Search...

Debian Security Advisory DSA 1247-1 (libapache-mod-auth-kerb)

2008-01-17T00:00:00

ID OPENVAS:57788
Type openvas
Reporter Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com
Modified 2017-07-07T00:00:00

Description

The remote host is missing an update to libapache-mod-auth-kerb announced via advisory DSA 1247-1.

An off-by-one error leading to a heap-based buffer overflow has been identified in libapache-mod-auth-kerb, an Apache module for Kerberos authentication. The error could allow an attacker to trigger an application crash or potentially execute arbitrary code by sending a specially crafted kerberos message.

                                        
                                            # OpenVAS Vulnerability Test
# $Id: deb_1247_1.nasl 6616 2017-07-07 12:10:49Z cfischer $
# Description: Auto-generated from advisory DSA 1247-1
#
# Authors:
# Thomas Reinke &lt;reinke@securityspace.com&gt;
#
# Copyright:
# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largerly excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#

include("revisions-lib.inc");
tag_solution = "For the stable distribution (sarge), this problem has been fixed in
version 4.996-5.0-rc6-1sarge1.

For the unstable version (sid) and the forthcoming stable version
(etch), this problem has been fixed in version 5.3-1.

We recommend that you upgrade your libapache-mod-auth-kerb package.

 https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201247-1";
tag_summary = "The remote host is missing an update to libapache-mod-auth-kerb
announced via advisory DSA 1247-1.

An off-by-one error leading to a heap-based buffer overflow has been
identified in libapache-mod-auth-kerb, an Apache module for Kerberos
authentication.  The error could allow an attacker to trigger an
application crash or potentially execute arbitrary code by sending a
specially crafted kerberos message.";


if(description)
{
 script_id(57788);
 script_version("$Revision: 6616 $");
 script_tag(name:"last_modification", value:"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $");
 script_tag(name:"creation_date", value:"2008-01-17 23:17:11 +0100 (Thu, 17 Jan 2008)");
 script_cve_id("CVE-2006-5989");
 script_bugtraq_id(21214);
 script_tag(name:"cvss_base", value:"5.0");
 script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
 script_name("Debian Security Advisory DSA 1247-1 (libapache-mod-auth-kerb)");



 script_category(ACT_GATHER_INFO);

 script_copyright("Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com");
 script_family("Debian Local Security Checks");
 script_dependencies("gather-package-list.nasl");
 script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages");
 script_tag(name : "solution" , value : tag_solution);
 script_tag(name : "summary" , value : tag_summary);
 script_tag(name:"qod_type", value:"package");
 script_tag(name:"solution_type", value:"VendorFix");
 exit(0);
}

#
# The script code starts here
#

include("pkg-lib-deb.inc");

res = "";
report = "";
if ((res = isdpkgvuln(pkg:"libapache2-mod-auth-kerb", ver:"4.996-5.0-rc6-1sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"libapache-mod-auth-kerb", ver:"4.996-5.0-rc6-1sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}

if (report != "") {
    security_message(data:report);
} else if (__pkg_match) {
    exit(99); # Not vulnerable.
}

JSON Vulners Source

Initial Source

{"id": "OPENVAS:57788", "type": "openvas", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 1247-1 (libapache-mod-auth-kerb)", "description": "The remote host is missing an update to libapache-mod-auth-kerb\nannounced via advisory DSA 1247-1.\n\nAn off-by-one error leading to a heap-based buffer overflow has been\nidentified in libapache-mod-auth-kerb, an Apache module for Kerberos\nauthentication. The error could allow an attacker to trigger an\napplication crash or potentially execute arbitrary code by sending a\nspecially crafted kerberos message.", "published": "2008-01-17T00:00:00", "modified": "2017-07-07T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=57788", "reporter": "Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2006-5989"], "lastseen": "2017-07-24T12:50:04", "viewCount": 0, "enchantments": {"score": {"value": 7.6, "vector": "NONE", "modified": "2017-07-24T12:50:04", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2006-5989"]}, {"type": "gentoo", "idList": ["GLSA-200701-14"]}, {"type": "nessus", "idList": ["GENTOO_GLSA-200701-14.NASL", "CENTOS_RHSA-2006-0746.NASL", "REDHAT-RHSA-2006-0746.NASL", "DEBIAN_DSA-1247.NASL", "FEDORA_2006-1341.NASL", "ORACLELINUX_ELSA-2006-0746.NASL"]}, {"type": "osvdb", "idList": ["OSVDB:30548"]}, {"type": "centos", "idList": ["CESA-2006:0746"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1247-1:8DA38"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:15204"]}, {"type": "oraclelinux", "idList": ["ELSA-2006-0746"]}, {"type": "openvas", "idList": ["OPENVAS:57974"]}, {"type": "redhat", "idList": ["RHSA-2006:0746"]}], "modified": "2017-07-24T12:50:04", "rev": 2}, "vulnersScore": 7.6}, "pluginID": "57788", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1247_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1247-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge), this problem has been fixed in\nversion 4.996-5.0-rc6-1sarge1.\n\nFor the unstable version (sid) and the forthcoming stable version\n(etch), this problem has been fixed in version 5.3-1.\n\nWe recommend that you upgrade your libapache-mod-auth-kerb package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201247-1\";\ntag_summary = \"The remote host is missing an update to libapache-mod-auth-kerb\nannounced via advisory DSA 1247-1.\n\nAn off-by-one error leading to a heap-based buffer overflow has been\nidentified in libapache-mod-auth-kerb, an Apache module for Kerberos\nauthentication. The error could allow an attacker to trigger an\napplication crash or potentially execute arbitrary code by sending a\nspecially crafted kerberos message.\";\n\n\nif(description)\n{\n script_id(57788);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:17:11 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2006-5989\");\n script_bugtraq_id(21214);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Debian Security Advisory DSA 1247-1 (libapache-mod-auth-kerb)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-auth-kerb\", ver:\"4.996-5.0-rc6-1sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache-mod-auth-kerb\", ver:\"4.996-5.0-rc6-1sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Debian Local Security Checks"}

{"cve": [{"lastseen": "2021-02-02T05:27:25", "description": "Off-by-one error in the der_get_oid function in mod_auth_kerb 5.0 allows remote attackers to cause a denial of service (crash) via a crafted Kerberos message that triggers a heap-based buffer overflow in the component array.", "edition": 4, "cvss3": {}, "published": "2006-11-20T21:07:00", "title": "CVE-2006-5989", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-5989"], "modified": "2017-10-11T01:31:00", "cpe": ["cpe:/a:mod_auth_kerb:mod_auth_kerb:5.0"], "id": "CVE-2006-5989", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5989", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:mod_auth_kerb:mod_auth_kerb:5.0:*:*:*:*:*:*:*"]}], "gentoo": [{"lastseen": "2016-09-06T19:46:50", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5989"], "edition": 1, "description": "### Background\n\nMod_auth_kerb is an Apache authentication module using Kerberos. \n\n### Description\n\nMod_auth_kerb improperly handles component byte encoding in the der_get_oid() function, allowing for a buffer overflow to occur if there are no components which require more than one byte for encoding. \n\n### Impact\n\nAn attacker could try to access a Kerberos protected resource on an Apache server with an incorrectly configured service principal and crash the server process. It is important to note that this buffer overflow is not known to allow for the execution of code. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll mod_auth_kerb users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-apache/mod_auth_kerb-5.0_rc7-r1\"", "modified": "2007-12-30T00:00:00", "published": "2007-01-22T00:00:00", "id": "GLSA-200701-14", "href": "https://security.gentoo.org/glsa/200701-14", "type": "gentoo", "title": "Mod_auth_kerb: Denial of Service", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:27", "bulletinFamily": "software", "cvelist": ["CVE-2006-5989"], "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216482\nVendor Specific News/Changelog Entry: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=206736\nVendor Specific News/Changelog Entry: http://modauthkerb.cvs.sourceforge.net/modauthkerb/mod_auth_kerb/spnegokrb5/der_get.c?r1=1.1&r2=1.1.2.1\nSecurity Tracker: 1017348\n[Secunia Advisory ID:23023](https://secuniaresearch.flexerasoftware.com/advisories/23023/)\n[Secunia Advisory ID:23681](https://secuniaresearch.flexerasoftware.com/advisories/23681/)\n[Secunia Advisory ID:23251](https://secuniaresearch.flexerasoftware.com/advisories/23251/)\n[Secunia Advisory ID:23820](https://secuniaresearch.flexerasoftware.com/advisories/23820/)\nRedHat RHSA: RHSA-2006:0746\nOther Advisory URL: http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00002.html\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200701-14.xml\nFrSIRT Advisory: ADV-2006-4633\n[CVE-2006-5989](https://vulners.com/cve/CVE-2006-5989)\nBugtraq ID: 21214\n", "edition": 1, "modified": "2006-09-15T06:03:59", "published": "2006-09-15T06:03:59", "href": "https://vulners.com/osvdb/OSVDB:30548", "id": "OSVDB:30548", "title": "mod_auth_kerb der_get_oid() Function Off-By-One Error", "type": "osvdb", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-24T12:50:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-5989"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200701-14.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:57974", "href": "http://plugins.openvas.org/nasl.php?oid=57974", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200701-14 (mod_auth_kerb)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mod_auth_kerb is vulnerable to a buffer overflow possibly allowing a Denial\nof Service.\";\ntag_solution = \"All mod_auth_kerb users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose\n'>=net-www/mod_auth_kerb-5.0_rc7-r1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200701-14\nhttp://bugs.gentoo.org/show_bug.cgi?id=155782\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200701-14.\";\n\n \n\nif(description)\n{\n script_id(57974);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2006-5989\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200701-14 (mod_auth_kerb)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-www/mod_auth_kerb\", unaffected: make_list(\"ge 5.0_rc7-r1\"), vulnerable: make_list(\"lt 5.0_rc7-r1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "centos": [{"lastseen": "2019-12-20T18:25:08", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5989"], "description": "**CentOS Errata and Security Advisory** CESA-2006:0746\n\n\nmod_auth_kerb is module for the Apache HTTP Server designed to\r\nprovide Kerberos authentication over HTTP.\r\n\r\nAn off by one flaw was found in the way mod_auth_kerb handles certain\r\nKerberos authentication messages. A remote client could send a specially\r\ncrafted authentication request which could crash an httpd child process\r\n(CVE-2006-5989).\r\n\r\nA bug in the handling of multiple realms configured using the\r\n\"KrbAuthRealms\" directive has also been fixed.\r\n\r\nAll users of mod_auth_kerb should upgrade to these updated packages, which\r\ncontain backported patches that resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2006-December/025460.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-December/025462.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-December/025465.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-December/025466.html\n\n**Affected packages:**\nmod_auth_kerb\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2006-0746.html", "edition": 4, "modified": "2006-12-07T17:49:37", "published": "2006-12-06T19:10:44", "href": "http://lists.centos.org/pipermail/centos-announce/2006-December/025460.html", "id": "CESA-2006:0746", "title": "mod_auth_kerb security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:45:58", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5989"], "description": "mod_auth_kerb is module for the Apache HTTP Server designed to\r\nprovide Kerberos authentication over HTTP.\r\n\r\nAn off by one flaw was found in the way mod_auth_kerb handles certain\r\nKerberos authentication messages. A remote client could send a specially\r\ncrafted authentication request which could crash an httpd child process\r\n(CVE-2006-5989).\r\n\r\nA bug in the handling of multiple realms configured using the\r\n\"KrbAuthRealms\" directive has also been fixed.\r\n\r\nAll users of mod_auth_kerb should upgrade to these updated packages, which\r\ncontain backported patches that resolve these issues.", "modified": "2017-09-08T12:13:51", "published": "2006-12-06T05:00:00", "id": "RHSA-2006:0746", "href": "https://access.redhat.com/errata/RHSA-2006:0746", "type": "redhat", "title": "(RHSA-2006:0746) Low: mod_auth_kerb security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2021-01-07T10:52:10", "description": "The remote host is affected by the vulnerability described in GLSA-200701-14\n(Mod_auth_kerb: Denial of Service)\n\n Mod_auth_kerb improperly handles component byte encoding in the\n der_get_oid() function, allowing for a buffer overflow to occur if\n there are no components which require more than one byte for encoding.\n \nImpact :\n\n An attacker could try to access a Kerberos protected resource on an\n Apache server with an incorrectly configured service principal and\n crash the server process. It is important to note that this buffer\n overflow is not known to allow for the execution of code.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 24, "published": "2007-01-26T00:00:00", "title": "GLSA-200701-14 : Mod_auth_kerb: Denial of Service", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-5989"], "modified": "2007-01-26T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:mod_auth_kerb", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200701-14.NASL", "href": "https://www.tenable.com/plugins/nessus/24250", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200701-14.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24250);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-5989\");\n script_xref(name:\"GLSA\", value:\"200701-14\");\n\n script_name(english:\"GLSA-200701-14 : Mod_auth_kerb: Denial of Service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200701-14\n(Mod_auth_kerb: Denial of Service)\n\n Mod_auth_kerb improperly handles component byte encoding in the\n der_get_oid() function, allowing for a buffer overflow to occur if\n there are no components which require more than one byte for encoding.\n \nImpact :\n\n An attacker could try to access a Kerberos protected resource on an\n Apache server with an incorrectly configured service principal and\n crash the server process. It is important to note that this buffer\n overflow is not known to allow for the execution of code.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200701-14\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All mod_auth_kerb users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-apache/mod_auth_kerb-5.0_rc7-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mod_auth_kerb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/01/26\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-apache/mod_auth_kerb\", unaffected:make_list(\"ge 5.0_rc7-r1\"), vulnerable:make_list(\"lt 5.0_rc7-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Mod_auth_kerb\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:05:55", "description": "This update includes the latest upstream release of mod_auth_kerb,\nversion 5.3, which includes the fix for a security issue.\n\nAn off by one flaw was found in the way mod_auth_kerb handles certain\nKerberos authentication messages. A remote client could send a\nspecially crafted authentication request which could crash an httpd\nchild process (CVE-2006-5989).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 22, "published": "2007-01-17T00:00:00", "title": "Fedora Core 5 : mod_auth_kerb-5.3-2.fc5 (2006-1341)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-5989"], "modified": "2007-01-17T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mod_auth_kerb", "cpe:/o:fedoraproject:fedora_core:5", "p-cpe:/a:fedoraproject:fedora:mod_auth_kerb-debuginfo"], "id": "FEDORA_2006-1341.NASL", "href": "https://www.tenable.com/plugins/nessus/24063", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2006-1341.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24063);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2006-1341\");\n\n script_name(english:\"Fedora Core 5 : mod_auth_kerb-5.3-2.fc5 (2006-1341)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update includes the latest upstream release of mod_auth_kerb,\nversion 5.3, which includes the fix for a security issue.\n\nAn off by one flaw was found in the way mod_auth_kerb handles certain\nKerberos authentication messages. A remote client could send a\nspecially crafted authentication request which could crash an httpd\nchild process (CVE-2006-5989).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2006-November/001000.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?549096aa\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected mod_auth_kerb and / or mod_auth_kerb-debuginfo\npackages.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mod_auth_kerb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mod_auth_kerb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/11/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/01/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 5.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC5\", reference:\"mod_auth_kerb-5.3-2.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"mod_auth_kerb-debuginfo-5.3-2.fc5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_auth_kerb / mod_auth_kerb-debuginfo\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:25:04", "description": "Updated mod_auth_kerb packages that fix a security flaw and a bug in\nmultiple realm handling are now available for Red Hat Enterprise Linux\n4.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nmod_auth_kerb is module for the Apache HTTP Server designed to provide\nKerberos authentication over HTTP.\n\nAn off by one flaw was found in the way mod_auth_kerb handles certain\nKerberos authentication messages. A remote client could send a\nspecially crafted authentication request which could crash an httpd\nchild process (CVE-2006-5989).\n\nA bug in the handling of multiple realms configured using the\n'KrbAuthRealms' directive has also been fixed.\n\nAll users of mod_auth_kerb should upgrade to these updated packages,\nwhich contain backported patches that resolve these issues.", "edition": 27, "published": "2006-12-11T00:00:00", "title": "CentOS 4 : mod_auth_kerb (CESA-2006:0746)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-5989"], "modified": "2006-12-11T00:00:00", "cpe": ["p-cpe:/a:centos:centos:mod_auth_kerb", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2006-0746.NASL", "href": "https://www.tenable.com/plugins/nessus/23788", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2006:0746 and \n# CentOS Errata and Security Advisory 2006:0746 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(23788);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-5989\");\n script_xref(name:\"RHSA\", value:\"2006:0746\");\n\n script_name(english:\"CentOS 4 : mod_auth_kerb (CESA-2006:0746)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated mod_auth_kerb packages that fix a security flaw and a bug in\nmultiple realm handling are now available for Red Hat Enterprise Linux\n4.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nmod_auth_kerb is module for the Apache HTTP Server designed to provide\nKerberos authentication over HTTP.\n\nAn off by one flaw was found in the way mod_auth_kerb handles certain\nKerberos authentication messages. A remote client could send a\nspecially crafted authentication request which could crash an httpd\nchild process (CVE-2006-5989).\n\nA bug in the handling of multiple realms configured using the\n'KrbAuthRealms' directive has also been fixed.\n\nAll users of mod_auth_kerb should upgrade to these updated packages,\nwhich contain backported patches that resolve these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-December/013422.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8aeb26fa\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-December/013427.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?df0087d0\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-December/013428.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3ffcbf7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mod_auth_kerb package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_auth_kerb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/12/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"mod_auth_kerb-5.0-1.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"mod_auth_kerb-5.0-1.3.c4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"mod_auth_kerb-5.0-1.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_auth_kerb\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:05:43", "description": "Updated mod_auth_kerb packages that fix a security flaw and a bug in\nmultiple realm handling are now available for Red Hat Enterprise Linux\n4.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nmod_auth_kerb is module for the Apache HTTP Server designed to provide\nKerberos authentication over HTTP.\n\nAn off by one flaw was found in the way mod_auth_kerb handles certain\nKerberos authentication messages. A remote client could send a\nspecially crafted authentication request which could crash an httpd\nchild process (CVE-2006-5989).\n\nA bug in the handling of multiple realms configured using the\n'KrbAuthRealms' directive has also been fixed.\n\nAll users of mod_auth_kerb should upgrade to these updated packages,\nwhich contain backported patches that resolve these issues.", "edition": 28, "published": "2006-12-11T00:00:00", "title": "RHEL 4 : mod_auth_kerb (RHSA-2006:0746)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-5989"], "modified": "2006-12-11T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:mod_auth_kerb"], "id": "REDHAT-RHSA-2006-0746.NASL", "href": "https://www.tenable.com/plugins/nessus/23797", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2006:0746. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(23797);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-5989\");\n script_xref(name:\"RHSA\", value:\"2006:0746\");\n\n script_name(english:\"RHEL 4 : mod_auth_kerb (RHSA-2006:0746)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated mod_auth_kerb packages that fix a security flaw and a bug in\nmultiple realm handling are now available for Red Hat Enterprise Linux\n4.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nmod_auth_kerb is module for the Apache HTTP Server designed to provide\nKerberos authentication over HTTP.\n\nAn off by one flaw was found in the way mod_auth_kerb handles certain\nKerberos authentication messages. A remote client could send a\nspecially crafted authentication request which could crash an httpd\nchild process (CVE-2006-5989).\n\nA bug in the handling of multiple realms configured using the\n'KrbAuthRealms' directive has also been fixed.\n\nAll users of mod_auth_kerb should upgrade to these updated packages,\nwhich contain backported patches that resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-5989\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2006:0746\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mod_auth_kerb package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_auth_kerb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/12/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2006:0746\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"mod_auth_kerb-5.0-1.3\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_auth_kerb\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T12:43:52", "description": "From Red Hat Security Advisory 2006:0746 :\n\nUpdated mod_auth_kerb packages that fix a security flaw and a bug in\nmultiple realm handling are now available for Red Hat Enterprise Linux\n4.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nmod_auth_kerb is module for the Apache HTTP Server designed to provide\nKerberos authentication over HTTP.\n\nAn off by one flaw was found in the way mod_auth_kerb handles certain\nKerberos authentication messages. A remote client could send a\nspecially crafted authentication request which could crash an httpd\nchild process (CVE-2006-5989).\n\nA bug in the handling of multiple realms configured using the\n'KrbAuthRealms' directive has also been fixed.\n\nAll users of mod_auth_kerb should upgrade to these updated packages,\nwhich contain backported patches that resolve these issues.", "edition": 25, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 4 : mod_auth_kerb (ELSA-2006-0746)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-5989"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:4", "p-cpe:/a:oracle:linux:mod_auth_kerb"], "id": "ORACLELINUX_ELSA-2006-0746.NASL", "href": "https://www.tenable.com/plugins/nessus/67427", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2006:0746 and \n# Oracle Linux Security Advisory ELSA-2006-0746 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67427);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-5989\");\n script_xref(name:\"RHSA\", value:\"2006:0746\");\n\n script_name(english:\"Oracle Linux 4 : mod_auth_kerb (ELSA-2006-0746)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2006:0746 :\n\nUpdated mod_auth_kerb packages that fix a security flaw and a bug in\nmultiple realm handling are now available for Red Hat Enterprise Linux\n4.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nmod_auth_kerb is module for the Apache HTTP Server designed to provide\nKerberos authentication over HTTP.\n\nAn off by one flaw was found in the way mod_auth_kerb handles certain\nKerberos authentication messages. A remote client could send a\nspecially crafted authentication request which could crash an httpd\nchild process (CVE-2006-5989).\n\nA bug in the handling of multiple realms configured using the\n'KrbAuthRealms' directive has also been fixed.\n\nAll users of mod_auth_kerb should upgrade to these updated packages,\nwhich contain backported patches that resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2006-December/000030.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mod_auth_kerb package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_auth_kerb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"mod_auth_kerb-5.0-1.3\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"mod_auth_kerb-5.0-1.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_auth_kerb\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:44:45", "description": "An off-by-one error leading to a heap-based buffer overflow has been\nidentified in libapache-mod-auth-kerb, an Apache module for Kerberos\nauthentication. The error could allow an attacker to trigger an\napplication crash or potentially execute arbitrary code by sending a\nspecially crafted kerberos message.", "edition": 25, "published": "2007-05-16T00:00:00", "title": "Debian DSA-1247-1 : libapache-mod-auth-kerb - heap overflow", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-5989"], "modified": "2007-05-16T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:3.1", "p-cpe:/a:debian:debian_linux:libapache-mod-auth-kerb"], "id": "DEBIAN_DSA-1247.NASL", "href": "https://www.tenable.com/plugins/nessus/25225", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1247. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25225);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-5989\");\n script_bugtraq_id(21214);\n script_xref(name:\"DSA\", value:\"1247\");\n\n script_name(english:\"Debian DSA-1247-1 : libapache-mod-auth-kerb - heap overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An off-by-one error leading to a heap-based buffer overflow has been\nidentified in libapache-mod-auth-kerb, an Apache module for Kerberos\nauthentication. The error could allow an attacker to trigger an\napplication crash or potentially execute arbitrary code by sending a\nspecially crafted kerberos message.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400589\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2007/dsa-1247\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libapache-mod-auth-kerb package.\n\nFor the stable distribution (sarge), this problem has been fixed in\nversion 4.996-5.0-rc6-1sarge1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libapache-mod-auth-kerb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/05/16\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"libapache-mod-auth-kerb\", reference:\"4.996-5.0-rc6-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libapache2-mod-auth-kerb\", reference:\"4.996-5.0-rc6-1sarge1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:34:58", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5989"], "description": " [5.0-1.3.el4]\n - add fix for CVE-2006-5989 (Nalin Dahyabhai, #216482) ", "edition": 4, "modified": "2006-12-11T00:00:00", "published": "2006-12-11T00:00:00", "id": "ELSA-2006-0746", "href": "http://linux.oracle.com/errata/ELSA-2006-0746.html", "title": "Low mod_auth_kerb security update ", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:20", "bulletinFamily": "software", "cvelist": ["CVE-2006-5989"], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n \r\n Mandriva Linux Security Advisory MDKSA-2006:218\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n \r\n Package : apache-mod_auth_kerb\r\n Date : November 23, 2006\r\n Affected: Corporate 4.0\r\n _______________________________________________________________________\r\n \r\n Problem Description:\r\n \r\n An off-by-one error in the der_get_oid function in mod_auth_kerb 5.0\r\n allows remote attackers to cause a denial of service (crash) via a\r\n crafted Kerberos message that triggers a heap-based buffer overflow in\r\n the component array.\r\n\r\n Packages have been patched to correct this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n \r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5989\r\n _______________________________________________________________________\r\n \r\n Updated Packages:\r\n \r\n Corporate 4.0:\r\n 8ce7379b083881bad524a8f2c0f14e26 corporate/4.0/i586/apache-mod_auth_kerb-5.0-2.1.20060mlcs4.i586.rpm \r\n 7b3c02468f28a21609fa86c53af50951 corporate/4.0/SRPMS/apache-mod_auth_kerb-5.0-2.1.20060mlcs4.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n 0200c4ac02a6217d22edc05c74db3378 \r\ncorporate/4.0/x86_64/apache-mod_auth_kerb-5.0-2.1.20060mlcs4.x86_64.rpm \r\n 7b3c02468f28a21609fa86c53af50951 corporate/4.0/SRPMS/apache-mod_auth_kerb-5.0-2.1.20060mlcs4.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\r\n\r\niD8DBQFFZcQDmqjQ0CJFipgRAhX1AJsGMqVdXHk2R2Xryz8HWQD9lHuRjgCgu771\r\nrnLhKqiTqIobFMja1JPTDt4=\r\n=FqH0\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2006-11-25T00:00:00", "published": "2006-11-25T00:00:00", "id": "SECURITYVULNS:DOC:15204", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:15204", "title": "[ MDKSA-2006:218 ] - Updated apache-mod_auth_kerb packages fixes DoS vulnerability", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "debian": [{"lastseen": "2020-11-11T13:24:19", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5989"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1247-1 security@debian.org\nhttp://www.debian.org/security/ Noah Meyerhans\nJanuary 08, 2007\n- ------------------------------------------------------------------------\n\nPackage : libapache-mod-auth-kerb\nVulnerability : heap overflow\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2006-5989\nBugTraq ID : 21214\nDebian Bug : 400589\n\nAn off-by-one error leading to a heap-based buffer overflow has been\nidentified in libapache-mod-auth-kerb, an Apache module for Kerberos\nauthentication. The error could allow an attacker to trigger an\napplication crash or potentially execute arbitrary code by sending a\nspecially crafted kerberos message.\n\nFor the stable distribution (sarge), this problem has been fixed in\nversion 4.996-5.0-rc6-1sarge1.\n\nFor the unstable version (sid) and the forthcoming stable version\n(etch), this problem has been fixed in version 5.3-1.\n\nWe recommend that you upgrade your libapache-mod-auth-kerb package.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian 3.1 (stable)\n- -------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1.dsc\n Size/MD5 checksum: 744 5e045be08755cab316754a7f214eeaae\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1.diff.gz\n Size/MD5 checksum: 49849 3ebbb5101629ddd8917159c1cbdf20ab\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6.orig.tar.gz\n Size/MD5 checksum: 68787 b6a6c80b25b362eb7394f69cdc91f76d\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_amd64.deb\n Size/MD5 checksum: 28574 65078aa7e78f2728499849047eaf2fbb\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_amd64.deb\n Size/MD5 checksum: 27148 60ce4d39ac022335bd98ea7ed412f24d\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_arm.deb\n Size/MD5 checksum: 24078 053e0b54c348251be97c7708d43b5542\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_arm.deb\n Size/MD5 checksum: 25498 e1882b8b0e408cb2339ef4d43c800bd7\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_hppa.deb\n Size/MD5 checksum: 28796 e29c79c55af53fc66cc1ea9084c63403\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_hppa.deb\n Size/MD5 checksum: 27246 4d2394e0fc2a429c03ad6063c9ea2cce\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_i386.deb\n Size/MD5 checksum: 25014 20666ea4edbce196ba0b4ea120425af5\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_i386.deb\n Size/MD5 checksum: 27176 6e7e40781f4beadec9226a918c8d4591\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_ia64.deb\n Size/MD5 checksum: 31886 8146de1df6e65b32e213bfdc9b1320d2\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_ia64.deb\n Size/MD5 checksum: 33946 a2f93809df0703311c64ab28bc71a435\n\nm68k architecture (Motorola Mc680x0)\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_m68k.deb\n Size/MD5 checksum: 24592 111a715b11307ad90a8c3c72d144067d\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_m68k.deb\n Size/MD5 checksum: 24904 058b9470f905b33b7db5c1b7c82b704c\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_mips.deb\n Size/MD5 checksum: 26282 32ea8b07b5884759d0be1ae80aff2cbe\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_mips.deb\n Size/MD5 checksum: 24916 3086189cc29784d14c3c262bf5db79c6\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_mipsel.deb\n Size/MD5 checksum: 24750 4e60ed40a92ebd95eac8b1b1a047eeb1\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_mipsel.deb\n Size/MD5 checksum: 26078 3debbde1ea8f7bfdded64641019ee035\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_powerpc.deb\n Size/MD5 checksum: 27564 224b00ca30cfbc147af1359bb97d5bf2\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_powerpc.deb\n Size/MD5 checksum: 26050 26618825bca0ebce62a17f372c945dc5\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_s390.deb\n Size/MD5 checksum: 28890 4a105cf32ef83ab8b2f3ea41a3303d69\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_s390.deb\n Size/MD5 checksum: 27520 9582e86ab07a5fe726c88c35b4463a74\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_sparc.deb\n Size/MD5 checksum: 24014 d7e4b7d6fe57acd4cf5bb100e35a964f\n http://security.debian.org/pool/updates/main/liba/libapache-mod-auth-kerb/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_sparc.deb\n Size/MD5 checksum: 25022 78f3c5282673219f044955496aaed10b\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 9, "modified": "2007-01-08T00:00:00", "published": "2007-01-08T00:00:00", "id": "DEBIAN:DSA-1247-1:8DA38", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00002.html", "title": "[SECURITY] [DSA 1247-1] New libapache-mod-auth-kerb packages fix remote denial of service", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}]}