{"id": "SECURITYVULNS:VULN:10981", "bulletinFamily": "software", "title": "Heimdal Kerberos server DoS", "description": "NULL pointer dereference on GAA-API token parsing.", "published": "2010-07-11T00:00:00", "modified": "2010-07-11T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10981", "reporter": "BUGTRAQ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:24193"], "cvelist": ["CVE-2010-1321"], "type": "securityvulns", "lastseen": "2018-08-31T11:09:37", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "2ab51bacc0a8e1a8fdc1de597f6b5731"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "fc77bece72637682d83c1d27b5f39832"}, {"key": "cvss", "hash": "b4c02b01e145dc1cccaabeb902422ace"}, {"key": "description", "hash": "4d5f57f630783527bf34a82fac2b997d"}, {"key": "href", "hash": "73f7e106befc9f6ea86193ce3b01b820"}, {"key": "modified", "hash": "90e7f19a23e237d7f30455fafe01cf86"}, {"key": "published", "hash": "90e7f19a23e237d7f30455fafe01cf86"}, {"key": "references", "hash": "e613da799c6e8a558de750a15502a8a8"}, {"key": "reporter", "hash": "2c5cca82a8670da097919f6160833daf"}, {"key": "title", "hash": "e7e3385102a90a8118e546439327fcde"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "f04310c7266d85788b40e91c120c2ecc42fb6ad36cda57e46622cbf9eb96c5c7", "viewCount": 0, "enchantments": {"score": {"value": 5.0, "vector": "NONE", "modified": "2018-08-31T11:09:37"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2010-1321"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:23900", "SECURITYVULNS:VULN:10853", "SECURITYVULNS:DOC:24193"]}, {"type": "nessus", "idList": ["SUSE_KRB5-7046.NASL", "FEDORA_2010-8796.NASL", "FEDORA_2010-8805.NASL", "SUSE_11_2_KRB5-100521.NASL", "FEDORA_2010-8749.NASL", "SUSE_11_0_KRB5-100521.NASL", "SUSE_11_1_KRB5-100521.NASL", "REDHAT-RHSA-2010-0423.NASL", "SUSE_11_KRB5-100520.NASL", "ORACLELINUX_ELSA-2010-0423.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:831009", "OPENVAS:1361412562310122358", "OPENVAS:1361412562310880401", "OPENVAS:880401", "OPENVAS:1361412562310830948", "OPENVAS:1361412562310831009", "OPENVAS:1361412562310831042", "OPENVAS:870268", "OPENVAS:831108", "OPENVAS:1361412562310880400"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2052-1:D6841", "DEBIAN:DSA-2052-1:44A83"]}, {"type": "seebug", "idList": ["SSV:19661", "SSV:30015"]}, {"type": "centos", "idList": ["CESA-2010:0423"]}, {"type": "redhat", "idList": ["RHSA-2010:0423", "RHSA-2010:0935", "RHSA-2011:0152", "RHSA-2010:0807", "RHSA-2010:0873", "RHSA-2010:0987"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0423"]}, {"type": "ubuntu", "idList": ["USN-940-2", "USN-940-1"]}, {"type": "suse", "idList": ["SUSE-SU-2012:0042-1", "SUSE-SU-2012:0010-1", "SUSE-SA:2011:014", "SUSE-SA:2011:006"]}, {"type": "vmware", "idList": ["VMSA-2010-0013", "VMSA-2010-0016"]}], "modified": "2018-08-31T11:09:37"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "affectedSoftware": [{"name": "heimdal", "operator": "eq", "version": "1.2"}]}

{"cve": [{"lastseen": "2018-10-11T11:34:15", "bulletinFamily": "NVD", "description": "The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing.", "modified": "2018-10-10T15:56:27", "published": "2010-05-19T14:30:03", "id": "CVE-2010-1321", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1321", "title": "CVE-2010-1321", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:34", "bulletinFamily": "software", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nMITKRB5-SA-2010-005\r\n\r\nMIT krb5 Security Advisory 2010-005\r\nOriginal release: 2010-05-18\r\n\r\nTopic: GSS-API library null pointer dereference\r\n\r\nCVE-2010-1321\r\n\r\nCVSSv2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C/E:POC/RL:OF/RC:C\r\n\r\nCVSSv2 Base Score: 6.8\r\n\r\nAccess Vector: Network\r\nAccess Complexity: Low\r\nAuthentication: Single\r\nConfidentiality Impact: None\r\nIntegrity Impact: None\r\nAvailability Impact: Complete\r\n\r\nCVSSv2 Temporal Score: 5.3\r\n\r\nExploitability: Proof-of-Concept\r\nRemediation Level: Official Fix\r\nReport Confidence: Confirmed\r\n\r\nSUMMARY\r\n=======\r\n\r\nCertain invalid GSS-API tokens can cause a GSS-API acceptor &#40;server&#41;\r\nto crash due to a null pointer dereference in the GSS-API library.\r\n\r\nThis is an implementation vulnerability in MIT krb5, and not a\r\nvulnerability in the Kerberos protocol.\r\n\r\nIMPACT\r\n======\r\n\r\nAn authenticated remote attacker can cause a GSS-API application\r\nserver &#40;including the Kerberos administration daemon kadmind&#41; to crash\r\nby sending a malformed GSS-API token that induces a null pointer\r\ndereference.\r\n\r\nAFFECTED SOFTWARE\r\n=================\r\n\r\n* kadmind and other GSS-API server applications in all known releases\r\n of MIT krb5, up to and including krb5-1.8.1\r\n\r\n* third-party GSS-API server applications that link link against the\r\n GSS-API library in all known releases of MIT krb5, up to and\r\n including krb5-1.8.1\r\n\r\n* Independent implementations of the krb5 GSS-API mechanism may be\r\n vulnerable, as the underlying bug is based on plausible &#40;but\r\n invalid&#41; assumptions about the Kerberos protocol.\r\n\r\nFIXES\r\n=====\r\n\r\n* The upcoming krb5-1.8.2 release and an upcoming krb5-1.7 series\r\n release will contain a fix for this vulnerability.\r\n\r\n* Apply the following patch. The patch was generated against\r\n krb5-1.8.1, but should also apply to krb5-1.7 series releases.\r\n\r\ndiff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c\r\nindex ce3075f..6241055 100644\r\n- --- a/src/lib/gssapi/krb5/accept_sec_context.c\r\n+++ b/src/lib/gssapi/krb5/accept_sec_context.c\r\n@@ -607,6 +607,13 @@ kg_accept_krb5&#40;minor_status, context_handle,\r\n }\r\n #endif\r\n \r\n+ if &#40;authdat-&gt;checksum == NULL&#41; {\r\n+ /* missing checksum counts as &quot;inappropriate type&quot; */\r\n+ code = KRB5KRB_AP_ERR_INAPP_CKSUM;\r\n+ major_status = GSS_S_FAILURE;\r\n+ goto fail;\r\n+ }\r\n+\r\n if &#40;authdat-&gt;checksum-&gt;checksum_type != CKSUMTYPE_KG_CB&#41; {\r\n /* Samba does not send 0x8003 GSS-API checksums */\r\n krb5_boolean valid;\r\n\r\n\r\n\r\n This patch is also available at\r\n\r\n http://web.mit.edu/kerberos/advisories/2010-005-patch.txt\r\n\r\n A PGP-signed patch is available at\r\n\r\n http://web.mit.edu/kerberos/advisories/2010-005-patch.txt.asc\r\n\r\n\r\nFor the krb5-1.6 release:\r\n\r\n http://web.mit.edu/kerberos/advisories/2010-005-patch_r16.txt\r\n\r\nPGP-signed patch for krb5-1.6:\r\n\r\n http://web.mit.edu/kerberos/advisories/2010-005-patch_r16.txt.asc\r\n\r\n Earlier releases may require minor porting.\r\n\r\n\r\nREFERENCES\r\n==========\r\n\r\nThis announcement is posted at:\r\n\r\n http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-005.txt\r\n\r\nThis announcement and related security advisories may be found on the\r\nMIT Kerberos security advisory page at:\r\n\r\n http://web.mit.edu/kerberos/advisories/index.html\r\n\r\nThe main MIT Kerberos web page is at:\r\n\r\n http://web.mit.edu/kerberos/index.html\r\n\r\nCVSSv2:\r\n\r\n http://www.first.org/cvss/cvss-guide.html\r\n http://nvd.nist.gov/cvss.cfm?calculator&amp;adv&amp;version=2\r\n\r\nCVE: CVE-2010-1321\r\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321\r\n\r\nACKNOWLEDGMENTS\r\n===============\r\n\r\nThanks to Shawn Emery &#40;Oracle&#41; for reporting this vulnerability.\r\n\r\nCONTACT\r\n=======\r\n\r\nThe MIT Kerberos Team security contact address is\r\n&lt;krbcore-security@mit.edu&gt;. When sending sensitive information,\r\nplease PGP-encrypt it using the following key:\r\n\r\npub 2048R/8B8DF501 2010-01-15 [expires: 2011-02-01]\r\nuid MIT Kerberos Team Security Contact &lt;krbcore-security@mit.edu&gt;\r\n\r\nDETAILS\r\n=======\r\n\r\nThe krb5 GSS-API mechanism specification requires that the checksum\r\nfield in the authenticator of the Kerberos AP-REQ &#40;which is optional\r\nin the base Kerberos protocol&#41; be present and contain specific\r\ncontents. If the checksum field is missing, the decoded structure\r\ncontains a null pointer, which code called through\r\nkrb5_gss_accept_sec_context&#40;&#41; dereferences without first checking for\r\na null pointer.\r\n\r\nIndependent implementations of the krb5 GSS-API mechanism may be\r\nvulnerable because a developer might reasonably make the invalid\r\nassumption that the authenticator checksum field is not empty &#40;and\r\nhence, that the C representation would not contain a null pointer&#41;.\r\n\r\nREVISION HISTORY\r\n================\r\n\r\n2010-05-18 original release\r\n\r\nCopyright &#40;C&#41; 2010 Massachusetts Institute of Technology\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.8 &#40;SunOS&#41;\r\n\r\niEYEARECAAYFAkvy1ooACgkQSO8fWy4vZo4u8gCgz7jbjv/wCB4gvphXuK8x1g1f\r\n+PMAoKOiUzAEan9RPXQ4MN4SJ2Cl1Zl8\r\n=wuxV\r\n-----END PGP SIGNATURE-----", "modified": "2010-05-21T00:00:00", "published": "2010-05-21T00:00:00", "id": "SECURITYVULNS:DOC:23900", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:23900", "title": "MITKRB5-SA-2010-005 [CVE-2010-1321] GSS-API lib null pointer deref", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:36", "bulletinFamily": "software", "description": "NULL pointer dereference in server side code.", "modified": "2010-05-21T00:00:00", "published": "2010-05-21T00:00:00", "id": "SECURITYVULNS:VULN:10853", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10853", "title": "MIT Kerberos 5 GSS-API library DoS", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:35", "bulletinFamily": "software", "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2010:130\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : heimdal\r\n Date : July 7, 2010\r\n Affected: Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability has been found and corrected in heimdal:\r\n \r\n Certain invalid GSS-API tokens can cause a GSS-API acceptor &#40;server&#41;\r\n to crash due to a null pointer dereference in the GSS-API library\r\n &#40;CVE-2010-1321&#41;.\r\n \r\n The updated packages have been patched to correct this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321\r\n http://www.h5l.org/advisories.html?show=2010-05-27\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Enterprise Server 5:\r\n 60a0d4d8d59a6c33bb87af9d38389be6 mes5/i586/heimdal-daemons-1.2-4.1mdvmes5.1.i586.rpm\r\n 5a8379a376307648185baf277672f4a4 mes5/i586/heimdal-devel-1.2-4.1mdvmes5.1.i586.rpm\r\n fae25dec3b145c0e58a94738107665e7 mes5/i586/heimdal-devel-doc-1.2-4.1mdvmes5.1.i586.rpm\r\n 563dd64df1506f58579cfba456e09cda mes5/i586/heimdal-ftp-1.2-4.1mdvmes5.1.i586.rpm\r\n a54d8a021cec8363ec367f2e4dd7ba21 mes5/i586/heimdal-ftpd-1.2-4.1mdvmes5.1.i586.rpm\r\n 14c33bd11fb09905dd6545bb61e56216 mes5/i586/heimdal-libs-1.2-4.1mdvmes5.1.i586.rpm\r\n e2d953abed1ec85688baeffc010d681f mes5/i586/heimdal-login-1.2-4.1mdvmes5.1.i586.rpm\r\n 38fb75e498161ace328f2578869a3255 mes5/i586/heimdal-rsh-1.2-4.1mdvmes5.1.i586.rpm\r\n 733b1f016412145487f0d64efadc48d0 mes5/i586/heimdal-rshd-1.2-4.1mdvmes5.1.i586.rpm\r\n d42fa5813e4a7b9aee0a01bf2405e320 mes5/i586/heimdal-server-1.2-4.1mdvmes5.1.i586.rpm\r\n 0cf6ddc1a82d3ccd2cc5759be485f7a5 mes5/i586/heimdal-telnet-1.2-4.1mdvmes5.1.i586.rpm\r\n 12084bf73e18d9f2a091430d3b9ab77d mes5/i586/heimdal-telnetd-1.2-4.1mdvmes5.1.i586.rpm\r\n af5bb4f467aeb801bd22f6adfcc0f842 mes5/i586/heimdal-workstation-1.2-4.1mdvmes5.1.i586.rpm \r\n d41ca60ee0f8980f1b0ff2e4c0eff949 mes5/SRPMS/heimdal-1.2-4.1mdvmes5.1.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n d8e96af9bcf694199d5411e4fb2ed08c mes5/x86_64/heimdal-daemons-1.2-4.1mdvmes5.1.x86_64.rpm\r\n c7b700952bb8603f0444a580cf20ec62 mes5/x86_64/heimdal-devel-1.2-4.1mdvmes5.1.x86_64.rpm\r\n aaf8beb12b4025a62717454be34db078 mes5/x86_64/heimdal-devel-doc-1.2-4.1mdvmes5.1.x86_64.rpm\r\n 7ad7f3d8a79f91fb8d1ed3d432ac9f45 mes5/x86_64/heimdal-ftp-1.2-4.1mdvmes5.1.x86_64.rpm\r\n d6b84ff544941b876e6d55520390ee1a mes5/x86_64/heimdal-ftpd-1.2-4.1mdvmes5.1.x86_64.rpm\r\n 90d18fc592b62805523e173edf779f77 mes5/x86_64/heimdal-libs-1.2-4.1mdvmes5.1.x86_64.rpm\r\n 94327fc1bf983b766c71f466aceb8edc mes5/x86_64/heimdal-login-1.2-4.1mdvmes5.1.x86_64.rpm\r\n 30f310553eecc760770be72708ae5cfa mes5/x86_64/heimdal-rsh-1.2-4.1mdvmes5.1.x86_64.rpm\r\n 8740c265aaccb35fa0a003cb3fbfbfab mes5/x86_64/heimdal-rshd-1.2-4.1mdvmes5.1.x86_64.rpm\r\n 5f3c301ca663cfd0d16561d77437d7d6 mes5/x86_64/heimdal-server-1.2-4.1mdvmes5.1.x86_64.rpm\r\n 24d0fc45b274a0d27cba06bfa5c5a1af mes5/x86_64/heimdal-telnet-1.2-4.1mdvmes5.1.x86_64.rpm\r\n b6605d1f09f73e49dee0bddb20316721 mes5/x86_64/heimdal-telnetd-1.2-4.1mdvmes5.1.x86_64.rpm\r\n 9dc269e3c28fbccd6485173aa1838245 mes5/x86_64/heimdal-workstation-1.2-4.1mdvmes5.1.x86_64.rpm \r\n d41ca60ee0f8980f1b0ff2e4c0eff949 mes5/SRPMS/heimdal-1.2-4.1mdvmes5.1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFMNH9nmqjQ0CJFipgRAsE8AKDvy2f3Edmz6Pmkoj1xVMrGj32YYwCfbkMw\r\n+E2oonudfbWDETgh5M0246s=\r\n=X5wQ\r\n-----END PGP SIGNATURE-----", "modified": "2010-07-11T00:00:00", "published": "2010-07-11T00:00:00", "id": "SECURITYVULNS:DOC:24193", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:24193", "title": "[ MDVSA-2010:130 ] heimdal", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-01-16T20:11:09", "bulletinFamily": "scanner", "description": "This update fixes a denial-of-service vulnerability in kadmind. A\nremote attack can send a malformed GSS-API token that triggers a NULL\npointer dereference. (CVE-2010-1321: CVSS v2 Base Score: 6.8 (MEDIUM)\n(AV:N/AC:L/Au:S/C:N/I:N/A:C))", "modified": "2012-06-14T00:00:00", "published": "2010-10-11T00:00:00", "id": "SUSE_KRB5-7046.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=49876", "title": "SuSE 10 Security Update : Kerberos 5 (ZYPP Patch Number 7046)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(49876);\n script_version (\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2012/06/14 20:24:38 $\");\n\n script_cve_id(\"CVE-2010-1321\");\n\n script_name(english:\"SuSE 10 Security Update : Kerberos 5 (ZYPP Patch Number 7046)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a denial-of-service vulnerability in kadmind. A\nremote attack can send a malformed GSS-API token that triggers a NULL\npointer dereference. (CVE-2010-1321: CVSS v2 Base Score: 6.8 (MEDIUM)\n(AV:N/AC:L/Au:S/C:N/I:N/A:C))\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1321.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7046.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2012 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"krb5-1.4.3-19.45.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"krb5-client-1.4.3-19.45.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"krb5-devel-1.4.3-19.45.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"krb5-32bit-1.4.3-19.45.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"krb5-devel-32bit-1.4.3-19.45.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"krb5-1.4.3-19.45.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"krb5-apps-clients-1.4.3-19.45.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"krb5-apps-servers-1.4.3-19.45.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"krb5-client-1.4.3-19.45.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"krb5-devel-1.4.3-19.45.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"krb5-server-1.4.3-19.45.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"krb5-32bit-1.4.3-19.45.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"krb5-devel-32bit-1.4.3-19.45.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:10:48", "bulletinFamily": "scanner", "description": "Shawn Emery discovered a remotely-triggerable NULL pointer dereference\nin the Kerberos GSS-API library which could be used to cause\nGSS-API-authenticated services to crash. This update incorporates\nfixes to instead correctly detect the error and return an error code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2018-11-28T00:00:00", "published": "2010-07-01T00:00:00", "id": "FEDORA_2010-8796.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=47512", "title": "Fedora 11 : krb5-1.6.3-31.fc11 (2010-8796)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-8796.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(47512);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/11/28 22:47:43\");\n\n script_cve_id(\"CVE-2010-1321\");\n script_bugtraq_id(37749, 39247);\n script_xref(name:\"FEDORA\", value:\"2010-8796\");\n\n script_name(english:\"Fedora 11 : krb5-1.6.3-31.fc11 (2010-8796)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Shawn Emery discovered a remotely-triggerable NULL pointer dereference\nin the Kerberos GSS-API library which could be used to cause\nGSS-API-authenticated services to crash. This update incorporates\nfixes to instead correctly detect the error and return an error code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=582466\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-May/041645.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?eaf95fb5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"krb5-1.6.3-31.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:10:48", "bulletinFamily": "scanner", "description": "Shawn Emery discovered a remotely-triggerable NULL pointer dereference\nin the Kerberos GSS-API library which could be used to cause\nGSS-API-authenticated services to crash. This update incorporates\nfixes to instead correctly detect the error and return an error code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2018-11-28T00:00:00", "published": "2010-07-01T00:00:00", "id": "FEDORA_2010-8805.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=47513", "title": "Fedora 12 : krb5-1.7.1-9.fc12 (2010-8805)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-8805.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(47513);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/11/28 22:47:43\");\n\n script_cve_id(\"CVE-2010-1321\");\n script_bugtraq_id(37486, 37749, 38260, 38904, 39599);\n script_xref(name:\"FEDORA\", value:\"2010-8805\");\n\n script_name(english:\"Fedora 12 : krb5-1.7.1-9.fc12 (2010-8805)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Shawn Emery discovered a remotely-triggerable NULL pointer dereference\nin the Kerberos GSS-API library which could be used to cause\nGSS-API-authenticated services to crash. This update incorporates\nfixes to instead correctly detect the error and return an error code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=582466\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-May/041654.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?42bc04fb\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"krb5-1.7.1-9.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:10:38", "bulletinFamily": "scanner", "description": "A vulnerability has been found and corrected in krb5 :\n\nCertain invalid GSS-API tokens can cause a GSS-API acceptor (server)\nto crash due to a NULL pointer dereference in the GSS-API library\n(CVE-2010-1321).\n\nPackages for 2008.0 and 2009.0 are provided due to the Extended\nMaintenance Program for those products.\n\nThe updated packages have been patched to correct this issue.", "modified": "2019-01-02T00:00:00", "published": "2010-05-20T00:00:00", "id": "MANDRIVA_MDVSA-2010-100.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=46678", "title": "Mandriva Linux Security Advisory : krb5 (MDVSA-2010:100)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:100. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46678);\n script_version(\"1.18\");\n script_cvs_date(\"Date: 2019/01/02 16:37:54\");\n\n script_cve_id(\"CVE-2010-1321\");\n script_bugtraq_id(40235);\n script_xref(name:\"MDVSA\", value:\"2010:100\");\n\n script_name(english:\"Mandriva Linux Security Advisory : krb5 (MDVSA-2010:100)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been found and corrected in krb5 :\n\nCertain invalid GSS-API tokens can cause a GSS-API acceptor (server)\nto crash due to a NULL pointer dereference in the GSS-API library\n(CVE-2010-1321).\n\nPackages for 2008.0 and 2009.0 are provided due to the Extended\nMaintenance Program for those products.\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-005.txt\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ftp-client-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ftp-server-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64krb53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64krb53-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkrb53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkrb53-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:telnet-client-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:telnet-server-krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", reference:\"ftp-client-krb5-1.6.2-7.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"ftp-server-krb5-1.6.2-7.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"krb5-1.6.2-7.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"krb5-server-1.6.2-7.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"krb5-workstation-1.6.2-7.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64krb53-1.6.2-7.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64krb53-devel-1.6.2-7.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkrb53-1.6.2-7.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libkrb53-devel-1.6.2-7.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"telnet-client-krb5-1.6.2-7.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"telnet-server-krb5-1.6.2-7.6mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", reference:\"ftp-client-krb5-1.6.3-6.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ftp-server-krb5-1.6.3-6.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"krb5-1.6.3-6.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"krb5-server-1.6.3-6.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"krb5-workstation-1.6.3-6.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64krb53-1.6.3-6.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64krb53-devel-1.6.3-6.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libkrb53-1.6.3-6.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libkrb53-devel-1.6.3-6.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"telnet-client-krb5-1.6.3-6.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"telnet-server-krb5-1.6.3-6.5mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", reference:\"ftp-client-krb5-1.6.3-9.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"ftp-server-krb5-1.6.3-9.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"krb5-1.6.3-9.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"krb5-server-1.6.3-9.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"krb5-workstation-1.6.3-9.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64krb53-1.6.3-9.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64krb53-devel-1.6.3-9.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkrb53-1.6.3-9.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libkrb53-devel-1.6.3-9.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"telnet-client-krb5-1.6.3-9.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"telnet-server-krb5-1.6.3-9.3mdv2009.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", reference:\"ftp-client-krb5-1.6.3-10.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"ftp-server-krb5-1.6.3-10.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"krb5-1.6.3-10.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"krb5-server-1.6.3-10.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"krb5-workstation-1.6.3-10.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64krb53-1.6.3-10.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64krb53-devel-1.6.3-10.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libkrb53-1.6.3-10.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libkrb53-devel-1.6.3-10.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"telnet-client-krb5-1.6.3-10.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"telnet-server-krb5-1.6.3-10.3mdv2010.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:10:38", "bulletinFamily": "scanner", "description": "This update fixes a denial-of-service vulnerability in kadmind. A\nremote attack can send a malformed GSS-API token that triggers a NULL\npointer dereference. (CVE-2010-1321: CVSS v2 Base Score: 6.8 (MEDIUM)\n(AV:N/AC:L/Au:S/C:N/I:N/A:C))", "modified": "2018-11-10T00:00:00", "published": "2010-05-26T00:00:00", "id": "SUSE_11_2_KRB5-100521.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=46730", "title": "openSUSE Security Update : krb5 (openSUSE-SU-2010:0292-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update krb5-2443.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46730);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:58\");\n\n script_cve_id(\"CVE-2010-1321\");\n\n script_name(english:\"openSUSE Security Update : krb5 (openSUSE-SU-2010:0292-1)\");\n script_summary(english:\"Check for the krb5-2443 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a denial-of-service vulnerability in kadmind. A\nremote attack can send a malformed GSS-API token that triggers a NULL\npointer dereference. (CVE-2010-1321: CVSS v2 Base Score: 6.8 (MEDIUM)\n(AV:N/AC:L/Au:S/C:N/I:N/A:C))\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=596826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-05/msg00027.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-apps-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-apps-servers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-plugin-kdb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-plugin-preauth-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"krb5-1.7-6.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"krb5-apps-clients-1.7-6.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"krb5-apps-servers-1.7-6.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"krb5-client-1.7-6.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"krb5-devel-1.7-6.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"krb5-plugin-kdb-ldap-1.7-6.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"krb5-plugin-preauth-pkinit-1.7-6.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"krb5-server-1.7-6.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"krb5-32bit-1.7-6.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"krb5-devel-32bit-1.7-6.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:10:48", "bulletinFamily": "scanner", "description": "Shawn Emery discovered a remotely-triggerable NULL pointer dereference\nin the Kerberos GSS-API library which could be used to cause\nGSS-API-authenticated services to crash. This update incorporates\nfixes to instead correctly detect the error and return an error code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2015-10-20T00:00:00", "published": "2010-07-01T00:00:00", "id": "FEDORA_2010-8749.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=47510", "title": "Fedora 13 : krb5-1.7.1-10.fc13 (2010-8749)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-8749.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(47510);\n script_version(\"$Revision: 1.10 $\");\n script_cvs_date(\"$Date: 2015/10/20 21:47:26 $\");\n\n script_cve_id(\"CVE-2010-1321\");\n script_xref(name:\"FEDORA\", value:\"2010-8749\");\n\n script_name(english:\"Fedora 13 : krb5-1.7.1-10.fc13 (2010-8749)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Shawn Emery discovered a remotely-triggerable NULL pointer dereference\nin the Kerberos GSS-API library which could be used to cause\nGSS-API-authenticated services to crash. This update incorporates\nfixes to instead correctly detect the error and return an error code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=582466\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-May/041615.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8dae9526\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"krb5-1.7.1-10.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:10:38", "bulletinFamily": "scanner", "description": "This update fixes a denial-of-service vulnerability in kadmind. A\nremote attack can send a malformed GSS-API token that triggers a NULL\npointer dereference. (CVE-2010-1321: CVSS v2 Base Score: 6.8 (MEDIUM)\n(AV:N/AC:L/Au:S/C:N/I:N/A:C))", "modified": "2018-11-10T00:00:00", "published": "2010-05-26T00:00:00", "id": "SUSE_11_0_KRB5-100521.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=46727", "title": "openSUSE Security Update : krb5 (openSUSE-SU-2010:0292-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update krb5-2443.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46727);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:58\");\n\n script_cve_id(\"CVE-2010-1321\");\n\n script_name(english:\"openSUSE Security Update : krb5 (openSUSE-SU-2010:0292-1)\");\n script_summary(english:\"Check for the krb5-2443 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a denial-of-service vulnerability in kadmind. A\nremote attack can send a malformed GSS-API token that triggers a NULL\npointer dereference. (CVE-2010-1321: CVSS v2 Base Score: 6.8 (MEDIUM)\n(AV:N/AC:L/Au:S/C:N/I:N/A:C))\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=596826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-05/msg00027.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-apps-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-apps-servers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-plugin-kdb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-plugin-preauth-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"krb5-1.6.3-50.11\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"krb5-apps-clients-1.6.3-50.11\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"krb5-apps-servers-1.6.3-50.11\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"krb5-client-1.6.3-50.11\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"krb5-devel-1.6.3-50.11\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"krb5-plugin-kdb-ldap-1.6.3-9.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"krb5-plugin-preauth-pkinit-1.6.3-9.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"krb5-server-1.6.3-50.11\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"krb5-32bit-1.6.3-50.11\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"krb5-devel-32bit-1.6.3-50.11\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:10:38", "bulletinFamily": "scanner", "description": "This update fixes a denial-of-service vulnerability in kadmind. A\nremote attack can send a malformed GSS-API token that triggers a NULL\npointer dereference. (CVE-2010-1321: CVSS v2 Base Score: 6.8 (MEDIUM)\n(AV:N/AC:L/Au:S/C:N/I:N/A:C))", "modified": "2018-11-10T00:00:00", "published": "2010-05-26T00:00:00", "id": "SUSE_11_1_KRB5-100521.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=46728", "title": "openSUSE Security Update : krb5 (openSUSE-SU-2010:0292-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update krb5-2443.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46728);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:58\");\n\n script_cve_id(\"CVE-2010-1321\");\n\n script_name(english:\"openSUSE Security Update : krb5 (openSUSE-SU-2010:0292-1)\");\n script_summary(english:\"Check for the krb5-2443 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a denial-of-service vulnerability in kadmind. A\nremote attack can send a malformed GSS-API token that triggers a NULL\npointer dereference. (CVE-2010-1321: CVSS v2 Base Score: 6.8 (MEDIUM)\n(AV:N/AC:L/Au:S/C:N/I:N/A:C))\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=596826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-05/msg00027.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected krb5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-apps-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-apps-servers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-plugin-kdb-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-plugin-preauth-pkinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"krb5-1.6.3-132.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"krb5-apps-clients-1.6.3-132.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"krb5-apps-servers-1.6.3-132.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"krb5-client-1.6.3-132.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"krb5-devel-1.6.3-132.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"krb5-plugin-kdb-ldap-1.6.3-132.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"krb5-plugin-preauth-pkinit-1.6.3-132.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"krb5-server-1.6.3-132.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"krb5-32bit-1.6.3-132.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"krb5-devel-32bit-1.6.3-132.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:11:26", "bulletinFamily": "scanner", "description": "This update fixes a denial-of-service vulnerability in kadmind. A\nremote attack can send a malformed GSS-API token that triggers a NULL\npointer dereference. (CVE-2010-1321: CVSS v2 Base Score: 6.8 (MEDIUM)\n(AV:N/AC:L/Au:S/C:N/I:N/A:C))", "modified": "2013-10-25T00:00:00", "published": "2010-12-02T00:00:00", "id": "SUSE_11_KRB5-100520.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=50927", "title": "SuSE 11 Security Update : krb5 (SAT Patch Number 2437)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(50927);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2013/10/25 23:46:55 $\");\n\n script_cve_id(\"CVE-2010-1321\");\n\n script_name(english:\"SuSE 11 Security Update : krb5 (SAT Patch Number 2437)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a denial-of-service vulnerability in kadmind. A\nremote attack can send a malformed GSS-API token that triggers a NULL\npointer dereference. (CVE-2010-1321: CVSS v2 Base Score: 6.8 (MEDIUM)\n(AV:N/AC:L/Au:S/C:N/I:N/A:C))\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=596826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1321.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 2437.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:krb5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:krb5-apps-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:krb5-apps-servers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:krb5-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"krb5-1.6.3-133.33.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"krb5-client-1.6.3-133.33.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"krb5-1.6.3-133.33.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"krb5-32bit-1.6.3-133.33.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"krb5-client-1.6.3-133.33.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"krb5-1.6.3-133.33.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"krb5-apps-clients-1.6.3-133.33.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"krb5-apps-servers-1.6.3-133.33.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"krb5-client-1.6.3-133.33.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"krb5-server-1.6.3-133.33.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"krb5-32bit-1.6.3-133.33.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"krb5-32bit-1.6.3-133.33.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:10:37", "bulletinFamily": "scanner", "description": "Updated krb5 packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 3, 4, and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nKerberos is a network authentication system which allows clients and\nservers to authenticate to each other using symmetric encryption and a\ntrusted third party, the Key Distribution Center (KDC).\n\nA NULL pointer dereference flaw was discovered in the MIT Kerberos\nGeneric Security Service Application Program Interface (GSS-API)\nlibrary. A remote, authenticated attacker could use this flaw to crash\nany server application using the GSS-API authentication mechanism, by\nsending a specially crafted GSS-API token with a missing checksum\nfield. (CVE-2010-1321)\n\nRed Hat would like to thank the MIT Kerberos Team for responsibly\nreporting this issue. Upstream acknowledges Shawn Emery of Oracle as\nthe original reporter.\n\nAll krb5 users should upgrade to these updated packages, which contain\na backported patch to correct this issue. All running services using\nthe MIT Kerberos libraries must be restarted for the update to take\neffect.", "modified": "2018-11-28T00:00:00", "published": "2010-05-19T00:00:00", "id": "REDHAT-RHSA-2010-0423.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=46665", "title": "RHEL 3 / 4 / 5 : krb5 (RHSA-2010:0423)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0423. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46665);\n script_version (\"1.24\");\n script_cvs_date(\"Date: 2018/11/28 11:42:04\");\n\n script_cve_id(\"CVE-2010-1321\");\n script_bugtraq_id(40235);\n script_xref(name:\"RHSA\", value:\"2010:0423\");\n\n script_name(english:\"RHEL 3 / 4 / 5 : krb5 (RHSA-2010:0423)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated krb5 packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 3, 4, and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nKerberos is a network authentication system which allows clients and\nservers to authenticate to each other using symmetric encryption and a\ntrusted third party, the Key Distribution Center (KDC).\n\nA NULL pointer dereference flaw was discovered in the MIT Kerberos\nGeneric Security Service Application Program Interface (GSS-API)\nlibrary. A remote, authenticated attacker could use this flaw to crash\nany server application using the GSS-API authentication mechanism, by\nsending a specially crafted GSS-API token with a missing checksum\nfield. (CVE-2010-1321)\n\nRed Hat would like to thank the MIT Kerberos Team for responsibly\nreporting this issue. Upstream acknowledges Shawn Emery of Oracle as\nthe original reporter.\n\nAll krb5 users should upgrade to these updated packages, which contain\na backported patch to correct this issue. All running services using\nthe MIT Kerberos libraries must be restarted for the update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1321\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2010-005.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2010:0423\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:krb5-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0423\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"krb5-devel-1.2.7-72\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"krb5-libs-1.2.7-72\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"krb5-server-1.2.7-72\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"krb5-workstation-1.2.7-72\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"krb5-devel-1.3.4-62.el4_8.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"krb5-libs-1.3.4-62.el4_8.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"krb5-server-1.3.4-62.el4_8.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"krb5-workstation-1.3.4-62.el4_8.2\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", reference:\"krb5-devel-1.6.1-36.el5_5.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"krb5-libs-1.6.1-36.el5_5.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"krb5-server-1.6.1-36.el5_5.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"krb5-server-1.6.1-36.el5_5.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"krb5-server-1.6.1-36.el5_5.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"krb5-workstation-1.6.1-36.el5_5.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"krb5-workstation-1.6.1-36.el5_5.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"krb5-workstation-1.6.1-36.el5_5.4\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5-devel / krb5-libs / krb5-server / krb5-workstation\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-12-15T11:57:56", "bulletinFamily": "scanner", "description": "Check for the Version of rpm", "modified": "2017-12-15T00:00:00", "published": "2010-04-30T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=831009", "id": "OPENVAS:831009", "title": "Mandriva Update for rpm MDVA-2010:130 (rpm)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for rpm MDVA-2010:130 (rpm)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rpm on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64\";\ntag_insight = \"This update fixes an issue with rpm filetriggers : when several\n file triggers are ran in parallel and try to read from stdin, a pipe\n filedescriptor leak leads to a deadlock and rpm freezing.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-04/msg00042.php\");\n script_id(831009);\n script_version(\"$Revision: 8130 $\");\n script_cve_id(\"CVE-2010-1321\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-15 07:31:09 +0100 (Fri, 15 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-30 14:39:22 +0200 (Fri, 30 Apr 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_xref(name: \"MDVA\", value: \"2010:130\");\n script_name(\"Mandriva Update for rpm MDVA-2010:130 (rpm)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"librpm4.6\", rpm:\"librpm4.6~4.6.0~6.1.1mnb2\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm-devel\", rpm:\"librpm-devel~4.6.0~6.1.1mnb2\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-rpm\", rpm:\"python-rpm~4.6.0~6.1.1mnb2\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.6.0~6.1.1mnb2\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.6.0~6.1.1mnb2\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm4.6\", rpm:\"lib64rpm4.6~4.6.0~6.1.1mnb2\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm-devel\", rpm:\"lib64rpm-devel~4.6.0~6.1.1mnb2\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-28T18:25:14", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2010-0423", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310122358", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122358", "title": "Oracle Linux Local Check: ELSA-2010-0423", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-0423.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122358\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:17:29 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-0423\");\n script_tag(name:\"insight\", value:\"ELSA-2010-0423 - krb5 security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-0423\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-0423.html\");\n script_cve_id(\"CVE-2010-1321\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.1~36.el5_5.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"krb5-libs\", rpm:\"krb5-libs~1.6.1~36.el5_5.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.1~36.el5_5.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.6.1~36.el5_5.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-01-11T11:04:17", "bulletinFamily": "scanner", "description": "Check for the Version of krb5-devel", "modified": "2018-01-10T00:00:00", "published": "2010-05-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880401", "id": "OPENVAS:1361412562310880401", "title": "CentOS Update for krb5-devel CESA-2010:0423 centos3 i386", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for krb5-devel CESA-2010:0423 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Kerberos is a network authentication system which allows clients and\n servers to authenticate to each other using symmetric encryption and a\n trusted third party, the Key Distribution Center (KDC).\n\n A NULL pointer dereference flaw was discovered in the MIT Kerberos Generic\n Security Service Application Program Interface (GSS-API) library. A remote,\n authenticated attacker could use this flaw to crash any server application\n using the GSS-API authentication mechanism, by sending a specially-crafted\n GSS-API token with a missing checksum field. (CVE-2010-1321)\n \n Red Hat would like to thank the MIT Kerberos Team for responsibly reporting\n this issue. Upstream acknowledges Shawn Emery of Oracle as the original\n reporter.\n \n All krb5 users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. All running services using the MIT\n Kerberos libraries must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"krb5-devel on CentOS 3\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-May/016639.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880401\");\n script_version(\"$Revision: 8356 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 09:00:39 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-28 10:00:59 +0200 (Fri, 28 May 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2010:0423\");\n script_cve_id(\"CVE-2010-1321\");\n script_name(\"CentOS Update for krb5-devel CESA-2010:0423 centos3 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of krb5-devel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.2.7~72\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-libs\", rpm:\"krb5-libs~1.2.7~72\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.2.7~72\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.2.7~72\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.2.7~72\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-01-18T11:05:04", "bulletinFamily": "scanner", "description": "Check for the Version of krb5-devel", "modified": "2018-01-17T00:00:00", "published": "2010-05-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880400", "id": "OPENVAS:1361412562310880400", "title": "CentOS Update for krb5-devel CESA-2010:0423 centos4 i386", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for krb5-devel CESA-2010:0423 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Kerberos is a network authentication system which allows clients and\n servers to authenticate to each other using symmetric encryption and a\n trusted third party, the Key Distribution Center (KDC).\n\n A NULL pointer dereference flaw was discovered in the MIT Kerberos Generic\n Security Service Application Program Interface (GSS-API) library. A remote,\n authenticated attacker could use this flaw to crash any server application\n using the GSS-API authentication mechanism, by sending a specially-crafted\n GSS-API token with a missing checksum field. (CVE-2010-1321)\n \n Red Hat would like to thank the MIT Kerberos Team for responsibly reporting\n this issue. Upstream acknowledges Shawn Emery of Oracle as the original\n reporter.\n \n All krb5 users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. All running services using the MIT\n Kerberos libraries must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"krb5-devel on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-May/016643.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880400\");\n script_version(\"$Revision: 8440 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 08:58:46 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-28 10:00:59 +0200 (Fri, 28 May 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2010:0423\");\n script_cve_id(\"CVE-2010-1321\");\n script_name(\"CentOS Update for krb5-devel CESA-2010:0423 centos4 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of krb5-devel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.3.4~62.el4_8.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-libs\", rpm:\"krb5-libs~1.3.4~62.el4_8.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.3.4~62.el4_8.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.3.4~62.el4_8.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.3.4~62.el4_8.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-12-20T13:18:39", "bulletinFamily": "scanner", "description": "Check for the Version of heimdal", "modified": "2017-12-19T00:00:00", "published": "2010-07-12T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=831108", "id": "OPENVAS:831108", "title": "Mandriva Update for heimdal MDVSA-2010:130 (heimdal)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for heimdal MDVSA-2010:130 (heimdal)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in heimdal:\n\n Certain invalid GSS-API tokens can cause a GSS-API acceptor (server)\n to crash due to a null pointer dereference in the GSS-API library\n (CVE-2010-1321).\n \n The updated packages have been patched to correct this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"heimdal on Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-07/msg00008.php\");\n script_id(831108);\n script_version(\"$Revision: 8164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 07:30:41 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-12 11:56:20 +0200 (Mon, 12 Jul 2010)\");\n script_xref(name: \"MDVSA\", value: \"2010:130\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_cve_id(\"CVE-2010-1321\");\n script_name(\"Mandriva Update for heimdal MDVSA-2010:130 (heimdal)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of heimdal\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"heimdal-daemons\", rpm:\"heimdal-daemons~1.2~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"heimdal-devel\", rpm:\"heimdal-devel~1.2~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"heimdal-devel-doc\", rpm:\"heimdal-devel-doc~1.2~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"heimdal-ftp\", rpm:\"heimdal-ftp~1.2~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"heimdal-ftpd\", rpm:\"heimdal-ftpd~1.2~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"heimdal-libs\", rpm:\"heimdal-libs~1.2~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"heimdal-login\", rpm:\"heimdal-login~1.2~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"heimdal-rsh\", rpm:\"heimdal-rsh~1.2~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"heimdal-rshd\", rpm:\"heimdal-rshd~1.2~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"heimdal-server\", rpm:\"heimdal-server~1.2~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"heimdal-telnet\", rpm:\"heimdal-telnet~1.2~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"heimdal-telnetd\", rpm:\"heimdal-telnetd~1.2~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"heimdal-workstation\", rpm:\"heimdal-workstation~1.2~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"heimdal\", rpm:\"heimdal~1.2~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-12-14T11:48:57", "bulletinFamily": "scanner", "description": "Check for the Version of krb5", "modified": "2017-12-13T00:00:00", "published": "2010-05-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=870268", "id": "OPENVAS:870268", "title": "RedHat Update for krb5 RHSA-2010:0423-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for krb5 RHSA-2010:0423-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Kerberos is a network authentication system which allows clients and\n servers to authenticate to each other using symmetric encryption and a\n trusted third party, the Key Distribution Center (KDC).\n\n A NULL pointer dereference flaw was discovered in the MIT Kerberos Generic\n Security Service Application Program Interface (GSS-API) library. A remote,\n authenticated attacker could use this flaw to crash any server application\n using the GSS-API authentication mechanism, by sending a specially-crafted\n GSS-API token with a missing checksum field. (CVE-2010-1321)\n \n Red Hat would like to thank the MIT Kerberos Team for responsibly reporting\n this issue. Upstream acknowledges Shawn Emery of Oracle as the original\n reporter.\n \n All krb5 users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. All running services using the MIT\n Kerberos libraries must be restarted for the update to take effect.\";\n\ntag_affected = \"krb5 on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 3,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-May/msg00008.html\");\n script_id(870268);\n script_version(\"$Revision: 8092 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-13 07:31:16 +0100 (Wed, 13 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-28 10:00:59 +0200 (Fri, 28 May 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2010:0423-01\");\n script_cve_id(\"CVE-2010-1321\");\n script_name(\"RedHat Update for krb5 RHSA-2010:0423-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of krb5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5-debuginfo\", rpm:\"krb5-debuginfo~1.6.1~36.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.1~36.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-libs\", rpm:\"krb5-libs~1.6.1~36.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.1~36.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.6.1~36.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5-debuginfo\", rpm:\"krb5-debuginfo~1.3.4~62.el4_8.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.3.4~62.el4_8.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-libs\", rpm:\"krb5-libs~1.3.4~62.el4_8.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.3.4~62.el4_8.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.3.4~62.el4_8.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5-debuginfo\", rpm:\"krb5-debuginfo~1.2.7~72\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.2.7~72\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-libs\", rpm:\"krb5-libs~1.2.7~72\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.2.7~72\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.2.7~72\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-12-21T11:33:02", "bulletinFamily": "scanner", "description": "Check for the Version of krb5-devel", "modified": "2017-12-20T00:00:00", "published": "2010-05-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=880400", "id": "OPENVAS:880400", "title": "CentOS Update for krb5-devel CESA-2010:0423 centos4 i386", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for krb5-devel CESA-2010:0423 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Kerberos is a network authentication system which allows clients and\n servers to authenticate to each other using symmetric encryption and a\n trusted third party, the Key Distribution Center (KDC).\n\n A NULL pointer dereference flaw was discovered in the MIT Kerberos Generic\n Security Service Application Program Interface (GSS-API) library. A remote,\n authenticated attacker could use this flaw to crash any server application\n using the GSS-API authentication mechanism, by sending a specially-crafted\n GSS-API token with a missing checksum field. (CVE-2010-1321)\n \n Red Hat would like to thank the MIT Kerberos Team for responsibly reporting\n this issue. Upstream acknowledges Shawn Emery of Oracle as the original\n reporter.\n \n All krb5 users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. All running services using the MIT\n Kerberos libraries must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"krb5-devel on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-May/016643.html\");\n script_id(880400);\n script_version(\"$Revision: 8186 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 07:30:34 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-28 10:00:59 +0200 (Fri, 28 May 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2010:0423\");\n script_cve_id(\"CVE-2010-1321\");\n script_name(\"CentOS Update for krb5-devel CESA-2010:0423 centos4 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of krb5-devel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.3.4~62.el4_8.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-libs\", rpm:\"krb5-libs~1.3.4~62.el4_8.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.3.4~62.el4_8.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.3.4~62.el4_8.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.3.4~62.el4_8.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-12-18T10:57:58", "bulletinFamily": "scanner", "description": "Check for the Version of krb5-devel", "modified": "2017-12-18T00:00:00", "published": "2010-05-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=880401", "id": "OPENVAS:880401", "title": "CentOS Update for krb5-devel CESA-2010:0423 centos3 i386", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for krb5-devel CESA-2010:0423 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Kerberos is a network authentication system which allows clients and\n servers to authenticate to each other using symmetric encryption and a\n trusted third party, the Key Distribution Center (KDC).\n\n A NULL pointer dereference flaw was discovered in the MIT Kerberos Generic\n Security Service Application Program Interface (GSS-API) library. A remote,\n authenticated attacker could use this flaw to crash any server application\n using the GSS-API authentication mechanism, by sending a specially-crafted\n GSS-API token with a missing checksum field. (CVE-2010-1321)\n \n Red Hat would like to thank the MIT Kerberos Team for responsibly reporting\n this issue. Upstream acknowledges Shawn Emery of Oracle as the original\n reporter.\n \n All krb5 users should upgrade to these updated packages, which contain a\n backported patch to correct this issue. All running services using the MIT\n Kerberos libraries must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"krb5-devel on CentOS 3\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-May/016639.html\");\n script_id(880401);\n script_version(\"$Revision: 8153 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-28 10:00:59 +0200 (Fri, 28 May 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2010:0423\");\n script_cve_id(\"CVE-2010-1321\");\n script_name(\"CentOS Update for krb5-devel CESA-2010:0423 centos3 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of krb5-devel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.2.7~72\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-libs\", rpm:\"krb5-libs~1.2.7~72\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.2.7~72\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5-workstation\", rpm:\"krb5-workstation~1.2.7~72\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.2.7~72\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:36", "bulletinFamily": "scanner", "description": "Check for the Version of rootcerts", "modified": "2017-12-25T00:00:00", "published": "2010-03-22T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830948", "id": "OPENVAS:1361412562310830948", "title": "Mandriva Update for rootcerts MDVA-2010:100 (rootcerts)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for rootcerts MDVA-2010:100 (rootcerts)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Adobe Flash plugin has https support, but only searches for SSL\n certificates in /etc/ssl/certs. This advisory provides a compatibility\n symlink at /etc/ssl/certs pointing to /etc/pki/tls/certs to remedy\n this problem.\n\n Additionally this advisory also brings the latest root CA certs\n from the mozilla cvs dated 2010-02-16. The mozilla nss library has\n consequently been rebuilt to pickup these changes and are also being\n provided.\n \n Packages for 2008.0 are provided for Corporate Desktop 2008.0\n customers.\";\n\ntag_affected = \"rootcerts on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-03/msg00026.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830948\");\n script_version(\"$Revision: 8244 $\");\n script_cve_id(\"CVE-2010-1321\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-25 08:29:28 +0100 (Mon, 25 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-22 11:34:53 +0100 (Mon, 22 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_xref(name: \"MDVA\", value: \"2010:100\");\n script_name(\"Mandriva Update for rootcerts MDVA-2010:100 (rootcerts)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rootcerts\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libnss3\", rpm:\"libnss3~3.12.3.1~0.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-devel\", rpm:\"libnss-devel~3.12.3.1~0.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-static-devel\", rpm:\"libnss-static-devel~3.12.3.1~0.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.3.1~0.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rootcerts\", rpm:\"rootcerts~20100216.01~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss3\", rpm:\"lib64nss3~3.12.3.1~0.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-devel\", rpm:\"lib64nss-devel~3.12.3.1~0.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-static-devel\", rpm:\"lib64nss-static-devel~3.12.3.1~0.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libnss3\", rpm:\"libnss3~3.12.3.1~0.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-devel\", rpm:\"libnss-devel~3.12.3.1~0.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-static-devel\", rpm:\"libnss-static-devel~3.12.3.1~0.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.3.1~0.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rootcerts\", rpm:\"rootcerts~20100216.01~1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rootcerts-java\", rpm:\"rootcerts-java~20100216.01~1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss3\", rpm:\"lib64nss3~3.12.3.1~0.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-devel\", rpm:\"lib64nss-devel~3.12.3.1~0.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-static-devel\", rpm:\"lib64nss-static-devel~3.12.3.1~0.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libnss3\", rpm:\"libnss3~3.12.4~2.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-devel\", rpm:\"libnss-devel~3.12.4~2.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-static-devel\", rpm:\"libnss-static-devel~3.12.4~2.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.4~2.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rootcerts\", rpm:\"rootcerts~20100216.01~1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rootcerts-java\", rpm:\"rootcerts-java~20100216.01~1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss3\", rpm:\"lib64nss3~3.12.4~2.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-devel\", rpm:\"lib64nss-devel~3.12.4~2.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-static-devel\", rpm:\"lib64nss-static-devel~3.12.4~2.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libnss3\", rpm:\"libnss3~3.12.3.1~0.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-devel\", rpm:\"libnss-devel~3.12.3.1~0.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-static-devel\", rpm:\"libnss-static-devel~3.12.3.1~0.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.3.1~0.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rootcerts\", rpm:\"rootcerts~20100216.01~1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rootcerts-java\", rpm:\"rootcerts-java~20100216.01~1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss3\", rpm:\"lib64nss3~3.12.3.1~0.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-devel\", rpm:\"lib64nss-devel~3.12.3.1~0.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-static-devel\", rpm:\"lib64nss-static-devel~3.12.3.1~0.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libnss3\", rpm:\"libnss3~3.12.3.1~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-devel\", rpm:\"libnss-devel~3.12.3.1~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libnss-static-devel\", rpm:\"libnss-static-devel~3.12.3.1~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.3.1~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rootcerts\", rpm:\"rootcerts~20100216.01~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rootcerts-java\", rpm:\"rootcerts-java~20100216.01~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss3\", rpm:\"lib64nss3~3.12.3.1~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-devel\", rpm:\"lib64nss-devel~3.12.3.1~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64nss-static-devel\", rpm:\"lib64nss-static-devel~3.12.3.1~0.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-01-06T13:04:58", "bulletinFamily": "scanner", "description": "Check for the Version of rpm", "modified": "2018-01-04T00:00:00", "published": "2010-04-30T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831009", "id": "OPENVAS:1361412562310831009", "title": "Mandriva Update for rpm MDVA-2010:130 (rpm)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for rpm MDVA-2010:130 (rpm)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"rpm on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64\";\ntag_insight = \"This update fixes an issue with rpm filetriggers : when several\n file triggers are ran in parallel and try to read from stdin, a pipe\n filedescriptor leak leads to a deadlock and rpm freezing.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-04/msg00042.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831009\");\n script_version(\"$Revision: 8287 $\");\n script_cve_id(\"CVE-2010-1321\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 08:28:11 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-30 14:39:22 +0200 (Fri, 30 Apr 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_xref(name: \"MDVA\", value: \"2010:130\");\n script_name(\"Mandriva Update for rpm MDVA-2010:130 (rpm)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rpm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"librpm4.6\", rpm:\"librpm4.6~4.6.0~6.1.1mnb2\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"librpm-devel\", rpm:\"librpm-devel~4.6.0~6.1.1mnb2\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-rpm\", rpm:\"python-rpm~4.6.0~6.1.1mnb2\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm\", rpm:\"rpm~4.6.0~6.1.1mnb2\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rpm-build\", rpm:\"rpm-build~4.6.0~6.1.1mnb2\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm4.6\", rpm:\"lib64rpm4.6~4.6.0~6.1.1mnb2\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64rpm-devel\", rpm:\"lib64rpm-devel~4.6.0~6.1.1mnb2\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-12T14:44:56", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2010:0423\n\n\nKerberos is a network authentication system which allows clients and\nservers to authenticate to each other using symmetric encryption and a\ntrusted third party, the Key Distribution Center (KDC).\n\nA NULL pointer dereference flaw was discovered in the MIT Kerberos Generic\nSecurity Service Application Program Interface (GSS-API) library. A remote,\nauthenticated attacker could use this flaw to crash any server application\nusing the GSS-API authentication mechanism, by sending a specially-crafted\nGSS-API token with a missing checksum field. (CVE-2010-1321)\n\nRed Hat would like to thank the MIT Kerberos Team for responsibly reporting\nthis issue. Upstream acknowledges Shawn Emery of Oracle as the original\nreporter.\n\nAll krb5 users should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. All running services using the MIT\nKerberos libraries must be restarted for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-June/016711.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-June/016712.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-May/016639.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-May/016641.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-May/016643.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-May/016644.html\n\n**Affected packages:**\nkrb5\nkrb5-devel\nkrb5-libs\nkrb5-server\nkrb5-workstation\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0423.html", "modified": "2010-06-01T13:20:58", "published": "2010-05-21T23:00:31", "href": "http://lists.centos.org/pipermail/centos-announce/2010-May/016639.html", "id": "CESA-2010:0423", "title": "krb5 security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T18:11:25", "bulletinFamily": "exploit", "description": "BUGTRAQ ID: 40235\r\nCVE ID: CVE-2010-1321\r\n\r\nKerberos\u662f\u4e00\u6b3e\u5e7f\u6cdb\u4f7f\u7528\u7684\u4f7f\u7528\u5f3a\u58ee\u7684\u52a0\u5bc6\u6765\u9a8c\u8bc1\u5ba2\u6237\u7aef\u548c\u670d\u52a1\u5668\u7aef\u7684\u7f51\u7edc\u534f\u8bae\u3002MIT Kerberos 5\u662f\u4e00\u79cd\u5e38\u7528\u7684\u5f00\u6e90Kerberos\u5b9e\u73b0\u3002\r\n\r\nMIT Kerberos\u7684GSS-API\u5e93\u4e2d\u5b58\u5728\u7a7a\u6307\u9488\u5f15\u7528\u9519\u8bef\uff0c\u901a\u8fc7\u8ba4\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u53d1\u9001\u7f3a\u5c11\u6821\u9a8c\u548c\u5b57\u6bb5\u7684\u7279\u5236GSS-API\u4ee4\u724c\u6765\u5229\u7528\u8fd9\u4e2a\u6f0f\u6d1e\uff0c\u5bfc\u81f4\u4f7f\u7528GSS-API\u8ba4\u8bc1\u673a\u5236\u7684\u670d\u52a1\u5668\u5e94\u7528\u5d29\u6e83\u3002\n\nMIT Kerberos 5 1.8\r\nMIT Kerberos 5 1.7\r\nMIT Kerberos 5 1.6\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMIT\r\n---\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://web.mit.edu/kerberos/advisories/2010-005-patch.txt\r\nhttp://web.mit.edu/kerberos/advisories/2010-005-patch.txt.asc\r\nhttp://web.mit.edu/kerberos/advisories/2010-005-patch_r16.txt\r\nhttp://web.mit.edu/kerberos/advisories/2010-005-patch_r16.txt.asc\r\n\r\nRedHat\r\n------\r\nRedHat\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08RHSA-2010:0423-01\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nRHSA-2010:0423-01\uff1aImportant: krb5 security update\r\n\u94fe\u63a5\uff1ahttps://www.redhat.com/support/errata/RHSA-2010-0423.html", "modified": "2010-05-20T00:00:00", "published": "2010-05-20T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-19661", "id": "SSV:19661", "type": "seebug", "title": "MIT Kerberos GSS-API\u6821\u9a8c\u548c\u7a7a\u6307\u9488\u5f15\u7528\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-11-19T18:00:40", "bulletinFamily": "exploit", "description": "CVE ID: CVE-2005-4268,CVE-2010-0624,CVE-2007-4476,CVE-2010-2063,CVE-2010-1321,CVE-2010-1168,CVE-2010-1447,CVE-2008-5302,CVE-2008-5303\r\n\r\nVMware ESX Server\u662f\u4e3a\u9002\u7528\u4e8e\u4efb\u4f55\u7cfb\u7edf\u73af\u5883\u7684\u4f01\u4e1a\u7ea7\u865a\u62df\u8ba1\u7b97\u673a\u8f6f\u4ef6\u3002\r\n\r\nESX Console OS (COS)\u5728cpio\u3001tar\u3001perl\u3001krb5\u3001samba\u7b49\u5e94\u7528\u7684\u5b9e\u73b0\u4e0a\u5b58\u5728\u591a\u4e2a\u6f0f\u6d1e\uff0c\u5176\u4e2d\u6700\u4e25\u91cd\u7684\u6f0f\u6d1e\u53ef\u9020\u6210\u670d\u52a1\u5668\u62d2\u7edd\u670d\u52a1\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\n0\nVMWare ESX Server\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nVMWare\r\n------\r\nVMWare\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08VMSA-2010-0013\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\n\r\nVMSA-2010-0013\uff1aVMware ESX third party updates for Service Console\r\n\r\n\u94fe\u63a5\uff1ahttp://www.vmware.com/security/advisories/VMSA-2010-0013.html", "modified": "2012-01-13T00:00:00", "published": "2012-01-13T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-30015", "id": "SSV:30015", "title": "VMware ESX Service Console\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e", "type": "seebug", "sourceData": "", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": ""}], "debian": [{"lastseen": "2018-10-16T22:13:33", "bulletinFamily": "unix", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2052-1 security@debian.org\nhttp://www.debian.org/security/ Sebastien Delafond\nMay 24, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : krb5\nVulnerability : null pointer dereference\nProblem type : remote\nDebian-specific: no\nCVE Id : CVE-2010-1321\nDebian Bug : 582261\n\nShawn Emery discovered that in MIT Kerberos 5 (krb5), a system for\nauthenticating users and services on a network, a null pointer\ndereference flaw in the Generic Security Service Application Program\nInterface (GSS-API) library could allow an authenticated remote attacker\nto crash any server application using the GSS-API authentication\nmechanism, by sending a specially-crafted GSS-API token with a missing\nchecksum field.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.6.dfsg.4~beta1-5lenny4.\n\nFor the testing distribution (squeeze), this problem has been fixed in\nversion 1.8.1+dfsg-3.\n\nFor the testing distribution (sid), this problem has been fixed in\nversion 1.8.1+dfsg-3.\n\nWe recommend that you upgrade your krb5 packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.6.dfsg.4~beta1-5lenny4.diff.gz\n Size/MD5 checksum: 848699 4e016d8242b7648424be814a39616645\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.6.dfsg.4~beta1-5lenny4.dsc\n Size/MD5 checksum: 1537 2ffe877c62a1e84a71bf40ca09b00891\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz\n Size/MD5 checksum: 11647547 08d6ce311204803acbe878ef0bb23c71\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5lenny4_all.deb\n Size/MD5 checksum: 2148970 487480f9dd90a66ea45b30a46bd469fb\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 93212 39af1e2e97e56cc49e144c1510714fc1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 72460 230a24dd8ce8cd44189e30a2e3ab673a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 83604 dc98d768332fecb7450291ac613919ad\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 98844 e79c997e74ed8b37d88083ef44bf4019\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 1351506 52aba27137ac8375581ebe2a8fe0c9a9\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 219044 9278116dedac51494b2476b7713c8953\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 255506 302e849c061c362ab54cc15e37a5ec1c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 112606 509d66ed7c568e29ea9f0648d12ff335\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 148342 0ec171235494b9d04cfccce4ff1722da\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 69824 9e74ac0a6dce328f0e0eed2d2f1f3edf\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 538210 7a0d1c002a2ca3dbf57fcd8b39e72c5c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 98750 4fe06b7cab12ac33c81b577d16d2e9e1\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 180172 4ddaa9248aca121f6ea580bdff323277\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 93582 0b074640128865b73ac0cfa727bd1a43\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 68556 577791b743c31dc3ea86ef40a96d0d65\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 93382 0721c7634225f750b4cfd702b951f852\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 94502 4ce752f3cb116e862ea10a08baa73db8\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 145160 8ab460824d9017091cacde79fff0e644\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 108572 1738b16ba0f67dc7f0f9c6f006fc3e57\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 169816 1f2f7323645080fb7dd5a337ca90da16\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 519994 98d9b8a92a289a30e269cb9847a123a3\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 239468 867c83a3b26cd166b975caa5f080c77d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 1474888 8a42a73cff994ade51fe75666cb867df\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 200300 7c44902fe3ad77dde57264663a3f7535\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 77280 f2b9cc226ef8318722fd1aa6965e9099\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 68896 bfa0f1bf01cf8adb34a832376a7bad6a\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 449542 e26f1271b5a6d4fd822563453541f032\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 87202 76a36749e0b212475e3d6c562432becf\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 60698 d4e83be4c55bb14ea06cbb763f12462d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 187654 d57b991af78e21a04c4090e765f359a5\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 145600 88903a2f1ea3bf4a580908692f752913\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 1283024 990fa17a4da96850eaa8907cb3aa8397\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 65434 fd5f83cb74915051266a5bd5a1738e21\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 91402 ce20660a96c7700992f3792fadfb0566\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 135690 fd76c99d195c623908446350618afb33\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 69470 215c7998c8de8b09a2f3d26779663020\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 102186 341482aa78f99232bd14531cf57735ca\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 206206 9f50eeccaed3d33a9214d9d87e709de4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 86512 8135ee2b46987f4f7ea707af5a7875ff\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 87076 372c33468b720d246ca36e7b61c154a7\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 93068 d68156e41d37cec07a8e64ec08f6028d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 65450 385a9740ba2fe20648c3a834b0310e34\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 145366 e99083494cc1494d59b4b4cf141d093f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 86116 bf2a72789926134fc4eeb89615954443\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 1288708 c3c592958cdd1ffdaccda5b8bbf343a2\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 218258 81ad0682ef1ab2311f8ed6736e545e1e\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 448498 e3ab5ace866d2a3948c5e33966722ea0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 134404 38f1dfa0465277de8ed1e98eb901583e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 185358 a8f50124594abfd7e7ba83eaaf3f2c36\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 61790 f3521e52210635fda13e5e0f6806cd68\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 101364 87d79e960b2c1c2267fec3d80404a844\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 70120 b24fdf40a1e45f3a0a5c390c501cceb5\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 110256 7a0e099e4df1e5538009f8d2980bb211\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 76664 b65044812a89fd809d59c11ec7e76975\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 512530 ea1b175794a782804039abc0750e14c2\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 93316 ab33e5fcc6b8fc68cf59dc7ac0c6de6d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 201054 623826158367e6ed57626e692a6ae3cc\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 235054 7367be979c4f47bc6acac777e99cee69\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 1305074 fa524477c36cf3aae07325dfd14db9e0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 94146 28a7d6ae3b09825a894b9b32076e33d4\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 171182 939c2119d73828dbe2a199c25cac2e99\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 70016 c9ad1cc45a7184334a6216eb56942d3f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 69726 a96fb3160b14f0d55e12d283643e0428\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 93336 798d842b4c440cc1f22e804c9912f0a7\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 144310 dd0afd227f55042e63c1a914b4a5ca2d\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 88454 7186c78417fb60a7a8acdc418a3fcc8e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 64502 bdfd92dc17be3d02470849b4a46f8705\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 481808 f4074ef22e1f63cf68c5a965cc43b990\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 65386 0bdb0ff63d378dc2440fcc4b9b0dacd4\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 92870 7aae3d6acfce7b3ef4de07c19d1aad45\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 1414414 dd5e5502ce8f2d86cbf68f4719d728b1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 87698 f5dba4e65b806b1de0eb8ef9821e9602\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 137744 fa62b651f071289b8c87dbe7865e139a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 71042 abbe828a9ba5ec06d2f1b61b4fc50efd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 102994 6afbe94e41d7d55903e6c328f20f452b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 210534 ea7cdea03cbcf819226b80bdfa4e7060\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 153962 3b161fd0378a669be653e50c61a8d134\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 186418 94a2b2dc164ccc899f8248b8fa175683\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 113838 01f186d25339ffb0e1d5162a827e7b8f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 85386 16ea097492f8bd574e80477d9115272d\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 219716 91a9649fb877c3c1fe28ba381e9a55c1\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 701114 5f1e74c784249cd2157c84f2a7d94d89\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 118638 7e7450767a2581538503e71bdd1d8ae4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 177480 84c49199f6ee36d0acb32fe2bbb5b1ed\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 97706 b5554b19b8588dcb9adcb6820a722114\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 139162 cc1175def1bc5559f59ac620ebcf8218\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 312416 6e275e5386accdf25237e01ce022b7bd\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 1282636 8a25f588d16cae4938dbfed698cfc3ff\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 85882 6a09af2965189a4759378241755c7ca2\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 270844 c458456fe17a078052194a9cc5605da3\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 92848 7fdb48db81983ec4169d05d534d56219\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 151748 48fb28cdb4feeb842599571906ff0b7b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 194450 1577866e411bb4c244177f66fb240a2e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 90002 70345bfc51fc27eb12f34d7cb3bedcc5\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 92450 48b6b04e1f79b9c02703767f5f3231cf\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 93668 2acb01762d0b25cce885fe06f4082d78\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 236374 0b8e11e7010941f471d7b13cf6c0eb85\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 1382466 7a4353e0463d2c364956ba099c82cc24\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 69294 f007d1a2eaa794d6c1037363c75221df\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 139236 0cbd24d57c077cdaf9620cc0aa8ba054\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 65132 438ac391455bbc0405f6451cd9e7eb2b\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 456832 f708f79cb21084654673620bcbeae54d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 103068 32a6c0030ccea62ea27f98854e7d2c76\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 77150 88195e252a1a2a74807f2fff886ab3cc\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 193440 c28746918899936ddbc5f5d89dd2c117\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 102288 d7abd4f75026deac1a55b36f211e855b\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 1354690 b851f3babbc4359a36ce3199899e15a6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 141442 87e2e2b912900fa2dc80f6fa895acf7d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 76434 f501eff8469d313db66cf3ea1fa5401c\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 94190 637136f0a21de7affc9c8ca6f508e0c2\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 152746 5f8884b88f2963f9885d0d18bbf466d9\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 68522 1c934761be456c0d71e61cd282db2487\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 235658 3b364dd168c33d2e224029e1798dbc67\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 457922 0e397594c786e222b080d71d25d3ea36\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 89320 962167b6de8bd365188f724821be5ee1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 63876 3f03696029e516ac1e482d4ace6ee553\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 92104 25df1ca7a7534d920e79455f41e4e02b\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 93258 d854ff0481a1e4ff6a17ad4354d032bc\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 164640 03bd148a0899e28e12a8420e4a5aaf83\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 1348796 16e6a4502b3e9b22898da1373a2d3cbc\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 100020 0913b2df67fd0f347e88e565b3066377\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 111908 662b98380c74d126ae9c089e74d84802\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 78164 4e9b5407516a57affe2f0a4096d9fe41\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 161298 5a19913b59e323e9700e94bd73f53523\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 248554 e664745761b9ba64850051c6dadede84\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 67704 66439f1c93eabb9d2daf63fa04a346fb\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 501578 2a1d5c1a2e6adfe66174dd0d183f7343\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 102396 09dd55f2807f3e5fd0b5e0413b3fe0ac\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 208492 bfb325cfea5aaf448772dff05867bd2d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 71230 346d3a771c81f788c2d85a2359ad9bb0\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 92856 17716c17d7957a4066e5d4f6b766fb27\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 200102 eeaeb77a3cbb388a724dd3623852b0bf\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 237688 b1a0b0373b97fe6580103aa5b5cae6cd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 145086 a15686272b082010a9cdbd2233657d4e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 108612 cfbf5bfd995e596fa5738fc3b4c564d0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 77302 2f255497d836974b3ce4178b6bf9bccd\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 170446 f75169a7e3d3e0256eb25c6e6542f0bd\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 1366320 650b47c0d083d3c2c7116b1bd15e22d4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 70566 959d5cf402f1927587a98823383de5aa\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 68910 20fb2737d238a5f47a210a1a7024209a\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 516642 57699247e05d7ecbc131fc57a8a3d918\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 92970 a16bfbcc6ea3a3afc8dc1eea31f0827e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 97212 ac1b930c3f27b39675c10e4ca5e88141\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 88630 4da545b4e43151e10a5c7114d1231628\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 138120 35e723216b441c3340448f65a4d22441\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 71576 e918ead74aa652b81659196624d36b8c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 65642 9f9603ba8a02a06a254b5bdfa5806ecf\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 93712 008338efb220b8c99059811ac6f7cf0d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 87590 efb1ed25e884c956ef41f3daeff24b6a\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 435552 53381a864e03c939c38172824d5bb38c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 100868 8c212dd0f6ef4c030dcac83bd57d41ff\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 61522 7778edecb7760a460d1e976c92091417\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 1213226 a5223c560cb1713eca65453f5dc78e94\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 146310 5cf17f1ef7fd72f03c2d5040e8d063e6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 182232 2a22f2a9c7634659969bcd279b1c3030\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 210204 6003ce1cbcc71e6d178877b9db7535a1\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "modified": "2010-05-24T19:50:03", "published": "2010-05-24T19:50:03", "id": "DEBIAN:DSA-2052-1:D6841", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2010/msg00095.html", "title": "[SECURITY] [DSA 2052-1] New krb5 packages fix denial of service", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-10-16T22:13:09", "bulletinFamily": "unix", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2052-1 security@debian.org\nhttp://www.debian.org/security/ Sebastien Delafond\nMay 24, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : krb5\nVulnerability : null pointer dereference\nProblem type : remote\nDebian-specific: no\nCVE Id : CVE-2010-1321\nDebian Bug : 582261\n\nShawn Emery discovered that in MIT Kerberos 5 (krb5), a system for\nauthenticating users and services on a network, a null pointer\ndereference flaw in the Generic Security Service Application Program\nInterface (GSS-API) library could allow an authenticated remote attacker\nto crash any server application using the GSS-API authentication\nmechanism, by sending a specially-crafted GSS-API token with a missing\nchecksum field.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.6.dfsg.4~beta1-5lenny4.\n\nFor the testing distribution (squeeze), this problem has been fixed in\nversion 1.8.1+dfsg-3.\n\nFor the testing distribution (sid), this problem has been fixed in\nversion 1.8.1+dfsg-3.\n\nWe recommend that you upgrade your krb5 packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.6.dfsg.4~beta1-5lenny4.diff.gz\n Size/MD5 checksum: 848699 4e016d8242b7648424be814a39616645\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.6.dfsg.4~beta1-5lenny4.dsc\n Size/MD5 checksum: 1537 2ffe877c62a1e84a71bf40ca09b00891\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz\n Size/MD5 checksum: 11647547 08d6ce311204803acbe878ef0bb23c71\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5lenny4_all.deb\n Size/MD5 checksum: 2148970 487480f9dd90a66ea45b30a46bd469fb\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 93212 39af1e2e97e56cc49e144c1510714fc1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 72460 230a24dd8ce8cd44189e30a2e3ab673a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 83604 dc98d768332fecb7450291ac613919ad\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 98844 e79c997e74ed8b37d88083ef44bf4019\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 1351506 52aba27137ac8375581ebe2a8fe0c9a9\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 219044 9278116dedac51494b2476b7713c8953\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 255506 302e849c061c362ab54cc15e37a5ec1c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 112606 509d66ed7c568e29ea9f0648d12ff335\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 148342 0ec171235494b9d04cfccce4ff1722da\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 69824 9e74ac0a6dce328f0e0eed2d2f1f3edf\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 538210 7a0d1c002a2ca3dbf57fcd8b39e72c5c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 98750 4fe06b7cab12ac33c81b577d16d2e9e1\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_alpha.deb\n Size/MD5 checksum: 180172 4ddaa9248aca121f6ea580bdff323277\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 93582 0b074640128865b73ac0cfa727bd1a43\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 68556 577791b743c31dc3ea86ef40a96d0d65\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 93382 0721c7634225f750b4cfd702b951f852\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 94502 4ce752f3cb116e862ea10a08baa73db8\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 145160 8ab460824d9017091cacde79fff0e644\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 108572 1738b16ba0f67dc7f0f9c6f006fc3e57\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 169816 1f2f7323645080fb7dd5a337ca90da16\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 519994 98d9b8a92a289a30e269cb9847a123a3\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 239468 867c83a3b26cd166b975caa5f080c77d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 1474888 8a42a73cff994ade51fe75666cb867df\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 200300 7c44902fe3ad77dde57264663a3f7535\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 77280 f2b9cc226ef8318722fd1aa6965e9099\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_amd64.deb\n Size/MD5 checksum: 68896 bfa0f1bf01cf8adb34a832376a7bad6a\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 449542 e26f1271b5a6d4fd822563453541f032\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 87202 76a36749e0b212475e3d6c562432becf\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 60698 d4e83be4c55bb14ea06cbb763f12462d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 187654 d57b991af78e21a04c4090e765f359a5\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 145600 88903a2f1ea3bf4a580908692f752913\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 1283024 990fa17a4da96850eaa8907cb3aa8397\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 65434 fd5f83cb74915051266a5bd5a1738e21\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 91402 ce20660a96c7700992f3792fadfb0566\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 135690 fd76c99d195c623908446350618afb33\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 69470 215c7998c8de8b09a2f3d26779663020\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 102186 341482aa78f99232bd14531cf57735ca\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 206206 9f50eeccaed3d33a9214d9d87e709de4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_arm.deb\n Size/MD5 checksum: 86512 8135ee2b46987f4f7ea707af5a7875ff\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 87076 372c33468b720d246ca36e7b61c154a7\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 93068 d68156e41d37cec07a8e64ec08f6028d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 65450 385a9740ba2fe20648c3a834b0310e34\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 145366 e99083494cc1494d59b4b4cf141d093f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 86116 bf2a72789926134fc4eeb89615954443\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 1288708 c3c592958cdd1ffdaccda5b8bbf343a2\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 218258 81ad0682ef1ab2311f8ed6736e545e1e\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 448498 e3ab5ace866d2a3948c5e33966722ea0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 134404 38f1dfa0465277de8ed1e98eb901583e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 185358 a8f50124594abfd7e7ba83eaaf3f2c36\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 61790 f3521e52210635fda13e5e0f6806cd68\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 101364 87d79e960b2c1c2267fec3d80404a844\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_armel.deb\n Size/MD5 checksum: 70120 b24fdf40a1e45f3a0a5c390c501cceb5\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 110256 7a0e099e4df1e5538009f8d2980bb211\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 76664 b65044812a89fd809d59c11ec7e76975\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 512530 ea1b175794a782804039abc0750e14c2\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 93316 ab33e5fcc6b8fc68cf59dc7ac0c6de6d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 201054 623826158367e6ed57626e692a6ae3cc\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 235054 7367be979c4f47bc6acac777e99cee69\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 1305074 fa524477c36cf3aae07325dfd14db9e0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 94146 28a7d6ae3b09825a894b9b32076e33d4\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 171182 939c2119d73828dbe2a199c25cac2e99\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 70016 c9ad1cc45a7184334a6216eb56942d3f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 69726 a96fb3160b14f0d55e12d283643e0428\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 93336 798d842b4c440cc1f22e804c9912f0a7\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_hppa.deb\n Size/MD5 checksum: 144310 dd0afd227f55042e63c1a914b4a5ca2d\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 88454 7186c78417fb60a7a8acdc418a3fcc8e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 64502 bdfd92dc17be3d02470849b4a46f8705\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 481808 f4074ef22e1f63cf68c5a965cc43b990\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 65386 0bdb0ff63d378dc2440fcc4b9b0dacd4\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 92870 7aae3d6acfce7b3ef4de07c19d1aad45\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 1414414 dd5e5502ce8f2d86cbf68f4719d728b1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 87698 f5dba4e65b806b1de0eb8ef9821e9602\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 137744 fa62b651f071289b8c87dbe7865e139a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 71042 abbe828a9ba5ec06d2f1b61b4fc50efd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 102994 6afbe94e41d7d55903e6c328f20f452b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 210534 ea7cdea03cbcf819226b80bdfa4e7060\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 153962 3b161fd0378a669be653e50c61a8d134\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_i386.deb\n Size/MD5 checksum: 186418 94a2b2dc164ccc899f8248b8fa175683\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 113838 01f186d25339ffb0e1d5162a827e7b8f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 85386 16ea097492f8bd574e80477d9115272d\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 219716 91a9649fb877c3c1fe28ba381e9a55c1\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 701114 5f1e74c784249cd2157c84f2a7d94d89\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 118638 7e7450767a2581538503e71bdd1d8ae4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 177480 84c49199f6ee36d0acb32fe2bbb5b1ed\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 97706 b5554b19b8588dcb9adcb6820a722114\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 139162 cc1175def1bc5559f59ac620ebcf8218\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 312416 6e275e5386accdf25237e01ce022b7bd\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 1282636 8a25f588d16cae4938dbfed698cfc3ff\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 85882 6a09af2965189a4759378241755c7ca2\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 270844 c458456fe17a078052194a9cc5605da3\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_ia64.deb\n Size/MD5 checksum: 92848 7fdb48db81983ec4169d05d534d56219\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 151748 48fb28cdb4feeb842599571906ff0b7b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 194450 1577866e411bb4c244177f66fb240a2e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 90002 70345bfc51fc27eb12f34d7cb3bedcc5\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 92450 48b6b04e1f79b9c02703767f5f3231cf\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 93668 2acb01762d0b25cce885fe06f4082d78\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 236374 0b8e11e7010941f471d7b13cf6c0eb85\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 1382466 7a4353e0463d2c364956ba099c82cc24\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 69294 f007d1a2eaa794d6c1037363c75221df\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 139236 0cbd24d57c077cdaf9620cc0aa8ba054\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 65132 438ac391455bbc0405f6451cd9e7eb2b\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 456832 f708f79cb21084654673620bcbeae54d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 103068 32a6c0030ccea62ea27f98854e7d2c76\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_mips.deb\n Size/MD5 checksum: 77150 88195e252a1a2a74807f2fff886ab3cc\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 193440 c28746918899936ddbc5f5d89dd2c117\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 102288 d7abd4f75026deac1a55b36f211e855b\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 1354690 b851f3babbc4359a36ce3199899e15a6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 141442 87e2e2b912900fa2dc80f6fa895acf7d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 76434 f501eff8469d313db66cf3ea1fa5401c\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 94190 637136f0a21de7affc9c8ca6f508e0c2\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 152746 5f8884b88f2963f9885d0d18bbf466d9\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 68522 1c934761be456c0d71e61cd282db2487\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 235658 3b364dd168c33d2e224029e1798dbc67\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 457922 0e397594c786e222b080d71d25d3ea36\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 89320 962167b6de8bd365188f724821be5ee1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 63876 3f03696029e516ac1e482d4ace6ee553\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_mipsel.deb\n Size/MD5 checksum: 92104 25df1ca7a7534d920e79455f41e4e02b\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 93258 d854ff0481a1e4ff6a17ad4354d032bc\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 164640 03bd148a0899e28e12a8420e4a5aaf83\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 1348796 16e6a4502b3e9b22898da1373a2d3cbc\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 100020 0913b2df67fd0f347e88e565b3066377\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 111908 662b98380c74d126ae9c089e74d84802\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 78164 4e9b5407516a57affe2f0a4096d9fe41\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 161298 5a19913b59e323e9700e94bd73f53523\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 248554 e664745761b9ba64850051c6dadede84\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 67704 66439f1c93eabb9d2daf63fa04a346fb\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 501578 2a1d5c1a2e6adfe66174dd0d183f7343\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 102396 09dd55f2807f3e5fd0b5e0413b3fe0ac\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 208492 bfb325cfea5aaf448772dff05867bd2d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_powerpc.deb\n Size/MD5 checksum: 71230 346d3a771c81f788c2d85a2359ad9bb0\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 92856 17716c17d7957a4066e5d4f6b766fb27\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 200102 eeaeb77a3cbb388a724dd3623852b0bf\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 237688 b1a0b0373b97fe6580103aa5b5cae6cd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 145086 a15686272b082010a9cdbd2233657d4e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 108612 cfbf5bfd995e596fa5738fc3b4c564d0\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 77302 2f255497d836974b3ce4178b6bf9bccd\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 170446 f75169a7e3d3e0256eb25c6e6542f0bd\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 1366320 650b47c0d083d3c2c7116b1bd15e22d4\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 70566 959d5cf402f1927587a98823383de5aa\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 68910 20fb2737d238a5f47a210a1a7024209a\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 516642 57699247e05d7ecbc131fc57a8a3d918\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 92970 a16bfbcc6ea3a3afc8dc1eea31f0827e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_s390.deb\n Size/MD5 checksum: 97212 ac1b930c3f27b39675c10e4ca5e88141\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 88630 4da545b4e43151e10a5c7114d1231628\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 138120 35e723216b441c3340448f65a4d22441\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 71576 e918ead74aa652b81659196624d36b8c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 65642 9f9603ba8a02a06a254b5bdfa5806ecf\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 93712 008338efb220b8c99059811ac6f7cf0d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 87590 efb1ed25e884c956ef41f3daeff24b6a\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 435552 53381a864e03c939c38172824d5bb38c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 100868 8c212dd0f6ef4c030dcac83bd57d41ff\n http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 61522 7778edecb7760a460d1e976c92091417\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 1213226 a5223c560cb1713eca65453f5dc78e94\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 146310 5cf17f1ef7fd72f03c2d5040e8d063e6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 182232 2a22f2a9c7634659969bcd279b1c3030\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny4_sparc.deb\n Size/MD5 checksum: 210204 6003ce1cbcc71e6d178877b9db7535a1\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "modified": "2010-05-24T19:48:51", "published": "2010-05-24T19:48:51", "id": "DEBIAN:DSA-2052-1:44A83", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2010/msg00094.html", "title": "[SECURITY] [DSA 2052-1] New krb5 packages fix denial of service", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-12-11T17:43:56", "bulletinFamily": "unix", "description": "Kerberos is a network authentication system which allows clients and\nservers to authenticate to each other using symmetric encryption and a\ntrusted third party, the Key Distribution Center (KDC).\n\nA NULL pointer dereference flaw was discovered in the MIT Kerberos Generic\nSecurity Service Application Program Interface (GSS-API) library. A remote,\nauthenticated attacker could use this flaw to crash any server application\nusing the GSS-API authentication mechanism, by sending a specially-crafted\nGSS-API token with a missing checksum field. (CVE-2010-1321)\n\nRed Hat would like to thank the MIT Kerberos Team for responsibly reporting\nthis issue. Upstream acknowledges Shawn Emery of Oracle as the original\nreporter.\n\nAll krb5 users should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. All running services using the MIT\nKerberos libraries must be restarted for the update to take effect.\n", "modified": "2018-05-26T04:26:17", "published": "2010-05-18T04:00:00", "id": "RHSA-2010:0423", "href": "https://access.redhat.com/errata/RHSA-2010:0423", "type": "redhat", "title": "(RHSA-2010:0423) Important: krb5 security update", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:42:03", "bulletinFamily": "unix", "description": "The IBM 1.4.2 SR13-FP8 Java release includes the IBM Java 2 Runtime\nEnvironment and the IBM Java 2 Software Development Kit.\n\nThis update fixes two vulnerabilities in the IBM Java 2 Runtime Environment\nand the IBM Java 2 Software Development Kit. Detailed vulnerability\ndescriptions are linked from the IBM \"Security alerts\" page, listed in the\nReferences section. (CVE-2010-1321, CVE-2010-3574)\n\nNote: The RHSA-2010:0935 java-1.4.2-ibm update did not, unlike the erratum\ntext stated, provide fixes for the above issues.\n\nAll users of java-1.4.2-ibm are advised to upgrade to these updated\npackages, which contain the IBM 1.4.2 SR13-FP8 Java release. All running\ninstances of IBM Java must be restarted for this update to take effect.\n", "modified": "2017-09-08T11:54:31", "published": "2011-01-17T05:00:00", "id": "RHSA-2011:0152", "href": "https://access.redhat.com/errata/RHSA-2011:0152", "type": "redhat", "title": "(RHSA-2011:0152) Moderate: java-1.4.2-ibm security update", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:41:35", "bulletinFamily": "unix", "description": "The IBM 1.4.2 SR13-FP7 Java release includes the IBM Java 2 Runtime\nEnvironment and the IBM Java 2 Software Development Kit.\n\nThis update fixes two vulnerabilities in the IBM Java 2 Runtime Environment\nand the IBM Java 2 Software Development Kit. Detailed vulnerability\ndescriptions are linked from the IBM \"Security alerts\" page, listed in the\nReferences section. (CVE-2010-1321, CVE-2010-3574)\n\nAll users of java-1.4.2-ibm are advised to upgrade to these updated\npackages, which contain the IBM 1.4.2 SR13-FP7 Java release. All running\ninstances of IBM Java must be restarted for this update to take effect.\n", "modified": "2017-09-08T12:09:37", "published": "2010-12-01T05:00:00", "id": "RHSA-2010:0935", "href": "https://access.redhat.com/errata/RHSA-2010:0935", "type": "redhat", "title": "(RHSA-2010:0935) Moderate: java-1.4.2-ibm security update", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T19:43:14", "bulletinFamily": "unix", "description": "The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and\nthe IBM Java 2 Software Development Kit.\n\nThis update fixes several vulnerabilities in the IBM Java 2 Runtime\nEnvironment and the IBM Java 2 Software Development Kit. Detailed\nvulnerability descriptions are linked from the IBM \"Security alerts\" page,\nlisted in the References section. (CVE-2010-1321, CVE-2010-3541,\nCVE-2010-3548, CVE-2010-3549, CVE-2010-3550, CVE-2010-3551, CVE-2010-3556,\nCVE-2010-3559, CVE-2010-3562, CVE-2010-3565, CVE-2010-3566, CVE-2010-3568,\nCVE-2010-3569, CVE-2010-3572, CVE-2010-3573, CVE-2010-3574)\n\nAll users of java-1.5.0-ibm are advised to upgrade to these updated\npackages, containing the IBM 1.5.0 SR12-FP2 Java release. All running\ninstances of IBM Java must be restarted for this update to take effect.\n", "modified": "2018-06-07T09:04:24", "published": "2010-11-10T05:00:00", "id": "RHSA-2010:0873", "href": "https://access.redhat.com/errata/RHSA-2010:0873", "type": "redhat", "title": "(RHSA-2010:0873) Critical: java-1.5.0-ibm security update", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:42:09", "bulletinFamily": "unix", "description": "The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and\nthe IBM Java 2 Software Development Kit.\n\nThis update fixes several vulnerabilities in the IBM Java 2 Runtime\nEnvironment and the IBM Java 2 Software Development Kit. Detailed\nvulnerability descriptions are linked from the IBM \"Security alerts\" page,\nlisted in the References section. (CVE-2010-1321, CVE-2010-3541,\nCVE-2010-3548, CVE-2010-3549, CVE-2010-3550, CVE-2010-3551, CVE-2010-3556,\nCVE-2010-3559, CVE-2010-3562, CVE-2010-3565, CVE-2010-3566, CVE-2010-3568,\nCVE-2010-3569, CVE-2010-3572, CVE-2010-3573, CVE-2010-3574)\n\nThe RHSA-2010:0130 update mitigated a man-in-the-middle attack in the way\nthe TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols\nhandle session renegotiation by disabling renegotiation. This update\nimplements the TLS Renegotiation Indication Extension as defined in RFC\n5746, allowing secure renegotiation between updated clients and servers.\n(CVE-2009-3555)\n\nAll users of java-1.5.0-ibm are advised to upgrade to these updated\npackages, containing the IBM 1.5.0 SR12-FP2 Java release. All running\ninstances of IBM Java must be restarted for this update to take effect.\n", "modified": "2017-09-08T11:54:13", "published": "2010-10-27T04:00:00", "id": "RHSA-2010:0807", "href": "https://access.redhat.com/errata/RHSA-2010:0807", "type": "redhat", "title": "(RHSA-2010:0807) Critical: java-1.5.0-ibm security update", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T19:42:02", "bulletinFamily": "unix", "description": "The IBM 1.6.0 Java release includes the IBM Java 2 Runtime Environment and\nthe IBM Java 2 Software Development Kit.\n\nThis update fixes several vulnerabilities in the IBM Java 2 Runtime\nEnvironment. Detailed vulnerability descriptions are linked from the IBM\n\"Security alerts\" page, listed in the References section. (CVE-2009-3555,\nCVE-2010-1321, CVE-2010-3541, CVE-2010-3548, CVE-2010-3549, CVE-2010-3550,\nCVE-2010-3551, CVE-2010-3553, CVE-2010-3555, CVE-2010-3556, CVE-2010-3557,\nCVE-2010-3558, CVE-2010-3560, CVE-2010-3562, CVE-2010-3563, CVE-2010-3565,\nCVE-2010-3566, CVE-2010-3568, CVE-2010-3569, CVE-2010-3571, CVE-2010-3572,\nCVE-2010-3573, CVE-2010-3574)\n\nThis update also fixes the following bugs:\n\n* An error in the java-1.6.0-ibm RPM spec file caused an incorrect path to\nbe included in HtmlConverter, preventing it from running. (BZ#659716)\n\n* On AMD64 and Intel 64 systems, if only the 64-bit java-1.6.0-ibm packages\nwere installed, IBM Java 6 Web Start was not available as an application\nthat could open JNLP (Java Network Launching Protocol) files. This affected\nfile management and web browser tools. Users had to manually open them with\nthe \"/usr/lib/jvm/jre-1.6.0-ibm.x86_64/bin/javaws\" command. This update\nresolves this issue. (BZ#633341)\n\nAll users of java-1.6.0-ibm are advised to upgrade to these updated\npackages, containing the IBM 1.6.0 SR9 Java release. All running instances\nof IBM Java must be restarted for the update to take effect.\n", "modified": "2018-06-07T09:04:22", "published": "2010-12-15T05:00:00", "id": "RHSA-2010:0987", "href": "https://access.redhat.com/errata/RHSA-2010:0987", "type": "redhat", "title": "(RHSA-2010:0987) Critical: java-1.6.0-ibm security and bug fix update", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:48:46", "bulletinFamily": "unix", "description": "[1.6.1-36.el5_5.4]\n- add candidate patch to correct KDC null pointer dereference which\n could be triggered by malformed client requests (CVE-2010-1321, #583703)\n[1.6.1-36.el5_5.3]\n- add upstream patch to fix a few use-after-free bugs, including one in\n kadmind (CVE-2010-0629, #578185)", "modified": "2010-05-18T00:00:00", "published": "2010-05-18T00:00:00", "id": "ELSA-2010-0423", "href": "http://linux.oracle.com/errata/ELSA-2010-0423.html", "title": "krb5 security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:09:33", "bulletinFamily": "unix", "description": "USN-940-1 fixed vulnerabilities in Kerberos. This update provides the corresponding updates for Ubuntu 10.04.\n\nOriginal advisory details:\n\nJoel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos did not correctly verify certain packet structures. An unauthenticated remote attacker could send specially crafted traffic to cause the KDC or kadmind services to crash, leading to a denial of service. (CVE-2010-1320, CVE-2010-1321)", "modified": "2010-07-21T00:00:00", "published": "2010-07-21T00:00:00", "id": "USN-940-2", "href": "https://usn.ubuntu.com/940-2/", "title": "Kerberos vulnerability", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:45", "bulletinFamily": "unix", "description": "It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service. (Only Ubuntu 6.06 LTS was affected.) (CVE-2007-5902, CVE-2007-5971, CVE-2007-5972)\n\nJoel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos did not correctly verify certain packet structures. An unauthenticated remote attacker could send specially crafted traffic to cause the KDC or kadmind services to crash, leading to a denial of service. (CVE-2010-1320, CVE-2010-1321)", "modified": "2010-05-19T00:00:00", "published": "2010-05-19T00:00:00", "id": "USN-940-1", "href": "https://usn.ubuntu.com/940-1/", "title": "Kerberos vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T11:51:43", "bulletinFamily": "unix", "description": "This update of krb5 fixes several security issues.\n\n * CVE-2011-4862: A remote code execution in the\n kerberized telnet daemon was fixed. (This only affects the\n ktelnetd from the krb5-appl RPM, not the regular telnetd\n supplied by SUSE.)\n * CVE-2011-1526 / MITKRB5-SA-2011-005: Fixed krb5 ftpd\n unauthorized file access problems.\n * CVE-2010-1323 / MITKRB5-SA-2010-007: Fixed multiple\n checksum handling vulnerabilities, where: o krb5 clients\n might have accepted unkeyed SAM-2 challenge checksums o\n krb5 might have accepted KRB-SAFE checksums with\n low-entropy derived keys\n * CVE-2010-1321, MITKRB5-SA-2010-005: Fixed GSS-API\n library null pointer dereference\n", "modified": "2012-01-05T12:08:23", "published": "2012-01-05T12:08:23", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00026.html", "id": "SUSE-SU-2012:0010-1", "title": "Security update for krb5 (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:29:41", "bulletinFamily": "unix", "description": "This update of krb5 fixes several security issues.\n\n * CVE-2011-4862: A remote code execution in the\n kerberized telnet daemon was fixed. (This only affects the\n ktelnetd from the krb5-appl RPM, not the regular telnetd\n supplied by SUSE.)\n * CVE-2011-1526 / MITKRB5-SA-2011-005: Fixed krb5 ftpd\n unauthorized file access problems.\n * CVE-2010-1323 / MITKRB5-SA-2010-007: Fixed multiple\n checksum handling vulnerabilities, where: o krb5 clients\n might have accepted unkeyed SAM-2 challenge checksums o\n krb5 might have accepted KRB-SAFE checksums with\n low-entropy derived keys\n * CVE-2010-1321, MITKRB5-SA-2010-005: Fixed GSS-API\n library null pointer dereference\n", "modified": "2012-01-05T12:35:50", "published": "2012-01-05T12:35:50", "id": "SUSE-SU-2012:0042-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00034.html", "type": "suse", "title": "Security update for krb5 (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:32:47", "bulletinFamily": "unix", "description": "IBM Java 6 was updated to SR9 FP1 was updated to fix a critical security bug in float number handling and also contains other security bugfixes.\n#### Solution\nThere is no known workaround, please install the update packages.", "modified": "2011-03-22T13:32:34", "published": "2011-03-22T13:32:34", "id": "SUSE-SA:2011:014", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-03/msg00003.html", "title": "remote code execution in java-1_6_0-ibm,java-1_5_0-ibm,java-1_4_2-ibm", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "vmware": [{"lastseen": "2018-09-02T02:40:36", "bulletinFamily": "unix", "description": "a. Service Console update for cpio \n \nThe service console package cpio is updated to version 2.5-6.RHEL3 for ESX 3.x versions and updated to version 2.6-23.el5_4.1 for ESX 4.x versions. \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-4268 and CVE-2010-0624 to the issues addressed in the update for ESX 3.x and the names CVE-2007-4476 and CVE-2010-0624 to the issues addressed in the update for ESX 4.x. \nColumn 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. \n\n", "modified": "2011-02-14T00:00:00", "published": "2010-08-31T00:00:00", "id": "VMSA-2010-0013", "href": "https://www.vmware.com/security/advisories/VMSA-2010-0013.html", "title": "VMware ESX third party updates for Service Console", "type": "vmware", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T02:40:36", "bulletinFamily": "unix", "description": "a. Service Console OS update for COS kernel \nThis patch updates the service console kernel to fix multiple security issues. \n \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-0415, CVE-2010-0307, CVE-2010-0291, CVE-2010-0622, CVE-2010-1087, CVE-2010-1437, and CVE-2010-1088 to these issues. \n \nColumn 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. \n\n", "modified": "2011-01-04T00:00:00", "published": "2010-11-15T00:00:00", "id": "VMSA-2010-0016", "href": "https://www.vmware.com/security/advisories/VMSA-2010-0016.html", "title": "VMware ESXi and ESX third party updates for Service Console and Likewise components", "type": "vmware", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}