oval:org.mitre.oval:def:6387

Definition Id: oval:org.mitre.oval:def:6387

Oval ID:	oval:org.mitre.oval:def:6387
Title:	HP-UX Running Kerberos, Remote Denial of Service (DoS), Execution of Arbitrary Code
Description:	The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmetic.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-0847	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02421 HP Release B.11.23 AND filesets tests krb5client.KRB5-64SLIB-A version is less than D.1.6.2.01 AND krb5client.KRB5-64SLIB-A version is less than D.1.6.2.01 AND krb5client.KRB5-PRG-A version is less than D.1.6.2.01 AND krb5client.KRB5-RUN-A version is less than D.1.6.2.01 AND krb5client.KRB5-SHLIB-A version is less than D.1.6.2.01 AND krb5client.KRB5IA32SLIB-A version is less than D.1.6.2.01 AND krb5client.KRB5IA64SLIB-A version is less than D.1.6.2.01 OR Criteria meets HP Security Bulletin HPSBUX02421 HP Release B.11.11 AND filesets tests krb5client.KRB5-64SLIB-A version is less than C.1.3.5.09 AND krb5client.KRB5-PRG-A version is less than C.1.3.5.09 AND krb5client.KRB5-RUN-A version is less than C.1.3.5.09 AND krb5client.KRB5-SHLIB-A version is less than C.1.3.5.09 OR Criteria meets HP Security Bulletin HPSBUX02421 HP-UX B.11.31 AND filesets tests krb5client.KRB5-64SLIB-A version is less than E.1.6.2.03 AND krb5client.KRB5-PRG-A version is less than E.1.6.2.03 AND krb5client.KRB5-RUN-A version is less than E.1.6.2.03 AND krb5client.KRB5-SHLIB-A version is less than E.1.6.2.03 AND krb5client.KRB5IA32SLIB-A version is less than E.1.6.2.03 AND krb5client.KRB5IA64SLIB-A version is less than E.1.6.2.03

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0360s

Facebook rss twitter linkedin mail