11 matches found
Oracle Linux 5 : Important: / krb5 (ELSA-2007-0858)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0858 advisory. 1.5-28 - add preliminary patch to fix buffer overflow in rpcsecgss implementation in libgssrpc 250973, CVE-2007-3999 and write through uninitialized...
Fedora Update for krb5 FEDORA-2007-2066
Check for the Version of krb5 OpenVAS Vulnerability Test Fedora Update for krb5 FEDORA-2007-2066 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
Fedora Update for krb5 FEDORA-2007-690
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
SuSE 10 Security Update : Kerberos 5 (ZYPP Patch Number 4249)
This update improves the patch for the previously released security update of krb5 to fix CVE-2007-3999 / CVE-2007-4000. CVE-2007-4743 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ...
SuSE 10 Security Update : Kerberos (ZYPP Patch Number 4192)
This update of krb5 fixes two bugs in kadmind that can be used to execute arbitrary code remotely. CVE-2007-3999 / CVE-2007-4000 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...
openSUSE 10 Security Update : krb5 (krb5-4191)
This update of krb5 fixes two bugs in kadmind that can be used to execute arbitrary code remotely. CVE-2007-3999, CVE-2007-4000 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update krb5-4191. The...
Mandrake Linux Security Advisory : krb5 (MDKSA-2007:174-1)
A stack-based buffer overflow vulnerability was discovered in the RPC library used by Kerberos' kadmind program by Tenable Network Security. A remote unauthenticated user who could access kadmind would be able to trigger the flaw and cause it to crash CVE-2007-3999. This issue is only applicable ...
CVE-2007-4000
The kadm5modifypolicyinternal function in lib/kadm5/srv/svrpolicy.c in the Kerberos administration daemon kadmind in MIT Kerberos 5 krb5 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy"...
CVE-2007-4000
CVE-2007-4000 : In MIT Kerberos 5 kadmind, the kadm5_modify_policy_internal function fails to validate return values when the policy does not exist, allowing a remote authenticated user with the modify policy privilege to trigger a path that writes to an uninitialized pointer and potentially exec...
Important: Red Hat Security Advisory: krb5 security update
Updated krb5 packages that fix two security flaws are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Updated 07 Sep 2007 The initial fix for CVE-2007-3999 was found to be incomplete. Packages have...
Important: krb5 security update
1.5-28 - add preliminary patch to fix buffer overflow in rpcsecgss implementation in libgssrpc 250973, CVE-2007-3999 and write through uninitialized pointer in kadmind 250976, CVE-2007-4000...