CVE-2002-1235
CVSS10.0
发布时间 :2002-11-04 00:00:00
修订时间 :2016-10-17 22:25:04
NMCOS    

[原文]The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack.


[CNNVD]Kerberos Administration Daemon远程缓冲区溢出漏洞(CNNVD-200211-012)

        
        Kerberos是一款广泛使用的使用强壮的加密来验证客户端和服务器端的网络协议。Kerberos administration daemon(一般成为kadmind)处理密码更改和其他修改Kerberos数据库请求。
        Kerberos 4 管理协议在读取来自网络请求的数据缺少充分的检查,远程攻击者可以利用这个漏洞进行缓冲区溢出攻击,以kadmind进程的权限(一般是root)在系统上执行任意指令。
        Kerberos 4 管理协议在读取网络请求数据,并作为参数提交给memcpy()调用时缺少正确的缓冲区边界检查,攻击者可以提交大量数据破坏堆栈中分配的缓冲区,精心构建提交数据可以覆盖堆栈返回地址以kadmind进)的权限(一般是root)在系统上执行任意指令。攻击者不需要任何验证信息就可以利用这个漏洞。
        Massachusetts Institute of Technology (MIT)和Kungl Tekniska H?gskolan (KTH) Kerberos实现代码都存在此漏洞,因此所有源自MIT和KTH代码的其他应用程序实现都存在此问题。在MIT Kerberos 5中,Kerberos 4管理守护程序在kadmind4中实现,在KTH Kerberos 4 (eBones)中,Kerberos管理守护程序由kadmind实现。KTH Kerberos 5 (Heimdal)也在kadmind中实现。
        根据报告,已经有利用代码出现,下面的链接包含了攻击特征信息:
        http://web.mit.edu/kerberos/www/advisories/2002-002-kadm4_attacksig.txt
        <*链接:http://www.cert.org/advisories/CA-2002-29.html
         ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NETBSD-SA2002-026.txt.asc
         http://www.debian.org/security/2002/dsa-184
        *>

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:kth:kth_kerberos_4:1.2.1
cpe:/a:kth:kth_kerberos_5:0.5.1
cpe:/a:mit:kerberos:5-1.2.6MIT Kerberos 5 1.2.6

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1235
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1235
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200211-012
(官方数据源) CNNVD

- 其它链接及资源

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-026.txt.asc
(UNKNOWN)  NETBSD  NetBSD-SA2002-026
http://archives.neohapsis.com/archives/bugtraq/2002-10/0399.html
(UNKNOWN)  BUGTRAQ  20021027 KRB5-SORCERER2002-10-27 Security Update
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000534
(UNKNOWN)  CONECTIVA  CLA-2002:534
http://marc.info/?l=bugtraq&m=103539530729206&w=2
(UNKNOWN)  BUGTRAQ  20021023 MITKRB5-SA-2002-002: Buffer overflow in kadmind4
http://marc.info/?l=bugtraq&m=103564944215101&w=2
(UNKNOWN)  BUGTRAQ  20021026 Updated: MITKRB5-SA-2002-002: Buffer overflow in kadmind4
http://marc.info/?l=bugtraq&m=103582517126392&w=2
(UNKNOWN)  BUGTRAQ  20021028 GLSA: krb5
http://marc.info/?l=bugtraq&m=103582805330339&w=2
(UNKNOWN)  BUGTRAQ  20021027 Re: Buffer overflow in kadmind4
http://web.mit.edu/kerberos/www/advisories/2002-002-kadm4_attacksig.txt
(UNKNOWN)  CONFIRM  http://web.mit.edu/kerberos/www/advisories/2002-002-kadm4_attacksig.txt
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2002-002-kadm4.txt
(UNKNOWN)  CONFIRM  http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2002-002-kadm4.txt
http://www.cert.org/advisories/CA-2002-29.html
(VENDOR_ADVISORY)  CERT  CA-2002-29
http://www.debian.org/security/2002/dsa-183
(UNKNOWN)  DEBIAN  DSA-183
http://www.debian.org/security/2002/dsa-184
(VENDOR_ADVISORY)  DEBIAN  DSA-184
http://www.debian.org/security/2002/dsa-185
(UNKNOWN)  DEBIAN  DSA-185
http://www.iss.net/security_center/static/10430.php
(VENDOR_ADVISORY)  XF  kerberos-kadmind-bo(10430)
http://www.kb.cert.org/vuls/id/875073
(UNKNOWN)  CERT-VN  VU#875073
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-073.php
(UNKNOWN)  MANDRAKE  MDKSA-2002:073
http://www.pdc.kth.se/heimdal/
(UNKNOWN)  CONFIRM  http://www.pdc.kth.se/heimdal/
http://www.redhat.com/support/errata/RHSA-2002-242.html
(UNKNOWN)  REDHAT  RHSA-2002:242
http://www.securityfocus.com/bid/6024
(VENDOR_ADVISORY)  BID  6024

- 漏洞信息

Kerberos Administration Daemon远程缓冲区溢出漏洞
危急 边界条件错误
2002-11-04 00:00:00 2006-09-27 00:00:00
远程  
        
        Kerberos是一款广泛使用的使用强壮的加密来验证客户端和服务器端的网络协议。Kerberos administration daemon(一般成为kadmind)处理密码更改和其他修改Kerberos数据库请求。
        Kerberos 4 管理协议在读取来自网络请求的数据缺少充分的检查,远程攻击者可以利用这个漏洞进行缓冲区溢出攻击,以kadmind进程的权限(一般是root)在系统上执行任意指令。
        Kerberos 4 管理协议在读取网络请求数据,并作为参数提交给memcpy()调用时缺少正确的缓冲区边界检查,攻击者可以提交大量数据破坏堆栈中分配的缓冲区,精心构建提交数据可以覆盖堆栈返回地址以kadmind进)的权限(一般是root)在系统上执行任意指令。攻击者不需要任何验证信息就可以利用这个漏洞。
        Massachusetts Institute of Technology (MIT)和Kungl Tekniska H?gskolan (KTH) Kerberos实现代码都存在此漏洞,因此所有源自MIT和KTH代码的其他应用程序实现都存在此问题。在MIT Kerberos 5中,Kerberos 4管理守护程序在kadmind4中实现,在KTH Kerberos 4 (eBones)中,Kerberos管理守护程序由kadmind实现。KTH Kerberos 5 (Heimdal)也在kadmind中实现。
        根据报告,已经有利用代码出现,下面的链接包含了攻击特征信息:
        http://web.mit.edu/kerberos/www/advisories/2002-002-kadm4_attacksig.txt
        <*链接:http://www.cert.org/advisories/CA-2002-29.html
         ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NETBSD-SA2002-026.txt.asc
         http://www.debian.org/security/2002/dsa-184
        *>

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 如果Kerberos 4管理协议不需要可以关闭此支持,在MIT Kerberos5中,这可以通过关闭kadmind4来实现。要在MIT Kerberos5编译阶段关闭所有Kerberos 4支持,请参看:
        
        http://web.mit.edu/kerberos/www/krb5-1.2/krb5-1.2.6/doc/install.html#SEC24

        在KTH Heimdal,需要重新编译kadmind关闭对Kerberos 4管理协议的支持,要在KTH Heimdal编译阶段关闭所有Kerberos 4支持,请参看:
        
        http://www.pdc.kth.se/heimdal/heimdal.html#Building%20and%20Installing

        * 使用访问控制阻止不信任网络访问Kerberos管理服务。默认Kerberos 4管理守护程序监听TCP/751和UDP/751,而erberos 5 管理守护程序监听749/tcp和749/udp口。
        厂商补丁:
        Conectiva
        ---------
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        
        http://distro.conectiva.com/atualizacoes/

        Debian
        ------
        Debian已经为此发布了一个安全公告(DSA-184-1)以及相应补丁:
        DSA-184-1:New krb4 packages fix buffer overflow
        链接:
        http://www.debian.org/security/2002/dsa-184

        补丁下载:
        Source archives:
        
        http://security.debian.org/pool/updates/main/k/krb4/krb4_1.0-2.2.dsc

        Size/MD5 checksum: 810 603ae125455b1ddb609e3c6ca094bb03
        
        http://security.debian.org/pool/updates/main/k/krb4/krb4_1.0-2.2.diff.gz

        Size/MD5 checksum: 13872 d2a852e791a81fb04924ae78a7dd1072
        
        http://security.debian.org/pool/updates/main/k/krb4/krb4_1.0.orig.tar.gz

        Size/MD5 checksum: 1383337 847d13e410778af000d9a42d3ad52d04
        Alpha architecture:
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.0-2.2_alpha.deb

        Size/MD5 checksum: 214422 40dbbc867b0c1dd2f75246f910408e7e
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.0-2.2_alpha.deb

        Size/MD5 checksum: 171488 2bbea4225ea5c1da1f73003cef4aa521
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.0-2.2_alpha.deb

        Size/MD5 checksum: 73862 597fd8b9d751c0cd9ccb6ed976cf9552
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-services_1.0-2.2_alpha.deb

        Size/MD5 checksum: 212946 86b36dac7bf52ddd056def1908bc4a3f
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-user_1.0-2.2_alpha.deb

        Size/MD5 checksum: 117776 fa937bcb2c48a0be22d79bf6eb74b6ef
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-x11_1.0-2.2_alpha.deb

        Size/MD5 checksum: 69812 0a1b63b714fd3e962dfe60186de5d0d6
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth1_1.0-2.2_alpha.deb

        Size/MD5 checksum: 235080 1737c89f0c9b3db1660aa2733f219141
        ARM architecture:
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.0-2.2_arm.deb

        Size/MD5 checksum: 166768 afb6035551df81b2cc3a7cf44871704a
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.0-2.2_arm.deb

        Size/MD5 checksum: 135256 021e9fc9bf3826657b82e641ac560d9e
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.0-2.2_arm.deb

        Size/MD5 checksum: 58974 cfc595302880e2037a7290ad389db4b5
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-services_1.0-2.2_arm.deb

        Size/MD5 checksum: 163204 38e6cbf9dbdcc70ad1b717538ed23608
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-user_1.0-2.2_arm.deb

        Size/MD5 checksum: 104468 852edb096d5565718a557c40e5e94cd5
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-x11_1.0-2.2_arm.deb

        Size/MD5 checksum: 55218 7b5cd2afa26faf657516232fe98dbe45
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth1_1.0-2.2_arm.deb

        Size/MD5 checksum: 212316 4de37802fc7dfe314864d2bbf670b4ab
        Intel IA-32 architecture:
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.0-2.2_i386.deb

        Size/MD5 checksum: 159672 97ecbfdc6e8244f2bf6e2a83829def29
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.0-2.2_i386.deb

        Size/MD5 checksum: 126022 b71a64833cba04b729ae61d767523715
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.0-2.2_i386.deb

        Size/MD5 checksum: 59414 a573f174689381d3043e5137dec68d43
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-services_1.0-2.2_i386.deb

        Size/MD5 checksum: 159176 44fd474735dfd8fbc26cccdf1f488e2a
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-user_1.0-2.2_i386.deb

        Size/MD5 checksum: 103836 09f7968d715bebdf6298f4216c3495d9
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-x11_1.0-2.2_i386.deb

        Size/MD5 checksum: 53336 c8a2c03a26aa08533bd0563c57f8f9fe
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth1_1.0-2.2_i386.deb

        Size/MD5 checksum: 209002 8dd6dcb1c73eb690b53e738b292baa8d
        Motorola 680x0 architecture:
        
        http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.0-2.2_m68k.deb

        Size/MD5 checksum: 150592 07fbd55f7cf88b6b6c603422ec1e7412
        

- 漏洞信息

4870
Multiple Kerberos Compatibility Administration Daemon Overflow
Remote / Network Access Input Manipulation
Loss of Integrity
Exploit Public

- 漏洞描述

A remote overflow exists in several implementations of Kerberos 4 and legacy compatibility for Kerberos 4 in kerberos 5 distributions. The kadmind daemon fails to do proper bounds checking, resulting in a stack overflow. With a specially crafted request, an attacker can cause the daemon to execute arbitrary commands on the server, resulting in a loss of integrity.

- 时间线

2002-10-21 Unknow
Unknow Unknow

- 解决方案

Refer to vendor and/or distribution specific corrective actions. KTH Heimdal users may upgrade to 0.5.1 and/or eBones 1.2.1 or higher, as it has been reported to fix this vulnerability. MIT and Heimdal released a patch to address this vulnerability. It is also possible to correct the flaw by implementing the following workaround: - In kerberos 5 implementations, disable support for the legacy keberos 4 administration protocol.

- 相关参考

- 漏洞作者

- 漏洞信息

Multiple Vendor kadmind Remote Buffer Overflow Vulnerability
Boundary Condition Error 6024
Yes No
2002-10-21 12:00:00 2009-07-11 06:06:00
Discovery of vulnerability credited to Johan Danielsson and Love Hornquist-Astrand. Discovery is also credited to Tom Yu and Sam Hartman of MIT.

- 受影响的程序版本

OpenBSD OpenBSD 3.2
OpenBSD OpenBSD 3.1
OpenBSD OpenBSD 3.0
NetBSD NetBSD 1.6
NetBSD NetBSD 1.5.3
NetBSD NetBSD 1.5.2
NetBSD NetBSD 1.5.1
NetBSD NetBSD 1.5
MIT Kerberos 5 1.2.6
MIT Kerberos 5 1.2.5
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ Mandriva Linux Mandrake 9.0
+ RedHat Linux 8.0 i386
+ RedHat Linux 8.0
+ Turbolinux Home
+ Turbolinux Turbolinux 10 F...
+ Turbolinux Turbolinux Desktop 10.0
+ Turbolinux Turbolinux Server 8.0
+ Wirex Immunix OS 7+
MIT Kerberos 5 1.2.4
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3
MIT Kerberos 5 1.2.3
+ Conectiva Linux 8.0
MIT Kerberos 5 1.2.2
+ MandrakeSoft Multi Network Firewall 2.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
+ RedHat Linux 7.0
MIT Kerberos 5 1.2.1
MIT Kerberos 5 1.2
MIT Kerberos 5 1.1.1
+ Red Hat Linux 6.2
- RedHat Linux 7.1 ia64
- RedHat Linux 7.1 i386
- RedHat Linux 7.1 alpha
- RedHat Linux 7.1
- RedHat Linux 7.0 i386
- RedHat Linux 7.0 alpha
- RedHat Linux 7.0
+ RedHat Linux 6.2 sparc
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.2 alpha
MIT Kerberos 5 1.1
MIT Kerberos 5 1.0.6
MIT Kerberos 5 1.0
MIT Kerberos 4 4.0
MIT Kerberos 4 1.1
MIT Kerberos 4 1.0
KTH Heimdal 0.21
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 IA-32
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
KTH Heimdal 0.5
- Gentoo Linux 1.4 _rc1
- Gentoo Linux 1.2
KTH Heimdal 0.4 e
+ FreeBSD FreeBSD 4.6 -RELEASE
+ FreeBSD FreeBSD 4.6
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3
- FreeBSD FreeBSD 4.2
- FreeBSD FreeBSD 4.1.1
- FreeBSD FreeBSD 4.1
- FreeBSD FreeBSD 4.0
+ S.u.S.E. Linux 8.0
KTH Heimdal 0.4 d
+ S.u.S.E. Linux 7.3
KTH Heimdal 0.4 c
KTH Heimdal 0.4 b
KTH Heimdal 0.4 a
KTH Heimdal 0.3 e
+ S.u.S.E. Linux 7.2
KTH eBones 1.2
Keware Technologies HomeSeer 0.4 e
IBM PSSP 3.5
IBM PSSP 3.4
IBM PSSP 3.2
IBM PSSP 3.1.1
FreeBSD FreeBSD 4.7 -RELEASE
FreeBSD FreeBSD 4.7
FreeBSD FreeBSD 4.6
FreeBSD FreeBSD 4.5
FreeBSD FreeBSD 4.4
FreeBSD FreeBSD 4.3
FreeBSD FreeBSD 4.2
FreeBSD FreeBSD 4.1
FreeBSD FreeBSD 4.0
KTH Heimdal 0.5.1
+ FreeBSD FreeBSD 5.0
KTH eBones 1.2.1
IBM AIX 4.3.3
IBM AIX 4.3.2
IBM AIX 4.3.1
IBM AIX 4.3
IBM AIX 4.2
IBM AIX 4.1
IBM AIX 4.0
IBM AIX 5.1

- 不受影响的程序版本

KTH Heimdal 0.5.1
+ FreeBSD FreeBSD 5.0
KTH eBones 1.2.1
IBM AIX 4.3.3
IBM AIX 4.3.2
IBM AIX 4.3.1
IBM AIX 4.3
IBM AIX 4.2
IBM AIX 4.1
IBM AIX 4.0
IBM AIX 5.1

- 漏洞讨论

A vulnerability has been discovered in the kadmind daemon.

It has been reported that kadmind is vulnerable to a remotely exploitable buffer overflow. This issue is due to insufficient bounds checking. Exploiting this issue could potentially allow an attacker to execute arbitrary code with the privileges of the kadmind process.

This issue is reported to exist in the Kerberos 4 administration protocol. Kerberos 5 includes support for the Kerberos 4 administration daemon. Various Kerberos implementations are reported to be affected by this vulnerability.

There are reports that this vulnerability is being actively exploited in the wild.

- 漏洞利用

There are rumors of an exploit for this vulnerability circulating in the wild.

- 解决方案

CERT has released an advisory which contains information about various vendors and implementations that are reported to be affected by this vulnerability.

CERT has released a followup advisory which retracts information about the applicability of Debian Security Advisory DSA-178 and associated fixes. SuSE Security Advisory SuSE-SA:2002:034 also does not address this issue.

Debian has released Debian Security Advisory DSA 183-1 which does address this issue for affected MIT Kerberos 5 packages that ship with Debian GNU/Linux 3.0 alias woody. Information on obtaining fixes may be found in the referenced advisory.

NetBSD has released an advisory. NetBSD-current, NetBSD 1.6 and NetBSD 1.5 branches dated 2002-10-22 and later have fixes for this vulnerability. Users are advised to upgrade the crypto/dist/heimdal/kadmin directory in CVS. Further information is available in the referenced advisory.

FreeBSD have addressed this issue as of October 23rd, 2002 for the base Kerberos 4 (kadmind) and Kerberos 5 (k5admind v4 compatibility) daemons. The heimdal and krb5 ports were corrected as of October 24th, 2002. A vendor advisory is reported to be forthcoming.

MIT has released an advisory. Detailed patch information is available in the referenced advisory.

Apple has announced that the Kerberos Administration Daemon was included in Mac OS X 10.0, but was removed in Mac OS X versions 10.1 and later.

SuSE Linux versions 7.2 and ship with Heimdal Kerberos. However, Kerberos 4 support is not enabled.

Gentoo Linux has released an advisory and made fixes available. To update systems, Gentoo Linux users are advised to perform the following update procedures:

emerge rsync
emerge kth-krb
emerge heimdal
emerge clean

Sorcerer Linux has released an advisory and made fixes available. To update systems, Socerer Linux users are advise to perform the following update procedures:

augur synch
augur update

Debian has released Debian Security Advisory DSA 184-1 which addresses the issue for affected MIT Kerberos 4 packages.

Debian has released Debian Security Advisory DSA 185-1 which addresses the issue for affected Heimdal Kerberos packages. Information about obtaining fixes are available in the referenced advisory.

Conectiva Linux has released an advisory. Further information can be obtained from referenced advisory.

RedHat has released a security advisory which addressed the issue for affected MIT Kerberos 5 packages.

FreeBSD has released an advisory. Users are advised to update their ports tree and reinstall the heimdal or krb5 ports or to download and install a patch. Further, detailed information is available in the referenced advisory.

IBM has made APARs available to resolve this issue.

HP has released advisory HPSBTL0211-077 for HP Secure OS advising users to apply the fixes listed in Red Hat advisory RHSA-2002:242-06.

Fixes have been released which address this issue:


OpenBSD OpenBSD 3.2

OpenBSD OpenBSD 3.0

OpenBSD OpenBSD 3.1

KTH Heimdal 0.21

KTH Heimdal 0.4 e

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站