVE-2007-4679", "CVE-2007-4682", "CVE-2007-4683", "CVE-2007-4684", "CVE-2007-4685", "CVE-2007-4686", "CVE-2007-4687", "CVE-2007-4688", "CVE-2007-4689", "CVE-2007-4690", "CVE-2007-4692", "CVE-2007-4693", "CVE-2007-4694", "CVE-2007-4695", "CVE-2007-4696", "CVE-2007-4697", "CVE-2007-4698", "CVE-2007-4699", "CVE-2007-4700", "CVE-2007-4701", "CVE-2007-0646", "CVE-2007-3758"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"], "id": "4284.PRM", "href": "https://www.tenable.com/plugins/nnm/4284", "sourceData": "Binary data 4284.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2021-10-22T02:00:23", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1367-2 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nSeptember 6th, 2007 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : krb5\nVulnerability : buffer overflow\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CVE-2007-3999\n\nIt was discovered that a buffer overflow of the RPC library of the MIT\nKerberos reference implementation allows the execution of arbitrary code.\nThe original patch from DSA-1367-1 didn't address the problem fully.\nThis update delivers an updated fix.\n\nThe oldstable distribution (sarge) is not affected by this problem.\n\nFor the stable distribution (etch) this problem has been fixed in\nversion 1.4.4-7etch4.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you upgrade your Kerberos packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch4.dsc\n Size/MD5 checksum: 876 77cfeed4304b589e90db0651c8350d92\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch4.diff.gz\n Size/MD5 checksum: 1589790 dab0c692e09564434a645b13646e5fdd\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4.orig.tar.gz\n Size/MD5 checksum: 11017910 a675e5953bb8a29b5c6eb6f4ab0bb32a\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.4.4-7etch4_all.deb\n Size/MD5 checksum: 1811994 3ff6393e824c3416fd36a8e4ad245d42\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch4_alpha.deb\n Size/MD5 checksum: 89472 d43903519a6ec1d6ff2dbd6bbececf36\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch4_alpha.deb\n Size/MD5 checksum: 245448 b6d7648b9c4827e6c4035695877e200c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch4_alpha.deb\n Size/MD5 checksum: 65734 829a6d48898b98cc76e85dab102750e1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch4_alpha.deb\n Size/MD5 checksum: 154880 fe3448535d05825b20833b94580074d1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch4_alpha.deb\n Size/MD5 checksum: 91454 3b744955a52022455e1bb813705a860f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch4_alpha.deb\n Size/MD5 checksum: 75942 46c14d351ed56c88960d2bd3a20779b4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch4_alpha.deb\n Size/MD5 checksum: 135934 3ab40ecc6dd191f45ae03a8582945932\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch4_alpha.deb\n Size/MD5 checksum: 216080 66abe9f8c7503b6681fa29cf59974d0f\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch4_alpha.deb\n Size/MD5 checksum: 1087408 240be01391324069e9af19c8117af443\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch4_alpha.deb\n Size/MD5 checksum: 1016762 291da65300001e7fc24205be3bd493d1\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch4_alpha.deb\n Size/MD5 checksum: 460840 e648f5f29d66b15eddceb176570440ab\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch4_amd64.deb\n Size/MD5 checksum: 83740 05058bd16775b4fe89e47afb14058ea7\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch4_amd64.deb\n Size/MD5 checksum: 221734 edc3f9d1a135e39aafbc16e918ee8a7b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch4_amd64.deb\n Size/MD5 checksum: 61952 956dd0cfb2dd16f2524375cc3f357044\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch4_amd64.deb\n Size/MD5 checksum: 142098 29af8744c756aefa5c77f19c3c5a332e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch4_amd64.deb\n Size/MD5 checksum: 86538 a60480f71dd39c72eb51cb404802dea3\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch4_amd64.deb\n Size/MD5 checksum: 68058 d2de9ab6bd56fb8add00edac92d8da56\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch4_amd64.deb\n Size/MD5 checksum: 131122 6b9502cec3a397c29be7ff206197d6d4\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch4_amd64.deb\n Size/MD5 checksum: 190364 2ea3ccdaa871aa0fb53edb93636f26b1\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch4_amd64.deb\n Size/MD5 checksum: 1070666 d1923d1bf7360747887944c2729368eb\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch4_amd64.deb\n Size/MD5 checksum: 767018 63738fc882e783ed30a023b6b38545b6\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch4_amd64.deb\n Size/MD5 checksum: 426954 5701d1434fb198f26220f84f928ed945\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch4_arm.deb\n Size/MD5 checksum: 78634 416ea01d845105f503ddf99c7758676f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch4_arm.deb\n Size/MD5 checksum: 206074 0f5bd2d2c55fea123a21a16a7efc02e7\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch4_arm.deb\n Size/MD5 checksum: 59630 81ab701d038f60e2abcd2aebbf53fc31\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch4_arm.deb\n Size/MD5 checksum: 135836 78a0a1fc05dbf1918b6c865449a35d74\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch4_arm.deb\n Size/MD5 checksum: 81226 f6a57ec4c5d865a604f58bfc93d96e6a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch4_arm.deb\n Size/MD5 checksum: 63232 b392da99a08aea4254d40695e4a53125\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch4_arm.deb\n Size/MD5 checksum: 123352 82aa11476a1bf7feb01dbc356c5f4420\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch4_arm.deb\n Size/MD5 checksum: 172918 f30e6b728ec9d0546ba465c19344b068\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch4_arm.deb\n Size/MD5 checksum: 1013404 1b12de71659a6cd2689fcf3a85cd869e\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch4_arm.deb\n Size/MD5 checksum: 682412 5b0c452f8114da126a480943330c5ead\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch4_arm.deb\n Size/MD5 checksum: 389864 029eb817220bebdc856a8810b57cdabb\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch4_hppa.deb\n Size/MD5 checksum: 85108 7c46b2323311c7b4a2de491e773a1e2a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch4_hppa.deb\n Size/MD5 checksum: 231894 eda1dac6e62fea03078e68a5397dbde5\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch4_hppa.deb\n Size/MD5 checksum: 64016 368ee737857838a4bd7df4985e4ae5c5\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch4_hppa.deb\n Size/MD5 checksum: 144862 46266e20a606556d02e69fd6cb93e078\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch4_hppa.deb\n Size/MD5 checksum: 87364 22bf8eccb84d3a03c21a59eef3f7e89b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch4_hppa.deb\n Size/MD5 checksum: 69500 e757474d2b1a6d6b938918b0b1dee849\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch4_hppa.deb\n Size/MD5 checksum: 132570 90161d70941d761f16923cbb62e7a9e4\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch4_hppa.deb\n Size/MD5 checksum: 201042 4aa10dc30dbbde41ef4ef7e87cc3edd5\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch4_hppa.deb\n Size/MD5 checksum: 1050428 8c78a8070e4ab6f2fe658d33a2bee329\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch4_hppa.deb\n Size/MD5 checksum: 815018 7ecfb1b5fed89b86eb887f8ef18b421f\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch4_hppa.deb\n Size/MD5 checksum: 441492 e4f1e64d39620ae7833cfe4b66888256\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch4_i386.deb\n Size/MD5 checksum: 78428 bd239c7c1e581d536ab837555ffcc571\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch4_i386.deb\n Size/MD5 checksum: 196348 1ce07d159debed55529619751319852d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch4_i386.deb\n Size/MD5 checksum: 57880 9611a24da9801795af3940726b5dbd52\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch4_i386.deb\n Size/MD5 checksum: 133104 cffd0607acb39ba19114033f56df64ef\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch4_i386.deb\n Size/MD5 checksum: 80138 4b5b3aecc77bdbe694ffb9662b645e01\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch4_i386.deb\n Size/MD5 checksum: 62258 171bf997e6f76cc2af8ed1074c39b3a3\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch4_i386.deb\n Size/MD5 checksum: 124050 6f2032256a5d8ab0027fc5b215b04b7e\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch4_i386.deb\n Size/MD5 checksum: 173912 650dcfae2ec55e8ce1e27d787b541f39\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch4_i386.deb\n Size/MD5 checksum: 1037652 6793e0d117eb4280b7151e5300591fb3\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch4_i386.deb\n Size/MD5 checksum: 679996 bbc574665eb918ae649c648cfe26e1b1\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch4_i386.deb\n Size/MD5 checksum: 408204 2f3c3ea0f2765acb9885e0a33647ba0d\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch4_ia64.deb\n Size/MD5 checksum: 105390 d3e7d363f5f2d5797c6a6e6c4c7b5b24\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch4_ia64.deb\n Size/MD5 checksum: 305704 b88a1549ed9e17426e54560e37f54fd6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch4_ia64.deb\n Size/MD5 checksum: 80132 1513646f1982780f506438f4e59fcce6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch4_ia64.deb\n Size/MD5 checksum: 190398 187339122b125b53f825247512c33af9\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch4_ia64.deb\n Size/MD5 checksum: 113024 176ced8c8d0feb08cd196cc5048fa0d6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch4_ia64.deb\n Size/MD5 checksum: 91130 1a4c299f0aa8d4869d1db2f5fb45b199\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch4_ia64.deb\n Size/MD5 checksum: 164426 73b649f11cad11e4616dde7e2cf6e7b4\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch4_ia64.deb\n Size/MD5 checksum: 269330 bac1521397f2e5135b4a530d58c0ada5\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch4_ia64.deb\n Size/MD5 checksum: 1043480 1eb9773aa0dda3f2dc28e2580b9b188e\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch4_ia64.deb\n Size/MD5 checksum: 1088228 8f4e27b8a611395ec50486a7defa9ea4\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch4_ia64.deb\n Size/MD5 checksum: 592030 64d88b36c4dbe1b2988397d7d4f957d0\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch4_mipsel.deb\n Size/MD5 checksum: 82456 ac210eb5d8751714a29ffabed046addd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch4_mipsel.deb\n Size/MD5 checksum: 232588 c0d59b0f2e4f33c61d3eeefbae13c0ed\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch4_mipsel.deb\n Size/MD5 checksum: 63630 a58db5a76768de5f756f72cdbf1836f1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch4_mipsel.deb\n Size/MD5 checksum: 145690 d43fd52f894d1038912174b11728a228\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch4_mipsel.deb\n Size/MD5 checksum: 87268 2bdd27fd0e7a063d890292ac3ffd34d4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch4_mipsel.deb\n Size/MD5 checksum: 71406 c057d0abfb0314545c450f8b14c66bfc\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch4_mipsel.deb\n Size/MD5 checksum: 130940 07fb2c972dc9bb7d8391f1b4e74ed6ed\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch4_mipsel.deb\n Size/MD5 checksum: 179248 b6e2df454b9c06fd852941729f37540a\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch4_mipsel.deb\n Size/MD5 checksum: 1087180 beacba076f641de0884a8b9d028d26ea\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch4_mipsel.deb\n Size/MD5 checksum: 810128 4f337508fd9603ed5dc8145d89808788\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch4_mipsel.deb\n Size/MD5 checksum: 391640 173c49364a618e0e05caaf92e1190fdf\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch4_powerpc.deb\n Size/MD5 checksum: 84186 b89e7b3dc17ceee46db2680ccaff3497\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch4_powerpc.deb\n Size/MD5 checksum: 222588 7f4e321936c8791f377b1c4be01dd8e9\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch4_powerpc.deb\n Size/MD5 checksum: 61746 80c86dfd14c9676770254001927c226b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch4_powerpc.deb\n Size/MD5 checksum: 143734 a8062bb672284dc7a52abb052e23510f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch4_powerpc.deb\n Size/MD5 checksum: 86682 3b00ae318fbf6266545bbced5f21143d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch4_powerpc.deb\n Size/MD5 checksum: 67206 8cda9e39e2239cbb42595662cb3b0fe1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch4_powerpc.deb\n Size/MD5 checksum: 137116 a1f0a69e71059daa30c3b96f320356ee\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch4_powerpc.deb\n Size/MD5 checksum: 179360 5533e34cf7191c040313ca9c128ec67f\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch4_powerpc.deb\n Size/MD5 checksum: 1082964 3bab4542704af8be4b25279ae8d7114c\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch4_powerpc.deb\n Size/MD5 checksum: 753246 0b3b3bac6d80d2e8d3cdd08a688e7576\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch4_powerpc.deb\n Size/MD5 checksum: 399188 7aed72cc64abf2dc81fe757fe7b826f9\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch4_s390.deb\n Size/MD5 checksum: 81920 9087f8f415f04b4afaf3c241a6115927\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch4_s390.deb\n Size/MD5 checksum: 224244 b7c4073795b0e7da887ba23f8d228d77\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch4_s390.deb\n Size/MD5 checksum: 63194 e40904f3e31d15c2cc17644a84aaf4d5\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch4_s390.deb\n Size/MD5 checksum: 140200 938c654fee7f9e2be442fa7de35ee8ea\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch4_s390.deb\n Size/MD5 checksum: 87682 e63a3debfcf3f8fd551cd11229cae9a6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch4_s390.deb\n Size/MD5 checksum: 68596 2df459e41b1760036bda76e6626568f4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch4_s390.deb\n Size/MD5 checksum: 129096 0f44e8f301b21d2f9555184a0c49fa32\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch4_s390.deb\n Size/MD5 checksum: 195272 f2c452d3cfc7e4fb00db2bb03e95360e\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch4_s390.deb\n Size/MD5 checksum: 1073310 3e0c9e2e75f582616c1f1b56d2d437e9\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch4_s390.deb\n Size/MD5 checksum: 733190 f9d3c0fb763df094c71e71cedc8ec9a8\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch4_s390.deb\n Size/MD5 checksum: 438800 c37cede38b1b03441ce8ef718f758902\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch4_sparc.deb\n Size/MD5 checksum: 76946 b9aa5782f59af4204fe03c352ed22206\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch4_sparc.deb\n Size/MD5 checksum: 200100 59d4fbe32ca621ad68182e08af917b99\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch4_sparc.deb\n Size/MD5 checksum: 58048 20ae6c32dd3c2e7df8299e456c6d6c0c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch4_sparc.deb\n Size/MD5 checksum: 131512 cf6db30decf1954be86f7a3d20f43e3d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch4_sparc.deb\n Size/MD5 checksum: 78042 9120d943bc4c64d45af1e16c8a16ae41\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch4_sparc.deb\n Size/MD5 checksum: 63608 47d94f9abb71bbddeebaec2b1fc7422d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch4_sparc.deb\n Size/MD5 checksum: 122880 05b90a8383c57db1fb116ac879d3fe85\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch4_sparc.deb\n Size/MD5 checksum: 166456 088585f74d4eba4bf720b3e4b4090eee\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch4_sparc.deb\n Size/MD5 checksum: 961738 c3477afbbfebfd2e8f9ce17e13e27d1c\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch4_sparc.deb\n Size/MD5 checksum: 680196 d2c91a8c44f48d7ef7124557f2412132\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch4_sparc.deb\n Size/MD5 checksum: 372476 81cb5f92cf2d69b6fa610a39d40c77a2\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2007-09-06T21:25:28", "type": "debian", "title": "[SECURITY] [DSA 1367-2] New krb5 packages fix arbitrary code execution", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999"], "modified": "2007-09-06T21:25:28", "id": "DEBIAN:DSA-1367-2:5B35E", "href": "https://lists.debian.org/debian-security-announce/2007/msg00132.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-22T02:00:22", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1368-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nSeptember 4th, 2007 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : librpcsecgss\nVulnerability : buffer overflow\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CVE-2007-3999\n\nIt was discovered that a buffer overflow of the library for secure RPC\ncommunication over the rpcsec_gss protocol allows the execution of\narbitrary code.\n\nThe oldstable distribution (sarge) doesn't contain librpcsecgss.\n\nFor the stable distribution (etch) this problem has been fixed in\nversion 0.14-2etch1.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you upgrade your librpcsecgss packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss_0.14-2etch1.dsc\n Size/MD5 checksum: 746 253bb12cce7ac18b200108dfcb430b6a\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss_0.14-2etch1.diff.gz\n Size/MD5 checksum: 1479 b655fc49163d87b9b0a61ae4ead7721b\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss_0.14.orig.tar.gz\n Size/MD5 checksum: 363503 0d4cdee46a98731b1b71e30504589281\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch1_alpha.deb\n Size/MD5 checksum: 57274 f14e33d1d2ad81884ac8fccaa0f15e27\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch1_alpha.deb\n Size/MD5 checksum: 36550 9dcab36859a73b0977b9650718631483\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch1_amd64.deb\n Size/MD5 checksum: 47116 928402ec8a65a5071ba876261a850131\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch1_amd64.deb\n Size/MD5 checksum: 34222 99f2ff17bc0bce9cf2242c9d374ff961\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch1_arm.deb\n Size/MD5 checksum: 43648 f861205801b8d530476b3d69b0e5402f\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch1_arm.deb\n Size/MD5 checksum: 31024 a79a82b857f7d899b584d083a0ce3efa\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch1_hppa.deb\n Size/MD5 checksum: 50824 ea6a2f15ebde8f2c64c70182e84df600\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch1_hppa.deb\n Size/MD5 checksum: 36736 5a512850ced537e2de50f5fcd8880a66\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch1_i386.deb\n Size/MD5 checksum: 41846 f5482b2709d90570e398c191ccd1893f\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch1_i386.deb\n Size/MD5 checksum: 31140 56656d7169d4ac2339a1e5ec705ff68d\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch1_ia64.deb\n Size/MD5 checksum: 63226 b03f78f2b82ee21f0c033d7af52ecc4d\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch1_ia64.deb\n Size/MD5 checksum: 46920 0b0316daa0d61728c9ca92655ee4f91d\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch1_mips.deb\n Size/MD5 checksum: 49210 a923779962e060499fd5e1a692cd9069\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch1_mips.deb\n Size/MD5 checksum: 32104 824d370664a00841e9751d27ae605ccb\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch1_mipsel.deb\n Size/MD5 checksum: 49992 00fb0f876f96ef4667f563ccc027c5a6\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch1_mipsel.deb\n Size/MD5 checksum: 32766 5ea360f6ad92040b47516337dd8ecab2\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch1_powerpc.deb\n Size/MD5 checksum: 46960 e0fbf26dfe4ce36758c2f07cacd7e04b\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch1_powerpc.deb\n Size/MD5 checksum: 34342 d1d69480834e466a535be68003fc4e4c\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch1_s390.deb\n Size/MD5 checksum: 45304 3efc20a854c8e919cc5f45615abbb2ca\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch1_s390.deb\n Size/MD5 checksum: 34746 e6e26b7798b81efa49d854cd607398b2\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch1_sparc.deb\n Size/MD5 checksum: 43142 d2d11ef956723155ad3431a9372f1fa8\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch1_sparc.deb\n Size/MD5 checksum: 30610 fb28cf21d0f2aea6fb7b36f17235a69c\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2007-09-04T18:34:21", "type": "debian", "title": "[SECURITY] [DSA 1368-1] New librpcsecgss packages fix arbitrary code execution", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999"], "modified": "2007-09-04T18:34:21", "id": "DEBIAN:DSA-1368-1:B3AD4", "href": "https://lists.debian.org/debian-security-announce/2007/msg00131.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-07T13:38:58", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1367-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nSeptember 4th, 2007 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : krb5\nVulnerability : buffer overflow\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CVE-2007-3999\n\nIt was discovered that a buffer overflow of the RPC library of the MIT\nKerberos reference implementation allows the execution of arbitrary code.\n\nThe oldstable distribution (sarge) is not affected by this problem.\n\nFor the stable distribution (etch) this problem has been fixed in\nversion 1.4.4-7etch3.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 1.6.dfsg.1-7.\n\nWe recommend that you upgrade your Kerberos packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch3.dsc\n Size/MD5 checksum: 876 594013367fc3fda2538f2a277a6a33cb\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch3.diff.gz\n Size/MD5 checksum: 1588340 d9e7f1c982826ab73d211ef6854bcfb3\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4.orig.tar.gz\n Size/MD5 checksum: 11017910 a675e5953bb8a29b5c6eb6f4ab0bb32a\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.4.4-7etch3_all.deb\n Size/MD5 checksum: 1811894 5720ac97342f8b721c59125aaef143ee\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch3_alpha.deb\n Size/MD5 checksum: 89400 d94ead3887924e994ea2d5f0db85775f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch3_alpha.deb\n Size/MD5 checksum: 245340 3e6676775e06b1033c2e0e61ce4aca9a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch3_alpha.deb\n Size/MD5 checksum: 65672 2586b1c6c23fa5d6756b5140cde521d6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch3_alpha.deb\n Size/MD5 checksum: 154798 8d81f9a1f0ff0469fdb6e3b6dc06f88d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch3_alpha.deb\n Size/MD5 checksum: 91350 45d4633bf9443266728a6732802dc179\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch3_alpha.deb\n Size/MD5 checksum: 75856 efe596091e4f0b1c5aab9348ff036c3c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch3_alpha.deb\n Size/MD5 checksum: 135834 411f883d341bd43bc83bcd4b6fcf1819\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch3_alpha.deb\n Size/MD5 checksum: 215978 af0a35517a2b160d1928b190a60444af\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch3_alpha.deb\n Size/MD5 checksum: 1087366 bac9a3e051923e930dfcd2859e000f10\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch3_alpha.deb\n Size/MD5 checksum: 1016660 1cf22a325f2b1b57c712e8f737ab0498\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch3_alpha.deb\n Size/MD5 checksum: 460748 3135d4e34d7bfd3cd994e88185508871\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch3_amd64.deb\n Size/MD5 checksum: 83652 3e0fbdf6f2e4584ce6ee3cd7cd432d88\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch3_amd64.deb\n Size/MD5 checksum: 221616 71b912fcaaf91459990014771a8a1775\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch3_amd64.deb\n Size/MD5 checksum: 61868 9032d83aaf3da46d67cdcfa634121680\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch3_amd64.deb\n Size/MD5 checksum: 142026 83219801435cd301a04a05d700a8249a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch3_amd64.deb\n Size/MD5 checksum: 86444 b1e541621a972748d50cda7907e5ece5\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch3_amd64.deb\n Size/MD5 checksum: 67952 dc0274df0a3fad5eb1984efc60ec52ed\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch3_amd64.deb\n Size/MD5 checksum: 131044 758a09fdb4869eaf2c979ab77df7b807\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch3_amd64.deb\n Size/MD5 checksum: 190280 8b6daa54f7138dc18634a42e17db3043\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch3_amd64.deb\n Size/MD5 checksum: 1070554 f26e698c9dcfb939a294288047c9313f\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch3_amd64.deb\n Size/MD5 checksum: 766914 a99bb169d7338e0d83b8cacb7d0f56ed\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch3_amd64.deb\n Size/MD5 checksum: 426858 2fd9bb93d95bc089928df33afba4fd9b\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch3_arm.deb\n Size/MD5 checksum: 78536 bc8408258e393841d556f9c7ae857279\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch3_arm.deb\n Size/MD5 checksum: 205966 9a9c58667c3f972674d8f337353fe3ca\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch3_arm.deb\n Size/MD5 checksum: 59532 91bba42ab1089a9be4c689858829850f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch3_arm.deb\n Size/MD5 checksum: 135764 ca3b4ffce34cec6ad0c4bef26635fde4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch3_arm.deb\n Size/MD5 checksum: 81148 f5b6e92fc3184660bd6cb1ba48c2935a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch3_arm.deb\n Size/MD5 checksum: 63138 7758f5245247f3cd4fbd806b0c1edca9\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch3_arm.deb\n Size/MD5 checksum: 123260 7fe88570eb24d40c629318fb593fdee4\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch3_arm.deb\n Size/MD5 checksum: 172756 49d67b21471a9780d80340d76abce73c\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch3_arm.deb\n Size/MD5 checksum: 1013162 419a8cec01e9b90733b53ba835b7bf42\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch3_arm.deb\n Size/MD5 checksum: 682200 53dec11121d1ea3d6e5c1efb42b5216a\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch3_arm.deb\n Size/MD5 checksum: 389784 fc588be1ea32e0353ed649f6360b71e5\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch3_hppa.deb\n Size/MD5 checksum: 85036 26108d287f1d45456005b5597f58215d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch3_hppa.deb\n Size/MD5 checksum: 231808 292e62bf283b67529184e893b935723a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch3_hppa.deb\n Size/MD5 checksum: 63932 58450bbd4ff3a8213fcdb9164f8df917\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch3_hppa.deb\n Size/MD5 checksum: 144768 e090d7f07c0919c48a98188c0c358369\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch3_hppa.deb\n Size/MD5 checksum: 87268 6f0c6d5a616b5ac13ed9e987e009420b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch3_hppa.deb\n Size/MD5 checksum: 69400 cd65207f3f5f3b0a59d3843a1b241bc6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch3_hppa.deb\n Size/MD5 checksum: 132480 83bd7e33e904bae6d90825e3eebd8479\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch3_hppa.deb\n Size/MD5 checksum: 200944 2cf3290d4f2e8403987b96de1978447f\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch3_hppa.deb\n Size/MD5 checksum: 1050414 ad137a15c4602623e1441024f042268d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch3_hppa.deb\n Size/MD5 checksum: 814952 f04fa9142bef63cc68884eab668f7e0e\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch3_hppa.deb\n Size/MD5 checksum: 441404 c5c3619432d798748c0e62ef3f579bba\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch3_i386.deb\n Size/MD5 checksum: 78320 6e3294a7c7016df708de79dec8fba3a9\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch3_i386.deb\n Size/MD5 checksum: 196262 5165b6bb2bb52da870c058d179777fe5\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch3_i386.deb\n Size/MD5 checksum: 57774 ffaf906ac3c241a415dc40cd5501058f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch3_i386.deb\n Size/MD5 checksum: 132984 8f4c49b11f7b24658445449c3b6f2479\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch3_i386.deb\n Size/MD5 checksum: 80044 70007d69dd2e8ff167b3cd13977620a6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch3_i386.deb\n Size/MD5 checksum: 62166 647868924e79a044c9e6f91a4a2826f0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch3_i386.deb\n Size/MD5 checksum: 123956 212e98c61276fc3fdc09275a7b2bc8bf\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch3_i386.deb\n Size/MD5 checksum: 173794 64f9ad15a2833200cda12ac5dfc73481\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch3_i386.deb\n Size/MD5 checksum: 1037498 6a3e21a96d75a88a3029f0f7e37931d4\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch3_i386.deb\n Size/MD5 checksum: 679892 cfb1240befc0fbcc21593a9b76531d3e\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch3_i386.deb\n Size/MD5 checksum: 408114 4ccde053862d3519cbf80d5d2ce38237\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch3_ia64.deb\n Size/MD5 checksum: 105310 e272b64e6e9ad078e8514ab691128ad0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch3_ia64.deb\n Size/MD5 checksum: 305618 dd2197f4942044fc2c561ada96dc4b16\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch3_ia64.deb\n Size/MD5 checksum: 80054 7ad40d8ad1362a766f5f06cbb784189a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch3_ia64.deb\n Size/MD5 checksum: 190320 285c69a27f93f540a3122d80aa82dea8\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch3_ia64.deb\n Size/MD5 checksum: 112944 b51096d6a1319ad94d6c69b768d4bd36\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch3_ia64.deb\n Size/MD5 checksum: 91050 8d4ea64e8b3941474f68510ffa47da97\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch3_ia64.deb\n Size/MD5 checksum: 164362 311dcd61d7cfd4cd32ec7af28894a76c\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch3_ia64.deb\n Size/MD5 checksum: 269176 abd3ede27c9b48fa6a9d629c242ff040\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch3_ia64.deb\n Size/MD5 checksum: 1043390 a4dc991c6d983ec8896a8051fa730d12\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch3_ia64.deb\n Size/MD5 checksum: 1088046 93c2937284d93663d89f0282c086a964\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch3_ia64.deb\n Size/MD5 checksum: 591930 7cff27b7a437ccb1c1c8012ab4a97d5d\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch3_mips.deb\n Size/MD5 checksum: 82284 69d0f080cafafefb0931f877c8d95100\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch3_mips.deb\n Size/MD5 checksum: 232228 9e542767de1a14391508bce27b72922c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch3_mips.deb\n Size/MD5 checksum: 63286 777452e11352c14918747325acadb97e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch3_mips.deb\n Size/MD5 checksum: 144668 e21eec1b0eae7d61f6486ca4d9ec380c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch3_mips.deb\n Size/MD5 checksum: 86794 1375a970923c203210bcee77f9bd97aa\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch3_mips.deb\n Size/MD5 checksum: 71404 51361c073f49f77c02b816a334dda251\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch3_mips.deb\n Size/MD5 checksum: 130948 9a9541eaf01349415093ff66f676b0de\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch3_mips.deb\n Size/MD5 checksum: 176856 72087c6318f50fad90bbc42cba6c2c0d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch3_mips.deb\n Size/MD5 checksum: 1113244 5ba18bd30330b2b7785ce2183633b950\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch3_mips.deb\n Size/MD5 checksum: 806748 e9020b1284f325183a3e0eb01c117efb\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch3_mips.deb\n Size/MD5 checksum: 389246 aec41299238edc5c8e5bce69f3a5010a\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch3_mipsel.deb\n Size/MD5 checksum: 82372 ca5049d6874cacca88f658752fd97999\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch3_mipsel.deb\n Size/MD5 checksum: 232496 6d4ffbe67663e8bd0e7b8b4c6abc34a1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch3_mipsel.deb\n Size/MD5 checksum: 63542 fe835aec9756c15eef433a98f03e3ee1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch3_mipsel.deb\n Size/MD5 checksum: 145594 457d905c8495d046d85ff99b296dbbbf\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch3_mipsel.deb\n Size/MD5 checksum: 87182 83ae840f1ed6993e6f96fce02daab091\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch3_mipsel.deb\n Size/MD5 checksum: 71304 43be9eb43351008654f4356d22d9b92a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch3_mipsel.deb\n Size/MD5 checksum: 130850 8e7feeda98577689b808478bd455b43c\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch3_mipsel.deb\n Size/MD5 checksum: 179162 d3453a2a290b0b50d0c4e776b081d5ba\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch3_mipsel.deb\n Size/MD5 checksum: 1087192 2ed84cfdf8b8e66f54ac2d211da30db4\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch3_mipsel.deb\n Size/MD5 checksum: 810008 eb2b9dc21a37e917c5a9ae6c95aa813f\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch3_mipsel.deb\n Size/MD5 checksum: 391546 daa2e76dfd34576a5589ba190ba9506b\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch3_powerpc.deb\n Size/MD5 checksum: 84082 7bc0256dedf6cec6ac6c6aae1ee45c8b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch3_powerpc.deb\n Size/MD5 checksum: 222494 e93cb9b749d5dd509886c5b975c08da0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch3_powerpc.deb\n Size/MD5 checksum: 61656 86ffa4d31d1a9bb6fe722a00086a84bd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch3_powerpc.deb\n Size/MD5 checksum: 143646 2f3f90abea26dddec79dfb6e7f551ee3\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch3_powerpc.deb\n Size/MD5 checksum: 86586 96893b56a4bdff3fccc35c925b6b4df4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch3_powerpc.deb\n Size/MD5 checksum: 67108 3587507e80e08e5534b3f4177ab5d608\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch3_powerpc.deb\n Size/MD5 checksum: 137000 5cdcbc88ae481478823e36e932a074e5\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch3_powerpc.deb\n Size/MD5 checksum: 179240 d7d54756a333d7ab4503666989feecdd\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch3_powerpc.deb\n Size/MD5 checksum: 1082882 2f847afd70b2531f9075533e7198c0a2\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch3_powerpc.deb\n Size/MD5 checksum: 753150 f492bfccdd34c83c5619ce46351f572c\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch3_powerpc.deb\n Size/MD5 checksum: 399092 2a9fbe6aa9c7b8409b3e215b96b72ea5\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch3_s390.deb\n Size/MD5 checksum: 81852 1ca16095d287f615beec3c4ef1d3b809\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch3_s390.deb\n Size/MD5 checksum: 224178 8d4aceb5911332948cba1041cfc55ee9\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch3_s390.deb\n Size/MD5 checksum: 63110 a8dad31d1e55ad607855808a7f7d8694\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch3_s390.deb\n Size/MD5 checksum: 140106 a6e9bfd1bcac1ac44633a0b35b3e6b3f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch3_s390.deb\n Size/MD5 checksum: 87600 4cd531dc3b405cf25209fc5080bb2493\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch3_s390.deb\n Size/MD5 checksum: 68500 1c84026b18e04a2d702dbd139914b406\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch3_s390.deb\n Size/MD5 checksum: 129014 b2e13fdb0931d0d1b6184a4bf13c3733\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch3_s390.deb\n Size/MD5 checksum: 195164 12b9a56afaa4e560dde2835fe667e419\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch3_s390.deb\n Size/MD5 checksum: 1073210 5c43bae751f27afbc38dde88cc4ea148\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch3_s390.deb\n Size/MD5 checksum: 733136 73bf731224e19a06c8db84fd76c9c47f\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch3_s390.deb\n Size/MD5 checksum: 438706 e1aaeaedbfa2bce186a5a25cd86ba398\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch3_sparc.deb\n Size/MD5 checksum: 76824 3ed473d2ad6fd97121ef8ff9760e9d4f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch3_sparc.deb\n Size/MD5 checksum: 199982 42eabcb24f8f9aae9bc69406c6019f53\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch3_sparc.deb\n Size/MD5 checksum: 57966 3edefae24752b561893f84af52df7a73\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch3_sparc.deb\n Size/MD5 checksum: 131430 99abed1925f49eba05591e5187c21928\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch3_sparc.deb\n Size/MD5 checksum: 77924 7b83187da475bb4a0c90d63ed2a220a6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch3_sparc.deb\n Size/MD5 checksum: 63518 4d870e1901fd1529ea646107414164b6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch3_sparc.deb\n Size/MD5 checksum: 122774 24ce78e78e878fc3fccbb851787ca46f\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch3_sparc.deb\n Size/MD5 checksum: 166350 d57e049c74b2ac1dd72f0363f88e287b\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch3_sparc.deb\n Size/MD5 checksum: 961370 1ac1f95e76d36ab4c2a00228ffbbfaf3\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch3_sparc.deb\n Size/MD5 checksum: 680058 6e1c775b082b100f7a17095ddda0f2b8\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch3_sparc.deb\n Size/MD5 checksum: 372368 05a2c3277f25a40d03a70841ba1e6d86\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2007-09-04T18:30:50", "type": "debian", "title": "[SECURITY] [DSA 1367-1] New krb5 packages fix arbitrary code execution", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999"], "modified": "2007-09-04T18:30:50", "id": "DEBIAN:DSA-1367-1:8D223", "href": "https://lists.debian.org/debian-security-announce/2007/msg00130.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-22T01:56:32", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1387 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nOctober 15th, 2007 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : librpcsecgss\nVulnerability : buffer overflow\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2007-4743\n\nIt has been discovered that the original patch for a buffer overflow in\nsvc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5\n(CVE-2007-3999, DSA-1368-1) was insufficient to protect from arbitrary\ncode execution in some environments.\n\nThe old stable distribution (sarge) does not contain a librpcseggss\npackage.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 0.14-2etch3.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 0.14-4.\n\nWe recommend that you upgrade your librpcsecgss package.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss_0.14-2etch3.dsc\n Size/MD5 checksum: 1038 dbb737ea9be3a8c959754d43b63982f4\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss_0.14.orig.tar.gz\n Size/MD5 checksum: 363503 0d4cdee46a98731b1b71e30504589281\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss_0.14-2etch3.diff.gz\n Size/MD5 checksum: 1849 c7078a95bfcf735d6d31c2d5f3ef25cd\n\nAlpha architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch3_alpha.deb\n Size/MD5 checksum: 36716 ed385368f5108ea22a704a288631c5f6\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch3_alpha.deb\n Size/MD5 checksum: 57488 93acfd2f2984d657222aca703e58d1a5\n\nAMD64 architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch3_amd64.deb\n Size/MD5 checksum: 47982 bc12c0c2c58dc51888c7269319dca08b\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch3_amd64.deb\n Size/MD5 checksum: 34174 376f547b1227b6f8faaf9c1acca32ea1\n\nARM architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch3_arm.deb\n Size/MD5 checksum: 31182 3d7ccf54913d51bb1db0724008ad3e9d\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch3_arm.deb\n Size/MD5 checksum: 43822 904c1a29bd61e225f2d7eb8f6230c367\n\nHP Precision architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch3_hppa.deb\n Size/MD5 checksum: 36920 cd4f99818fefce5824eaf808bf31fe03\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch3_hppa.deb\n Size/MD5 checksum: 50996 a962c70ecf318b82c49e67814a50aff1\n\nIntel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch3_i386.deb\n Size/MD5 checksum: 31308 925e844098880d4f3f4cdc6ae36ddee1\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch3_i386.deb\n Size/MD5 checksum: 42004 87f60564e6ebf3a0d2a7bd4d5bffe949\n\nIntel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch3_ia64.deb\n Size/MD5 checksum: 63390 774a0fdb01e0e94e7194edfe7156a0e8\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch3_ia64.deb\n Size/MD5 checksum: 47070 729964f2405fcc237f1dfcb8ae6640e5\n\nBig endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch3_mips.deb\n Size/MD5 checksum: 49386 f55502c118efeba50b3b38bad88f6d6c\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch3_mips.deb\n Size/MD5 checksum: 32302 f1c08ffd0614f188011a27d7ee9b1261\n\nLittle endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch3_mipsel.deb\n Size/MD5 checksum: 50160 e7d887c8bf5f597f3a755dbbe8c409dc\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch3_mipsel.deb\n Size/MD5 checksum: 32930 633e57cdd675769637f55c04c8e496e3\n\nPowerPC architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch3_powerpc.deb\n Size/MD5 checksum: 47160 38fd21665791bd6b6bc7b8d66f28f89b\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch3_powerpc.deb\n Size/MD5 checksum: 34494 da7f562b38579a589fb15736a5e585c7\n\nIBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch3_s390.deb\n Size/MD5 checksum: 34930 ae3cac28da2073fef0f02bc587747d56\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch3_s390.deb\n Size/MD5 checksum: 45480 89c63c16c6572437621e217bf64285ea\n\nSun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss3_0.14-2etch3_sparc.deb\n Size/MD5 checksum: 30776 6a70b84b9837c00688044e6ad0d89810\n http://security.debian.org/pool/updates/main/libr/librpcsecgss/librpcsecgss-dev_0.14-2etch3_sparc.deb\n Size/MD5 checksum: 43336 26a3bc069f160803f64014ca0a7550f9\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2007-10-15T21:10:12", "type": "debian", "title": "[SECURITY] [DSA 1387-1] New librpcsecgss packages fix arbitrary code execution", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999", "CVE-2007-4743"], "modified": "2007-10-15T21:10:12", "id": "DEBIAN:DSA-1387-1:AFB79", "href": "https://lists.debian.org/debian-security-announce/2007/msg00162.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "checkpoint_advisories": [{"lastseen": "2021-12-17T12:46:34", "description": "Kerberos is a protocol suite that provides authenticated communication between two points on a network. The Kerberos V5 administration server utilizes the encrypted SUN-RPC protocol to communicate with its remote clients. A buffer overflow vulnerability has been reported in the Kerberos Administration Server (kadmind). A remote attacker may exploit this vulnerability via a specially crafted RPC request sent to the kadmind daemon. Successful exploitation may allow execution of arbitrary code on the vulnerable system.", "cvss3": {}, "published": "2007-09-06T00:00:00", "type": "checkpoint_advisories", "title": "MIT Kerberos kadmind RPC Library RPCSEC_GSS Authentication Buffer Overflow (CVE-2007-3999)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999"], "modified": "2007-09-06T00:00:00", "id": "CPAI-2007-126", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "saint": [{"lastseen": "2021-07-29T16:40:15", "description": "Added: 12/03/2007 \nCVE: [CVE-2007-3999](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3999>) \nBID: [25534](<http://www.securityfocus.com/bid/25534>) \nOSVDB: [37324](<http://www.osvdb.org/37324>) \n\n\n### Background\n\nKerberos is a network authentication protocol which provides strong authentication for client/server applications. [MIT Kerberos 5](<http://web.mit.edu/Kerberos/>) is a free implementation of this protocol. \n\n### Problem\n\nA buffer overflow in the svcauth_gss_validate function in the MIT Kerberos 5 RPC library allows remote attackers to send arbitrary commands by sending a specially crafted RPCSEC_GSS authentication context to the Kerberos administration daemon (kadmind). \n\n### Resolution\n\n[Upgrade](<http://web.mit.edu/Kerberos/dist/>) to krb5-1.5.5 or krb5-1.6.3 or higher or apply the patch found in [MIT krb5 Security Advisory 2007-006](<http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt>). Alternatively, apply a fix from your operating system vendor. \n\n### References\n\n<http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt> \n<http://www.zerodayinitiative.com/advisories/ZDI-07-052.html> \n\n\n### Limitations\n\nExploit works on MIT Kerberos 5 krb5-1.5.4 on Red Hat Enterprise Linux 4 Update 4 with ExecShield disabled. \n\n### Platforms\n\nLinux \n \n\n", "cvss3": {}, "published": "2007-12-03T00:00:00", "type": "saint", "title": "MIT Kerberos 5 RPC library RPCSEC_GSS buffer overflow", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999"], "modified": "2007-12-03T00:00:00", "id": "SAINT:401232C1024DF63F0E21DAEE9A92482F", "href": "https://my.saintcorporation.com/cgi-bin/exploit_info/mit_krb5_rpcsec_gss", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2016-10-03T15:01:59", "description": "Added: 12/03/2007 \nCVE: [CVE-2007-3999](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3999>) \nBID: [25534](<http://www.securityfocus.com/bid/25534>) \nOSVDB: [37324](<http://www.osvdb.org/37324>) \n\n\n### Background\n\nKerberos is a network authentication protocol which provides strong authentication for client/server applications. [MIT Kerberos 5](<http://web.mit.edu/Kerberos/>) is a free implementation of this protocol. \n\n### Problem\n\nA buffer overflow in the svcauth_gss_validate function in the MIT Kerberos 5 RPC library allows remote attackers to send arbitrary commands by sending a specially crafted RPCSEC_GSS authentication context to the Kerberos administration daemon (kadmind). \n\n### Resolution\n\n[Upgrade](<http://web.mit.edu/Kerberos/dist/>) to krb5-1.5.5 or krb5-1.6.3 or higher or apply the patch found in [MIT krb5 Security Advisory 2007-006](<http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt>). Alternatively, apply a fix from your operating system vendor. \n\n### References\n\n<http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt> \n<http://www.zerodayinitiative.com/advisories/ZDI-07-052.html> \n\n\n### Limitations\n\nExploit works on MIT Kerberos 5 krb5-1.5.4 on Red Hat Enterprise Linux 4 Update 4 with ExecShield disabled. \n\n### Platforms\n\nLinux \n \n\n", "cvss3": {}, "published": "2007-12-03T00:00:00", "type": "saint", "title": "MIT Kerberos 5 RPC library RPCSEC_GSS buffer overflow", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2007-12-03T00:00:00", "id": "SAINT:1F1FEA144C05EC87A9DD8734EB048689", "href": "http://www.saintcorporation.com/cgi-bin/exploit_info/mit_krb5_rpcsec_gss", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-07-28T14:33:33", "description": "Added: 12/03/2007 \nCVE: [CVE-2007-3999](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3999>) \nBID: [25534](<http://www.securityfocus.com/bid/25534>) \nOSVDB: [37324](<http://www.osvdb.org/37324>) \n\n\n### Background\n\nKerberos is a network authentication protocol which provides strong authentication for client/server applications. [MIT Kerberos 5](<http://web.mit.edu/Kerberos/>) is a free implementation of this protocol. \n\n### Problem\n\nA buffer overflow in the svcauth_gss_validate function in the MIT Kerberos 5 RPC library allows remote attackers to send arbitrary commands by sending a specially crafted RPCSEC_GSS authentication context to the Kerberos administration daemon (kadmind). \n\n### Resolution\n\n[Upgrade](<http://web.mit.edu/Kerberos/dist/>) to krb5-1.5.5 or krb5-1.6.3 or higher or apply the patch found in [MIT krb5 Security Advisory 2007-006](<http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt>). Alternatively, apply a fix from your operating system vendor. \n\n### References\n\n<http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt> \n<http://www.zerodayinitiative.com/advisories/ZDI-07-052.html> \n\n\n### Limitations\n\nExploit works on MIT Kerberos 5 krb5-1.5.4 on Red Hat Enterprise Linux 4 Update 4 with ExecShield disabled. \n\n### Platforms\n\nLinux \n \n\n", "cvss3": {}, "published": "2007-12-03T00:00:00", "type": "saint", "title": "MIT Kerberos 5 RPC library RPCSEC_GSS buffer overflow", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999"], "modified": "2007-12-03T00:00:00", "id": "SAINT:B2FAAF96F724892FF09F8E2FBC95C803", "href": "http://download.saintcorporation.com/cgi-bin/exploit_info/mit_krb5_rpcsec_gss", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-26T11:33:58", "description": "Added: 12/03/2007 \nCVE: [CVE-2007-3999](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3999>) \nBID: [25534](<http://www.securityfocus.com/bid/25534>) \nOSVDB: [37324](<http://www.osvdb.org/37324>) \n\n\n### Background\n\nKerberos is a network authentication protocol which provides strong authentication for client/server applications. [MIT Kerberos 5](<http://web.mit.edu/Kerberos/>) is a free implementation of this protocol. \n\n### Problem\n\nA buffer overflow in the svcauth_gss_validate function in the MIT Kerberos 5 RPC library allows remote attackers to send arbitrary commands by sending a specially crafted RPCSEC_GSS authentication context to the Kerberos administration daemon (kadmind). \n\n### Resolution\n\n[Upgrade](<http://web.mit.edu/Kerberos/dist/>) to krb5-1.5.5 or krb5-1.6.3 or higher or apply the patch found in [MIT krb5 Security Advisory 2007-006](<http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt>). Alternatively, apply a fix from your operating system vendor. \n\n### References\n\n<http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt> \n<http://www.zerodayinitiative.com/advisories/ZDI-07-052.html> \n\n\n### Limitations\n\nExploit works on MIT Kerberos 5 krb5-1.5.4 on Red Hat Enterprise Linux 4 Update 4 with ExecShield disabled. \n\n### Platforms\n\nLinux \n \n\n", "cvss3": {}, "published": "2007-12-03T00:00:00", "type": "saint", "title": "MIT Kerberos 5 RPC library RPCSEC_GSS buffer overflow", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999"], "modified": "2007-12-03T00:00:00", "id": "SAINT:7F8A383884D03944BEBA710BB9BDB5A4", "href": "https://download.saintcorporation.com/cgi-bin/exploit_info/mit_krb5_rpcsec_gss", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cert": [{"lastseen": "2021-09-28T17:51:28", "description": "### Overview\n\nAn unspecified vulnerability in MIT Kerberos `kadmind` server may allow an attacker to execute arbitrary code.\n\n### Description\n\nKerberos is a network authentication system that uses a trusted third party to authenticate clients and servers to each other. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. MIT Kerberos code is used in network applications from a variety of different vendors and is included in many UNIX and Linux distributions. The `kadmind` daemon is the administration server that runs on the master Kerberos server.\n\nFrom the kadmind manual page: \n \n_This command starts the KADM5 administration server. The administration server runs on the master Kerberos server, which stores the KDC principal database and the KADM5 policy database. Kadmind accepts remote requests to administer the information--exclude in these databases. Remote requests are sent, for example, by kadmin(8) and the kpasswd(1) command, both of which are clients of kadmind._ \nPer [MITKRB5-SA-2007-006](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-006.txt>) there is a stack buffer overflow in the RPCSEC_GSS authentication in the RPC library that is included in krb5-1.4 through krb5-1.6.2. Any programs that link against the RPC library may also be affected. \n \nNote that per MITKRB5-SA-2007-006, versions of kerberos prior to krb5-1.5 are not affected. \n \n--- \n \n### Impact\n\nA remote, unauthenticated attacker may be able to execute arbitrary code. \n \n--- \n \n### Solution\n\n**Update** \nThe Kerberos team has released an update to address this issue. Please see [MITKRB5-SA-2007-006](<http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-006.txt>) for more information on obtaining fixed software. \n \n--- \n \n \n**Restrict access** \n \nRestricng network access to the Kerberos server may partially mitigate this vulnerability. `kadmind` listens on `749/tcp` by default. \n \n--- \n \n### Vendor Information\n\n883632\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Debian GNU/Linux __ Affected\n\nNotified: August 24, 2007 Updated: September 05, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nThe Debian project has corrected the buffer overflow in the RPC library alias CVE-2007-3999 in the Kerberos packages in its security advisory DSA 1367.\n\nThe oldstable distribution (sarge) is not affected by this problem. \n \nFor the stable distribution (etch) this problem has been fixed in version 1.4.4-7etch3. \n \nFor the unstable distribution (sid) this problem has been fixed in version 1.6.dfsg.1-7.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Gentoo Linux __ Affected\n\nNotified: August 24, 2007 Updated: October 26, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nSee <http://www.gentoo.org/security/en/glsa/glsa-200709-01.xml> for more details.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23883632 Feedback>).\n\n### MIT Kerberos Development Team __ Affected\n\nNotified: August 23, 2007 Updated: September 04, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nSee <http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-006.txt> for more details.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23883632 Feedback>).\n\n### Red Hat, Inc. __ Affected\n\nNotified: August 24, 2007 Updated: September 06, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nThis issue did not affect the version of Kerberos as distributed with Red Hat Enterprise Linux 2.1, 3, or 4.\n\nFor Red Hat Enterprise Linux 5 users we made the following update available for Kerberos to correct this issue \n \n<https://rhn.redhat.com/errata/RHSA-2007-0858.html>\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### SUSE Linux __ Affected\n\nNotified: August 24, 2007 Updated: September 06, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nSUSE and openSUSE packages were affected by this vulnerabilities and update packages are released.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Sun Microsystems, Inc. __ Affected\n\nNotified: August 24, 2007 Updated: September 06, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nSun can confirm that Solaris 8, 9, and 10 are affected by the issue described in CERT advisory VU#883632.\n\nSun has published Sun Alert 103060 which includes details of the Solaris specific impact, contributing factors, workaround options and resolution information, and is available here: \n \n<http://sunsolve.sun.com/search/document.do?assetkey=1-26-103060-1> \n \nThe Sun Alert will be kept up to date regarding progress on this issue.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Microsoft Corporation Not Affected\n\nNotified: August 24, 2007 Updated: September 04, 2007 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Apple Computer, Inc. Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### AttachmateWRQ, Inc. Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Conectiva Inc. Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Cray Inc. Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### CyberSafe, Inc. Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### EMC Corporation Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Engarde Secure Linux Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### F5 Networks, Inc. Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Fedora Project Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### FreeBSD, Inc. Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Fujitsu Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Hewlett-Packard Company Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Hitachi Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### IBM Corporation Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### IBM Corporation (zseries) Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### IBM eServer Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Immunix Communications, Inc. Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Ingrian Networks, Inc. Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Juniper Networks, Inc. Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### KTH Kerberos Team Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Mandriva, Inc. Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### MontaVista Software, Inc. Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### NEC Corporation Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### NetBSD Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Novell, Inc. Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### OpenBSD Unknown\n\nNotified: September 04, 2007 Updated: September 04, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Openwall GNU/*/Linux Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### QNX, Software Systems, Inc. Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Silicon Graphics, Inc. Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Slackware Linux Inc. Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Sony Corporation Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### The SCO Group Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Trustix Secure Linux Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Turbolinux Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Ubuntu Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Unisys Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Wind River Systems, Inc. Unknown\n\nNotified: August 24, 2007 Updated: August 24, 2007 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\nView all 44 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References\n\n * <http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-006.txt>\n * <http://secunia.com/advisories/26676/>\n * <http://docs.info.apple.com/article.html?artnum=307041>\n\n### Acknowledgements\n\nThanks to the MIT Kerberos team for information that was used in this report.\n\nThis document was written by Ryan Giobbi.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2007-3999](<http://web.nvd.nist.gov/vuln/detail/CVE-2007-3999>) \n---|--- \n**Severity Metric:** | 8.61 \n**Date Public:** | 2007-09-04 \n**Date First Published:** | 2007-09-04 \n**Date Last Updated: ** | 2007-11-15 13:21 UTC \n**Document Revision: ** | 28 \n", "cvss3": {}, "published": "2007-09-04T00:00:00", "type": "cert", "title": "MIT Kerberos 5 kadmind buffer overflow vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999"], "modified": "2007-11-15T13:21:00", "id": "VU:883632", "href": "https://www.kb.cert.org/vuls/id/883632", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2021-10-21T04:43:55", "description": "The nfs-utils-lib package contains support libraries that are needed by the\r\ncommands and daemons of the nfs-utils package.\r\n\r\nTenable Network Security discovered a stack buffer overflow flaw in the RPC\r\nlibrary used by nfs-utils-lib. A remote unauthenticated attacker who can\r\naccess an application linked against nfs-utils-lib could trigger this flaw\r\nand cause the application to crash. On Red Hat Enterprise Linux 4 it is not\r\npossible to exploit this flaw to run arbitrary code as the overflow is\r\nblocked by FORTIFY_SOURCE. (CVE-2007-3999)\r\n\r\nUsers of nfs-utils-lib are advised to upgrade to this updated package,\r\nwhich contains a backported patch that resolves this issue.", "cvss3": {}, "published": "2007-09-19T00:00:00", "type": "redhat", "title": "(RHSA-2007:0913) Important: nfs-utils-lib security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999"], "modified": "2017-09-08T08:19:27", "id": "RHSA-2007:0913", "href": "https://access.redhat.com/errata/RHSA-2007:0913", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-21T04:43:50", "description": "Kerberos is a network authentication system which allows clients and\r\nservers to authenticate to each other through use of symmetric encryption\r\nand a trusted third party, the KDC. kadmind is the KADM5 administration\r\nserver.\r\n\r\nThe MIT Kerberos Team discovered a problem with the originally published\r\npatch for svc_auth_gss.c (CVE-2007-3999). A remote unauthenticated\r\nattacker who can access kadmind could trigger this flaw and cause kadmind\r\nto crash. On Red Hat Enterprise Linux 5 it is not possible to exploit this\r\nflaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE.\r\n(CVE-2007-4743)\r\n\r\nThis issue did not affect the versions of Kerberos distributed with Red\r\nHat Enterprise Linux 2.1, 3, or 4.\r\n\r\nUsers of krb5-server are advised to update to these erratum packages which\r\ncontain a corrected backported fix for this issue.", "cvss3": {}, "published": "2007-09-07T00:00:00", "type": "redhat", "title": "(RHSA-2007:0892) Important: krb5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999", "CVE-2007-4743"], "modified": "2017-09-08T08:17:19", "id": "RHSA-2007:0892", "href": "https://access.redhat.com/errata/RHSA-2007:0892", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-21T04:44:43", "description": "Kerberos is a network authentication system which allows clients and\r\nservers to authenticate to each other through use of symmetric encryption\r\nand a trusted third party, the KDC. kadmind is the KADM5 administration\r\nserver.\r\n\r\nTenable Network Security discovered a stack buffer overflow flaw in the RPC\r\nlibrary used by kadmind. A remote unauthenticated attacker who can access\r\nkadmind could trigger this flaw and cause kadmind to crash. On Red Hat\r\nEnterprise Linux 5 it is not possible to exploit this flaw to run arbitrary\r\ncode as the overflow is blocked by FORTIFY_SOURCE. (CVE-2007-3999)\r\n\r\nGarrett Wollman discovered an uninitialized pointer flaw in kadmind. A\r\nremote unauthenticated attacker who can access kadmind could trigger this\r\nflaw and cause kadmind to crash. (CVE-2007-4000)\r\n\r\nThese issues did not affect the versions of Kerberos distributed with Red\r\nHat Enterprise Linux 2.1, 3, or 4.\r\n\r\nUsers of krb5-server are advised to update to these erratum packages which\r\ncontain backported fixes to correct these issues.", "cvss3": {}, "published": "2007-09-04T00:00:00", "type": "redhat", "title": "(RHSA-2007:0858) Important: krb5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999", "CVE-2007-4000"], "modified": "2017-09-08T07:55:16", "id": "RHSA-2007:0858", "href": "https://access.redhat.com/errata/RHSA-2007:0858", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-21T04:45:39", "description": "The nfs-utils-lib package contains support libraries that are needed by the\r\ncommands and daemons of the nfs-utils package.\r\n\r\nThe updated nfs-utils package fixes the following vulnerabilities:\r\n\r\nTenable Network Security discovered a stack buffer overflow flaw in the RPC\r\nlibrary used by nfs-utils-lib. A remote unauthenticated attacker who can\r\naccess an application linked against nfs-utils-lib could trigger this flaw\r\nand cause the application to crash. On Red Hat Enterprise Linux 5 it is not\r\npossible to exploit this flaw to run arbitrary code as the overflow is\r\nblocked by FORTIFY_SOURCE. (CVE-2007-3999)\r\n\r\nTony Ernst from SGI has discovered a flaw in the way nfsidmap maps NFSv4\r\nunknown uids. If an unknown user ID is encountered on an NFSv4 mounted\r\nfilesystem, the files will default to being owned by 'root' rather than\r\n'nobody'. (CVE-2007-4135)\r\n\r\nUsers of nfs-utils-lib are advised to upgrade to this updated package,\r\nwhich contains backported patches to resolve these issues.", "cvss3": {}, "published": "2007-10-02T00:00:00", "type": "redhat", "title": "(RHSA-2007:0951) Important: nfs-utils-lib security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999", "CVE-2007-4135"], "modified": "2017-09-08T07:53:39", "id": "RHSA-2007:0951", "href": "https://access.redhat.com/errata/RHSA-2007:0951", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:48", "description": "Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. ", "edition": 2, "cvss3": {}, "published": "2007-09-07T16:17:20", "type": "fedora", "title": "[SECURITY] Fedora Core 6 Update: krb5-1.5-23.fc6", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999"], "modified": "2007-09-07T16:17:20", "id": "FEDORA:L87GHKOH024917", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "description": "This package contains SunLib's implementation of transport-independent RPC (TI-RPC) documentation. This library forms a piece of the base of Open Network Computing (ONC), and is derived directly from the Solaris 2.3 source. TI-RPC is an enhanced version of TS-RPC that requires the UNIX System V Transport Layer Interface (TLI) or an equivalent X/Open Transport Interface (XTI). TI-RPC is on-the-wire compatible with the TS-RPC, which is supported by almost 70 vendors on all major operating systems. TS-RPC source code (RPCSRC 4.0) remains available from several internet sites. ", "edition": 2, "cvss3": {}, "published": "2008-03-06T16:36:06", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: libtirpc-0.1.7-15.fc8", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999"], "modified": "2008-03-06T16:36:06", "id": "FEDORA:M26GAWJI013140", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:48", "description": "Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. ", "edition": 2, "cvss3": {}, "published": "2007-09-04T21:28:43", "type": "fedora", "title": "[SECURITY] Fedora Core 6 Update: krb5-1.5-22.fc6", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999", "CVE-2007-4000"], "modified": "2007-09-04T21:28:43", "id": "FEDORA:L84LSHKJ025738", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:48", "description": "Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. ", "edition": 2, "cvss3": {}, "published": "2007-09-04T22:14:03", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: krb5-1.6.1-3.fc7", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-0956", "CVE-2007-0957", "CVE-2007-2442", "CVE-2007-2443", "CVE-2007-2798", "CVE-2007-3999", "CVE-2007-4000"], "modified": "2007-09-04T22:14:03", "id": "FEDORA:L84MDMEP030074", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:48", "description": "Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. ", "edition": 2, "cvss3": {}, "published": "2007-09-07T17:21:06", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: krb5-1.6.1-4.fc7", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-0956", "CVE-2007-0957", "CVE-2007-2442", "CVE-2007-2443", "CVE-2007-2798", "CVE-2007-3999", "CVE-2007-4000", "CVE-2007-4743"], "modified": "2007-09-07T17:21:06", "id": "FEDORA:L87HKEOO000802", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. ", "edition": 2, "cvss3": {}, "published": "2008-03-21T22:18:10", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: krb5-1.6.1-9.fc7", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-0956", "CVE-2007-0957", "CVE-2007-2442", "CVE-2007-2443", "CVE-2007-2798", "CVE-2007-3999", "CVE-2007-4000", "CVE-2007-4743", "CVE-2007-5901", "CVE-2007-5971", "CVE-2008-0062", "CVE-2008-0063", "CVE-2008-0947"], "modified": "2008-03-21T22:18:10", "id": "FEDORA:M2LMMNJ4021372", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "zdi": [{"lastseen": "2022-01-31T22:41:53", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of MIT Kerberos. Authentication is not required to exploit this vulnerability. The specific flaw exists in the svcauth_gss_validate() function. By sending a large authentication context over RPC, a stack based buffer overflow occurs, resulting in a situation allowing for remote code execution. The vulnerable line of the function is: memcpy((caddr_t)buf, oa->oa_base, oa->oa_length); If 128 < oa->oa_length < 400, the exploitable situation occurs. Over 400 bytes is caught during a separate check for MAX_AUTH_SIZE earlier in the RPC packet decoding process.", "cvss3": {}, "published": "2007-09-12T00:00:00", "type": "zdi", "title": "Multiple Kerberos Implementations Authentication Context Stack Overflow Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999"], "modified": "2007-09-12T00:00:00", "id": "ZDI-07-052", "href": "https://www.zerodayinitiative.com/advisories/ZDI-07-052/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:34", "description": " [ 1.0.6-8.z1]\n - Fixed RPC library buffer overflow (bz 265001) ", "cvss3": {}, "published": "2007-09-19T00:00:00", "type": "oraclelinux", "title": "Important: nfs-utils-lib security update ", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2007-3999"], "modified": "2007-09-19T00:00:00", "id": "ELSA-2007-0913", "href": "http://linux.oracle.com/errata/ELSA-2007-0913.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:39", "description": " [1.5-28]\n - add preliminary patch to fix buffer overflow in rpcsec_gss implementation\n in libgssrpc (#250973, CVE-2007-3999) and write through uninitialized\n pointer in kadmind (#250976, CVE-2007-4000) ", "cvss3": {}, "published": "2007-09-04T00:00:00", "type": "oraclelinux", "title": "Important: krb5 security update ", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2007-4000", "CVE-2007-3999"], "modified": "2007-09-04T00:00:00", "id": "ELSA-2007-0858", "href": "http://linux.oracle.com/errata/ELSA-2007-0858.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:59", "description": " [1.0.8-7.2.z2]\n - Updated libnfsidmap to -17 to fix a security issue (bz 254041)\n \n [1.0.8-7.2.z1]\n - Fixed RPC library buffer overflow (bz 265061) ", "cvss3": {}, "published": "2007-10-02T00:00:00", "type": "oraclelinux", "title": "Important: nfs-utils-lib security update ", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2007-4135", "CVE-2007-3999"], "modified": "2007-10-02T00:00:00", "id": "ELSA-2007-0951", "href": "http://linux.oracle.com/errata/ELSA-2007-0951.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:19", "description": " [1.5-29]\n - update to revised patch for CVE-2007-3999 ", "cvss3": {}, "published": "2007-09-07T00:00:00", "type": "oraclelinux", "title": "Important: krb5 security update ", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2007-4743", "CVE-2007-3999"], "modified": "2007-09-07T00:00:00", "id": "ELSA-2007-0892", "href": "http://linux.oracle.com/errata/ELSA-2007-0892.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "metasploit": [{"lastseen": "2021-05-21T00:24:40", "description": "\n", "edition": 2, "cvss3": {}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "Gentoo Linux: CVE-2007-3999: MIT Kerberos 5: Multiple vulnerabilities", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/GENTOO-LINUX-CVE-2007-3999/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-05-21T00:24:39", "description": "\n", "edition": 2, "cvss3": {}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "USN-511-1: Kerberos vulnerability", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/UBUNTU-USN-511-1/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-05-21T00:24:44", "description": "\n", "edition": 2, "cvss3": {}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "RHSA-2007:0858: krb5 security update", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999", "CVE-2007-4000"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/LINUXRPM-RHSA-2007-0858/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-05-21T00:24:41", "description": "\n", "edition": 2, "cvss3": {}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "CESA-2007:0951: nfs-utils-lib security update", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999", "CVE-2007-4135"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/LINUXRPM-CESA-2007-0951/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2022-01-17T19:16:18", "description": "### Background\n\nlibrpcsecgss is an implementation of RPCSEC_GSS for secure RPC communications. \n\n### Description\n\nA stack based buffer overflow has been discovered in the svcauth_gss_validate() function in file lib/rpc/svc_auth_gss.c when processing an overly long string in a RPC message. \n\n### Impact\n\nA remote attacker could send a specially crafted RPC request to an application relying on this library, e.g NFSv4 or Kerberos (GLSA-200709-01), resulting in the execution of arbitrary code with the privileges of the user running the application. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll librpcsecgss users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-libs/librpcsecgss-0.16\"", "cvss3": {}, "published": "2007-10-04T00:00:00", "type": "gentoo", "title": "RPCSEC_GSS library: Buffer overflow", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999"], "modified": "2007-10-04T00:00:00", "id": "GLSA-200710-01", "href": "https://security.gentoo.org/glsa/200710-01", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-17T19:16:25", "description": "### Background\n\nMIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. kadmind is the MIT Kerberos 5 administration daemon. \n\n### Description\n\nA stack buffer overflow (CVE-2007-3999) has been reported in svcauth_gss_validate() of the RPC library of kadmind. Another vulnerability (CVE-2007-4000) has been found in kadm5_modify_policy_internal(), which does not check the return values of krb5_db_get_policy() correctly. \n\n### Impact\n\nThe RPC related vulnerability can be exploited by a remote unauthenticated attacker to execute arbitrary code with root privileges on the host running kadmind. The second vulnerability requires the remote attacker to be authenticated and to have \"modify policy\" privileges. It could then also allow for the remote execution of arbitrary code. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll MIT Kerberos 5 users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-crypt/mit-krb5-1.5.3-r1\"", "cvss3": {}, "published": "2007-09-11T00:00:00", "type": "gentoo", "title": "MIT Kerberos 5: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999", "CVE-2007-4000"], "modified": "2007-09-11T00:00:00", "id": "GLSA-200709-01", "href": "https://security.gentoo.org/glsa/200709-01", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2022-03-23T12:47:42", "description": "Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party applications that use krb5, allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long string in an RPC message.", "cvss3": {}, "published": "2007-09-05T10:17:00", "type": "cve", "title": "CVE-2007-3999", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999"], "modified": "2020-01-21T15:45:00", "cpe": ["cpe:/a:mit:kerberos_5:1.5", "cpe:/a:mit:kerberos_5:1.4.4", "cpe:/a:mit:kerberos_5:1.6.1", "cpe:/a:mit:kerberos_5:1.6.2", "cpe:/a:mit:kerberos_5:1.5.2", "cpe:/a:mit:kerberos_5:1.4.3", "cpe:/a:mit:kerberos_5:1.4.2", "cpe:/a:mit:kerberos_5:1.4.1", "cpe:/a:mit:kerberos_5:1.5.3", "cpe:/a:mit:kerberos_5:1.6", "cpe:/a:mit:kerberos_5:1.5.1", "cpe:/a:mit:kerberos_5:1.4"], "id": "CVE-2007-3999", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-3999", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T13:04:10", "description": "The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and other applications that use krb5, does not correctly check the buffer length in some environments and architectures, which might allow remote attackers to conduct a buffer overflow attack.", "cvss3": {}, "published": "2007-09-06T22:17:00", "type": "cve", "title": "CVE-2007-4743", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999", "CVE-2007-4743"], "modified": "2020-01-21T15:45:00", "cpe": ["cpe:/a:mit:kerberos_5:1.5", "cpe:/a:mit:kerberos_5:1.4.4", "cpe:/a:mit:kerberos_5:1.6.1", "cpe:/a:mit:kerberos_5:1.6.2", "cpe:/a:mit:kerberos_5:1.5.2", "cpe:/a:mit:kerberos_5:1.4.3", "cpe:/a:mit:kerberos_5:1.4.2", "cpe:/a:mit:kerberos_5:1.4.1", "cpe:/a:mit:kerberos_5:1.5.3", "cpe:/a:mit:kerberos_5:1.6", "cpe:/a:mit:kerberos_5:1.5.1", "cpe:/a:mit:kerberos_5:1.4"], "id": "CVE-2007-4743", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4743", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*"]}], "ubuntucve": [{"lastseen": "2021-11-22T22:02:01", "description": "Stack-based buffer overflow in the svcauth_gss_validate function in\nlib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT\nKerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration\ndaemon (kadmind) and some third-party applications that use krb5, allows\nremote attackers to cause a denial of service (daemon crash) and probably\nexecute arbitrary code via a long string in an RPC message.", "cvss3": {}, "published": "2007-09-05T00:00:00", "type": "ubuntucve", "title": "CVE-2007-3999", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999"], "modified": "2007-09-05T00:00:00", "id": "UB:CVE-2007-3999", "href": "https://ubuntu.com/security/CVE-2007-3999", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2022-02-27T15:54:00", "description": "**CentOS Errata and Security Advisory** CESA-2007:0913\n\n\nThe nfs-utils-lib package contains support libraries that are needed by the\r\ncommands and daemons of the nfs-utils package.\r\n\r\nTenable Network Security discovered a stack buffer overflow flaw in the RPC\r\nlibrary used by nfs-utils-lib. A remote unauthenticated attacker who can\r\naccess an application linked against nfs-utils-lib could trigger this flaw\r\nand cause the application to crash. On Red Hat Enterprise Linux 4 it is not\r\npossible to exploit this flaw to run arbitrary code as the overflow is\r\nblocked by FORTIFY_SOURCE. (CVE-2007-3999)\r\n\r\nUsers of nfs-utils-lib are advised to upgrade to this updated package,\r\nwhich contains a backported patch that resolves this issue.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2007-September/051126.html\nhttps://lists.centos.org/pipermail/centos-announce/2007-September/051127.html\nhttps://lists.centos.org/pipermail/centos-announce/2007-September/051152.html\nhttps://lists.centos.org/pipermail/centos-announce/2007-September/051153.html\n\n**Affected packages:**\nnfs-utils-lib\nnfs-utils-lib-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2007:0913", "cvss3": {}, "published": "2007-09-19T17:59:57", "type": "centos", "title": "nfs security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999"], "modified": "2007-09-21T11:35:22", "id": "CESA-2007:0913", "href": "https://lists.centos.org/pipermail/centos-announce/2007-September/051126.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-27T15:53:49", "description": "**CentOS Errata and Security Advisory** CESA-2007:0858\n\n\nKerberos is a network authentication system which allows clients and\r\nservers to authenticate to each other through use of symmetric encryption\r\nand a trusted third party, the KDC. kadmind is the KADM5 administration\r\nserver.\r\n\r\nTenable Network Security discovered a stack buffer overflow flaw in the RPC\r\nlibrary used by kadmind. A remote unauthenticated attacker who can access\r\nkadmind could trigger this flaw and cause kadmind to crash. On Red Hat\r\nEnterprise Linux 5 it is not possible to exploit this flaw to run arbitrary\r\ncode as the overflow is blocked by FORTIFY_SOURCE. (CVE-2007-3999)\r\n\r\nGarrett Wollman discovered an uninitialized pointer flaw in kadmind. A\r\nremote unauthenticated attacker who can access kadmind could trigger this\r\nflaw and cause kadmind to crash. (CVE-2007-4000)\r\n\r\nThese issues did not affect the versions of Kerberos distributed with Red\r\nHat Enterprise Linux 2.1, 3, or 4.\r\n\r\nUsers of krb5-server are advised to update to these erratum packages which\r\ncontain backported fixes to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2007-September/051095.html\nhttps://lists.centos.org/pipermail/centos-announce/2007-September/051096.html\n\n**Affected packages:**\nkrb5\nkrb5-devel\nkrb5-libs\nkrb5-server\nkrb5-workstation\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2007:0858", "cvss3": {}, "published": "2007-09-05T00:50:27", "type": "centos", "title": "krb5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999", "CVE-2007-4000"], "modified": "2007-09-05T00:50:27", "id": "CESA-2007:0858", "href": "https://lists.centos.org/pipermail/centos-announce/2007-September/051095.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-27T15:53:19", "description": "**CentOS Errata and Security Advisory** CESA-2007:0951\n\n\nThe nfs-utils-lib package contains support libraries that are needed by the\r\ncommands and daemons of the nfs-utils package.\r\n\r\nThe updated nfs-utils package fixes the following vulnerabilities:\r\n\r\nTenable Network Security discovered a stack buffer overflow flaw in the RPC\r\nlibrary used by nfs-utils-lib. A remote unauthenticated attacker who can\r\naccess an application linked against nfs-utils-lib could trigger this flaw\r\nand cause the application to crash. On Red Hat Enterprise Linux 5 it is not\r\npossible to exploit this flaw to run arbitrary code as the overflow is\r\nblocked by FORTIFY_SOURCE. (CVE-2007-3999)\r\n\r\nTony Ernst from SGI has discovered a flaw in the way nfsidmap maps NFSv4\r\nunknown uids. If an unknown user ID is encountered on an NFSv4 mounted\r\nfilesystem, the files will default to being owned by 'root' rather than\r\n'nobody'. (CVE-2007-4135)\r\n\r\nUsers of nfs-utils-lib are advised to upgrade to this updated package,\r\nwhich contains backported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2007-October/051187.html\nhttps://lists.centos.org/pipermail/centos-announce/2007-October/051188.html\n\n**Affected packages:**\nnfs-utils-lib\nnfs-utils-lib-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2007:0951", "cvss3": {}, "published": "2007-10-03T06:03:16", "type": "centos", "title": "nfs security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999", "CVE-2007-4135"], "modified": "2007-10-03T06:03:18", "id": "CESA-2007:0951", "href": "https://lists.centos.org/pipermail/centos-announce/2007-October/051187.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-27T15:53:52", "description": "**CentOS Errata and Security Advisory** CESA-2007:0892\n\n\nKerberos is a network authentication system which allows clients and\r\nservers to authenticate to each other through use of symmetric encryption\r\nand a trusted third party, the KDC. kadmind is the KADM5 administration\r\nserver.\r\n\r\nThe MIT Kerberos Team discovered a problem with the originally published\r\npatch for svc_auth_gss.c (CVE-2007-3999). A remote unauthenticated\r\nattacker who can access kadmind could trigger this flaw and cause kadmind\r\nto crash. On Red Hat Enterprise Linux 5 it is not possible to exploit this\r\nflaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE.\r\n(CVE-2007-4743)\r\n\r\nThis issue did not affect the versions of Kerberos distributed with Red\r\nHat Enterprise Linux 2.1, 3, or 4.\r\n\r\nUsers of krb5-server are advised to update to these erratum packages which\r\ncontain a corrected backported fix for this issue.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2007-September/051105.html\nhttps://lists.centos.org/pipermail/centos-announce/2007-September/051106.html\n\n**Affected packages:**\nkrb5\nkrb5-devel\nkrb5-libs\nkrb5-server\nkrb5-workstation\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2007:0892", "cvss3": {}, "published": "2007-09-07T13:58:22", "type": "centos", "title": "krb5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999", "CVE-2007-4743"], "modified": "2007-09-07T13:58:22", "id": "CESA-2007:0892", "href": "https://lists.centos.org/pipermail/centos-announce/2007-September/051105.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debiancve": [{"lastseen": "2022-02-25T00:40:42", "description": "Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party applications that use krb5, allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long string in an RPC message.", "cvss3": {}, "published": "2007-09-05T10:17:00", "type": "debiancve", "title": "CVE-2007-3999", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999"], "modified": "2007-09-05T10:17:00", "id": "DEBIANCVE:CVE-2007-3999", "href": "https://security-tracker.debian.org/tracker/CVE-2007-3999", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-17T19:31:27", "description": "The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and other applications that use krb5, does not correctly check the buffer length in some environments and architectures, which might allow remote attackers to conduct a buffer overflow attack.", "cvss3": {}, "published": "2007-09-06T22:17:00", "type": "debiancve", "title": "CVE-2007-4743", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999", "CVE-2007-4743"], "modified": "2007-09-06T22:17:00", "id": "DEBIANCVE:CVE-2007-4743", "href": "https://security-tracker.debian.org/tracker/CVE-2007-4743", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2022-01-04T13:35:24", "description": "It was discovered that the libraries handling RPCSEC_GSS did not correctly \nvalidate the size of certain packet structures. An unauthenticated remote \nuser could send a specially crafted request and execute arbitrary code \nwith root privileges.\n", "cvss3": {}, "published": "2007-09-04T00:00:00", "type": "ubuntu", "title": "Kerberos vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3999"], "modified": "2007-09-04T00:00:00", "id": "USN-511-1", "href": "https://ubuntu.com/security/notices/USN-511-1", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}