Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SA:2008:016
HistoryMar 19, 2008 - 10:19 a.m.

remote code execution in krb5

2008-03-1910:19:46
lists.opensuse.org
14

0.385 Low

EPSS

Percentile

96.9%

JSON

The krb5 package is the implementation of the Kerberos protocol suite from MIT. This update fixes three vulnerabilities, two of them are only possible if krb4 support is enabled: - CVE-2008-0062: null/dangling pointer (krb4) - CVE-2008-0063: operations on uninitialized buffer content, possible information leak (krb4) - CVE-2008-0947/8: out-of-bound array access in kadmind’s RPC lib

Solution

Please install the new packages.

OSVersionArchitecturePackageVersionFilename
SUSE Linux Enterprise Server10.1x86_64krb5-devel< 1.4.3-19.30.6krb5-devel-1.4.3-19.30.6.x86_64.rpm
SUSE Linux Enterprise Server10.1i586krb5-server< 1.4.3-19.30.6krb5-server-1.4.3-19.30.6.i586.rpm
SUSE Linux Enterprise Server10.1i586krb5-apps-clients< 1.4.3-19.30.6krb5-apps-clients-1.4.3-19.30.6.i586.rpm
SUSE Linux Enterprise Software Development Kit10.1ia64krb5-apps-clients< 1.4.3-19.30.6krb5-apps-clients-1.4.3-19.30.6.ia64.rpm
openSUSE10.1x86_64krb5-apps-clients< 1.4.3-19.30.6krb5-apps-clients-1.4.3-19.30.6.x86_64.rpm
openSUSE10.3i586krb5-client< 1.6.2-22.4krb5-client-1.6.2-22.4.i586.rpm
openSUSE10.1x86_64krb5-server< 1.4.3-19.30.6krb5-server-1.4.3-19.30.6.x86_64.rpm
openSUSE10.1ppckrb5-client< 1.4.3-19.30.6krb5-client-1.4.3-19.30.6.ppc.rpm
openSUSE10.2x86_64krb5-devel< 1.5.1-23.14krb5-devel-1.5.1-23.14.x86_64.rpm
openSUSE10.1ppckrb5-apps-servers< 1.4.3-19.30.6krb5-apps-servers-1.4.3-19.30.6.ppc.rpm
Rows per page:
1-10 of 1121

Related

openvas 34
nessus 22
securityvulns 4
redhat 4
centos 4
oraclelinux 3
debian 2
ubuntu 1
osv 1
cert 2
seebug 1
fedora 2
gentoo 1
debiancve 4
ubuntucve 4
veracode 1
cve 4
prion 4
vmware 2
openvas
openvas
SuSE Update for krb5 SUSE-SA:2008:016
2009-01-23 00:00:00
MIT Kerberos5 < 1.6.4 Multiple Vulnerabilities
2008-06-17 00:00:00
Kerberos < 1.6.4 vulnerability
2008-06-17 00:00:00
nessus
nessus
CentOS 3 : krb5 (CESA-2008:0181)
2008-03-19 00:00:00
RHEL 2.1 / 3 : krb5 (RHSA-2008:0181)
2008-03-19 00:00:00
SuSE 10 Security Update : Kerberos 5 (ZYPP Patch Number 5082)
2008-03-19 00:00:00
securityvulns
securityvulns
MIT Kerberos multiple security vulnerabilities
2008-03-19 00:00:00
MITKRB5-SA-2008-002: array overrun in RPC library used by kadmin
2008-03-19 00:00:00
MITKRB5-SA-2008-001: double-free, uninitialized data vulnerabilities in krb5kdc
2008-03-19 00:00:00
redhat
redhat
(RHSA-2008:0181) Critical: krb5 security update
2008-03-18 00:00:00
(RHSA-2008:0182) Critical: krb5 security update
2008-03-18 00:00:00
(RHSA-2008:0164) Critical: krb5 security and bugfix update
2008-03-18 00:00:00
centos
centos
krb5 security update
2008-03-18 22:49:36
krb5 security update
2008-03-18 20:48:28
krb5 security update
2008-03-19 00:46:42
oraclelinux
oraclelinux
Critical: krb5 security update
2008-03-18 00:00:00
Critical: krb5 security and bugfix update
2008-03-18 00:00:00
Critical: krb5 security update
2008-03-18 00:00:00
debian
debian
[SECURITY] [DSA 1524-1] New krb5 packages fix multiple vulnerabilities
2008-03-18 19:11:14
[SECURITY] [DSA 1524-1] New krb5 packages fix multiple vulnerabilities
2008-03-18 19:11:14
ubuntu
ubuntu
Kerberos vulnerabilities
2008-03-19 00:00:00
osv
osv
krb5 - multiple vulnerabilities
2008-03-18 00:00:00
cert
cert
MIT Kerberos contains array overrun in RPC library used by kadmind
2008-03-18 00:00:00
MIT Kerberos krb4-enabled KDC contains multiple vulnerabilities
2008-03-19 00:00:00
seebug
seebug
MIT Kerberos 5 KDC多个内存破坏信息泄露漏洞
2008-03-20 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: krb5-1.6.2-14.fc8
2008-03-21 22:21:37
[SECURITY] Fedora 7 Update: krb5-1.6.1-9.fc7
2008-03-21 22:18:10
gentoo
gentoo
MIT Kerberos 5: Multiple vulnerabilities
2008-03-24 00:00:00
debiancve
debiancve
CVE-2008-0948
2008-03-19 00:44:00
CVE-2008-0947
2008-03-19 00:44:00
CVE-2008-0063
2008-03-19 10:44:00
ubuntucve
ubuntucve
CVE-2008-0948
2008-03-19 00:00:00
CVE-2008-0947
2008-03-19 00:00:00
CVE-2008-0063
2008-03-19 00:00:00
veracode
veracode
Buffer Overflow
2023-10-11 04:58:28
cve
cve
CVE-2008-0948
2008-03-19 00:44:00
CVE-2008-0947
2008-03-19 00:44:00
CVE-2008-0063
2008-03-19 10:44:00
prion
prion
Buffer overflow
2008-03-19 00:44:00
Buffer overflow
2008-03-19 00:44:00
Stack overflow
2008-03-19 10:44:00
vmware
vmware
Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues
2008-06-04 00:00:00
Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues
2008-06-04 00:00:00

0.385 Low

EPSS

Percentile

96.9%

JSON
Related for SUSE-SA:2008:016
openvas34nessus22securityvulns4redhat4centos4oraclelinux3debian2ubuntu1osv1cert2seebug1fedora2gentoo1debiancve4ubuntucve4veracode1cve4prion4vmware2