OracleVM 3.3 / 3.4 : libtirpc (OVMSA-2017-0108)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fix for CVE-2017-8779 bz 1449458 - tirpc: fix taddr2uaddr for AFLOCAL bz 1285144 - clntvccreate: Do not hold a global mutex during connect bz 1332520 - Backported upstream debugging bz 1273158 - Fixed...

MIT Kerberos 5 RPC library RPCSEC_GSS buffer overflow

Added: 12/03/2007 CVE: CVE-2007-3999 BID: 25534 OSVDB: 37324 Background Kerberos is a network authentication protocol which provides strong authentication for client/server applications. MIT Kerberos 5 is a free implementation of this protocol. Problem A buffer overflow in the svcauthgssvalidate...

krb5 RPC library buffer overflow

Stack-based buffer overflow in the svcauthgssvalidate function in lib/rpc/svcauthgss.c in the RPCSECGSS RPC library librpcsecgss in MIT Kerberos 5 krb5 1.4 through 1.6.2, as used by the Kerberos administration daemon kadmind and some third-party applications that use krb5, allows remote attackers...

MIT Kerberos buffer overflow

Buffer overflow on oversized string in RPC library svcauthgssvalidate function...

CVE-2007-3999

Stack-based buffer overflow in the svcauthgssvalidate function in lib/rpc/svcauthgss.c in the RPCSECGSS RPC library librpcsecgss in MIT Kerberos 5 krb5 1.4 through 1.6.2, as used by the Kerberos administration daemon kadmind and some third-party applications that use krb5, allows remote attackers...