Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
oraclelinuxOracleELSA-2007-0095
HistoryApr 04, 2007 - 12:00 a.m.

Critical: krb5 security update

2007-04-0400:00:00
Oracle
linux.oracle.com
11

0.968 High

EPSS

Percentile

99.6%

JSON

[1.3.4-46]

  • fix bug ID in changelog

[1.3.4-45]

  • add preliminary patch to fix buffer overflow in krb5kdc and kadmind
    (#231528, CVE-2007-0957)
  • add preliminary patch to fix double-free in kadmind (#231537, CVE-2007-1216)

[1.3.4-44]

  • temporarily disable bug fixes for #143289, #179062, #180671, #202191, #223669
    for security update
  • add preliminary patch to correct unauthorized access via krb5-aware telnet
    daemon (#229782, CVE-2007-0956)

[1.3.4-43]

  • re-enable fixes for #143289, #223669 and rebuild

[1.3.4-42]

  • temporarily back out fixes for #143289, #223669 and rebuild

[1.3.4-41]

  • update rcp non-fatal error patch to fix hangs on write errors, too (Jose
    Plans, #223669)

[1.3.4-40]

  • report a non-fatal error to the remote rcp when the client fails to open a
    file for writing (#223669)

[1.3.4-39]

  • refrain from killing any lingering members of our child’s process group when
    logging that the child process has exited (Jose Plans, #143289)

[1.3.4-38]

[1.3.4-37]

  • update to revised upstream patches for CVE-2006-3083 and CVE-2006-3084
    (MITKRB5-SA-2006-001) to avoid unnecessary error messages from ksu (#209512)

[1.3.4-36]

  • add missing shebang headers to krsh and krlogin wrapper scripts (#209238)

[1.3.4-35]

  • backport changes to make krb5-devel multilib-safe (#202191, prereq for

[1.3.4-34]

  • reapply changes for #198633, #179062, #180671

[1.3.4-33]

  • temporarily revert changes for #198633

[ 1.3.4-32]

  • rebuild

[1.3.4-31]

  • temporarily revert changes for #179062
  • temporarily revert changes for #180671
  • apply patch to fix unchecked calls to setuid() (CVE-2006-3083) and
    seteuid() (CVE-2006-3084) (#197818)

[1.3.4-30]

  • incorporate fixes for hangs in the rsh client and server (#198633)

[1.3.4-29]

  • if we fail to determine the name of a master KDC in
    krb5_get_init_creds_keytab(), return the error we got from the non-master
    rather than the can’t-determine-the-name error, which isn’t so useful,
    matching the current release’s behavior (#180671)

[1.3.4-28]

  • reenable the fix for #179062

Related

openvas 65
suse 1
nessus 35
fedora 8
securityvulns 6
gentoo 3
debian 2
centos 3
osv 1
redhat 2
ubuntu 3
cert 5
ubuntucve 5
cve 5
debiancve 5
d2 1
checkpoint_advisories 1
prion 3
packetstorm 1
vmware 1
openvas
openvas
Fedora Update for krb5 FEDORA-2007-409
2009-02-27 00:00:00
Mandriva Update for krb5 MDKSA-2007:077-1 (krb5)
2009-04-09 00:00:00
SuSE Update for krb5 SUSE-SA:2007:025
2009-01-28 00:00:00
suse
suse
remote code execution in krb5
2007-04-05 12:20:17
nessus
nessus
Mandrake Linux Security Advisory : krb5 (MDKSA-2007:077-1)
2007-04-05 00:00:00
Oracle Linux 3 / 4 / 5 : krb5 (ELSA-2007-0095)
2013-07-12 00:00:00
Debian DSA-1276-1 : krb5 - several vulnerabilities
2007-04-10 00:00:00
fedora
fedora
[SECURITY] Fedora Core 5 Update: krb5-1.4.3-5.4
2007-04-03 20:14:48
[SECURITY] Fedora Core 6 Update: krb5-1.5-21
2007-04-03 20:13:33
[SECURITY] Fedora Core 5 Update: krb5-1.4.3-5.5
2007-06-28 13:30:51
securityvulns
securityvulns
Mltiple MIT Kerberos security vulnerabilities
2007-04-11 00:00:00
MITKRB-SA-2006-001: multiple local privilege escalation vulnerabilities
2006-08-09 00:00:00
MITKRB5-SA-2007-002: KDC, kadmind stack overflow in krb5_klog_syslog [CVE-2007-0957]
2007-04-04 00:00:00
gentoo
gentoo
MIT Kerberos 5: Arbitrary remote code execution
2007-04-03 00:00:00
Heimdal: Multiple local privilege escalation vulnerabilities
2006-08-23 00:00:00
MIT Kerberos 5: Multiple local privilege escalation vulnerabilities
2006-08-10 00:00:00
debian
debian
[SECURITY] [DSA 1276-1] New krb5 packages fix several vulnerabilities
2007-04-03 21:15:24
[SECURITY] [DSA 1146-1] New krb5 packages fix privilege escalation
2006-08-09 06:10:06
centos
centos
krb5 security update
2007-04-04 00:33:54
krb5 security update
2007-04-03 21:56:56
krb5 security update
2006-08-09 10:57:14
osv
osv
krb5 - several vulnerabilities
2007-04-03 00:00:00
redhat
redhat
(RHSA-2007:0095) Critical: krb5 security update
2007-04-03 00:00:00
(RHSA-2006:0612) krb5 security update
2006-08-08 00:00:00
ubuntu
ubuntu
krb5 vulnerabilities
2007-04-04 00:00:00
krb5 vulnerabilities
2006-08-16 00:00:00
Thunderbird vulnerabilities
2006-07-29 00:00:00
cert
cert
MIT Kerberos (krb5) ftpd and ksu do not properly validate seteuid() calls
2006-08-15 00:00:00
MIT Kerberos (krb5) krshd and v4rcp do not properly validate setuid() or seteuid() calls
2006-08-08 00:00:00
MIT Kerberos 5 telnet daemon allows login as arbitrary user
2007-04-03 00:00:00
ubuntucve
ubuntucve
CVE-2006-3083
2006-08-09 00:00:00
CVE-2006-3084
2006-08-09 00:00:00
CVE-2007-0957
2007-04-06 00:00:00
cve
cve
CVE-2006-3084
2006-08-09 10:04:00
CVE-2006-3083
2006-08-09 10:04:00
CVE-2007-0957
2007-04-06 01:19:00
debiancve
debiancve
CVE-2006-3084
2006-08-09 10:04:00
CVE-2006-3083
2006-08-09 10:04:00
CVE-2007-0957
2007-04-06 01:19:00
d2
d2
DSquare Exploit Pack: D2SEC_KRB5_TELNETD
2007-04-06 01:19:00
checkpoint_advisories
checkpoint_advisories
MIT Kerberos V5 KAdminD klog_vsyslog Server Stack Buffer Overflow (CVE-2007-0957)
2010-07-27 00:00:00
prion
prion
Stack overflow
2007-04-06 01:19:00
Double free
2007-04-06 01:19:00
Authentication flaw
2007-04-06 01:19:00
packetstorm
packetstorm
kadmind-overflow.txt
2007-04-11 00:00:00
vmware
vmware
Updated Service Console packages (XFree86, UP and SMP kernels, Kerberos libraries) resolve security issues.
2007-07-05 00:00:00

0.968 High

EPSS

Percentile

99.6%

JSON
Related for ELSA-2007-0095
openvas65suse1nessus35fedora8securityvulns6gentoo3debian2centos3osv1redhat2ubuntu3cert5ubuntucve5cve5debiancve5d21checkpoint_advisories1prion3packetstorm1vmware1