Definition Id: oval:org.mitre.oval:def:27558
Oval ID: oval:org.mitre.oval:def:27558
Title: DEPRECATED: ELSA-2010-0258 -- pam_krb5 security and bug fix update (low)
Description: [2.2.14-15] - update backport for selecting which key to use for validation so that it prefers services with the local host name as the instance, from HEAD (more of #450776) [2.2.14-14] - backport the 'multiple_ccaches' option from HEAD, requiring that it be enabled to not immediately remove an old ccache when asked to create a new one (#463417) [2.2.14-13] - add patch to add the 'chpw_prompt' option, to allow the older behavior of attempting a password-change during authentication if libkrb5 detects an expired password, based on patch from Olivier Fourdan (#509092) [2.2.14-12] - dont vary the password prompt depending on whether or not the user exists or is known to the KDC (CVE-2009-1384, #505265) - prefer using the 'host' service when verifying that a TGT isnt forged, from HEAD (#450776) [2.2.14-11] - dont enforce minimum_uid when no_user_check is also used, from HEAD (#490404) - dont try to get password-changing creds with all of the flags set that we would request for a TGT (#489015)
Family: unix Class: patch
Reference(s): ELSA-2010-0258
Version: 4
Platform(s): Oracle Linux 5
Product(s): pam_krb5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15459
Oval ID: oval:org.mitre.oval:def:15459
Title: Oracle Linux 5.x
Description: The operating system installed on the system is Oracle Linux 5.x
Family: unix Class: inventory
Reference(s): cpe:/o:oracle:linux:5
Version: 7
Platform(s): Oracle Linux 5
Definition Synopsis:
Referenced By: