Vulnerabilities > CVE-2008-0062 - Numeric Errors vulnerability in MIT Kerberos 5

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
apple
mit
CWE-189
critical
nessus

Summary

KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer dereference or double-free.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2008-0181.NASL
    descriptionUpdated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. A flaw was found in the way the MIT Kerberos Authentication Service and Key Distribution Center server (krb5kdc) handled Kerberos v4 protocol packets. An unauthenticated remote attacker could use this flaw to crash the krb5kdc daemon, disclose portions of its memory, or possibly execute arbitrary code using malformed or truncated Kerberos v4 protocol requests. (CVE-2008-0062, CVE-2008-0063) This issue only affected krb5kdc with Kerberos v4 protocol compatibility enabled, which is the default setting on Red Hat Enterprise Linux 4. Kerberos v4 protocol support can be disabled by adding
    last seen2020-06-01
    modified2020-06-02
    plugin id31618
    published2008-03-19
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/31618
    titleRHEL 2.1 / 3 : krb5 (RHSA-2008:0181)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2008:0181. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(31618);
      script_version ("1.30");
      script_cvs_date("Date: 2019/10/25 13:36:13");
    
      script_cve_id("CVE-2008-0062", "CVE-2008-0063", "CVE-2008-0947", "CVE-2008-0948");
      script_bugtraq_id(28302, 28303);
      script_xref(name:"RHSA", value:"2008:0181");
    
      script_name(english:"RHEL 2.1 / 3 : krb5 (RHSA-2008:0181)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated krb5 packages that fix multiple security issues are now
    available for Red Hat Enterprise Linux 2.1 and 3.
    
    This update has been rated as having critical security impact by the
    Red Hat Security Response Team.
    
    Kerberos is a network authentication system which allows clients and
    servers to authenticate to each other through use of symmetric
    encryption and a trusted third party, the KDC.
    
    A flaw was found in the way the MIT Kerberos Authentication Service
    and Key Distribution Center server (krb5kdc) handled Kerberos v4
    protocol packets. An unauthenticated remote attacker could use this
    flaw to crash the krb5kdc daemon, disclose portions of its memory, or
    possibly execute arbitrary code using malformed or truncated Kerberos
    v4 protocol requests. (CVE-2008-0062, CVE-2008-0063)
    
    This issue only affected krb5kdc with Kerberos v4 protocol
    compatibility enabled, which is the default setting on Red Hat
    Enterprise Linux 4. Kerberos v4 protocol support can be disabled by
    adding 'v4_mode=none' (without the quotes) to the '[kdcdefaults]'
    section of /var/kerberos/krb5kdc/kdc.conf.
    
    A flaw was found in the RPC library used by the MIT Kerberos kadmind
    server. An unauthenticated remote attacker could use this flaw to
    crash kadmind. This issue only affected systems with certain resource
    limits configured and did not affect systems using default resource
    limits used by Red Hat Enterprise Linux 2.1 or 3. (CVE-2008-0948)
    
    Red Hat would like to thank MIT for reporting these issues.
    
    All krb5 users are advised to update to these erratum packages which
    contain backported fixes to correct these issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2008-0062"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2008-0063"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2008-0948"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2008:0181"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(119, 189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:krb5-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:krb5-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:krb5-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:krb5-workstation");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:2.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2008/03/18");
      script_set_attribute(attribute:"patch_publication_date", value:"2008/03/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/03/19");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(2\.1|3)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 2.1 / 3.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2008:0181";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"krb5-devel-1.2.2-48")) flag++;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"krb5-libs-1.2.2-48")) flag++;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"krb5-server-1.2.2-48")) flag++;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"krb5-workstation-1.2.2-48")) flag++;
    
      if (rpm_check(release:"RHEL3", reference:"krb5-devel-1.2.7-68")) flag++;
      if (rpm_check(release:"RHEL3", reference:"krb5-libs-1.2.7-68")) flag++;
      if (rpm_check(release:"RHEL3", reference:"krb5-server-1.2.7-68")) flag++;
      if (rpm_check(release:"RHEL3", reference:"krb5-workstation-1.2.7-68")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "krb5-devel / krb5-libs / krb5-server / krb5-workstation");
      }
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2008-0182.NASL
    descriptionUpdated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4.5 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. A flaw was found in the way the MIT Kerberos Authentication Service and Key Distribution Center server (krb5kdc) handled Kerberos v4 protocol packets. An unauthenticated remote attacker could use this flaw to crash the krb5kdc daemon, disclose portions of its memory, or possibly execute arbitrary code using malformed or truncated Kerberos v4 protocol requests. (CVE-2008-0062, CVE-2008-0063) This issue only affected krb5kdc with Kerberos v4 protocol compatibility enabled, which is the default setting on Red Hat Enterprise Linux 4. Kerberos v4 protocol support can be disabled by adding
    last seen2020-06-01
    modified2020-06-02
    plugin id63850
    published2013-01-24
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/63850
    titleRHEL 4 : krb5 (RHSA-2008:0182)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2008:0182. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(63850);
      script_version("1.13");
      script_cvs_date("Date: 2019/10/25 13:36:13");
    
      script_cve_id("CVE-2008-0062", "CVE-2008-0063");
      script_xref(name:"RHSA", value:"2008:0182");
    
      script_name(english:"RHEL 4 : krb5 (RHSA-2008:0182)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated krb5 packages that fix multiple security issues are now
    available for Red Hat Enterprise Linux 4.5 Extended Update Support.
    
    This update has been rated as having critical security impact by the
    Red Hat Security Response Team.
    
    Kerberos is a network authentication system which allows clients and
    servers to authenticate to each other through use of symmetric
    encryption and a trusted third party, the KDC.
    
    A flaw was found in the way the MIT Kerberos Authentication Service
    and Key Distribution Center server (krb5kdc) handled Kerberos v4
    protocol packets. An unauthenticated remote attacker could use this
    flaw to crash the krb5kdc daemon, disclose portions of its memory, or
    possibly execute arbitrary code using malformed or truncated Kerberos
    v4 protocol requests. (CVE-2008-0062, CVE-2008-0063)
    
    This issue only affected krb5kdc with Kerberos v4 protocol
    compatibility enabled, which is the default setting on Red Hat
    Enterprise Linux 4. Kerberos v4 protocol support can be disabled by
    adding 'v4_mode=none' (without the quotes) to the '[kdcdefaults]'
    section of /var/kerberos/krb5kdc/kdc.conf.
    
    Red Hat would like to thank MIT for reporting these issues.
    
    All krb5 users are advised to update to these erratum packages which
    contain backported fixes to correct these issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.redhat.com/security/data/cve/CVE-2008-0062.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.redhat.com/security/data/cve/CVE-2008-0063.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://rhn.redhat.com/errata/RHSA-2008-0182.html"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_cwe_id(119, 189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:krb5-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:krb5-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:krb5-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:krb5-workstation");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.5");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/03/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2019 Tenable Network Security, Inc.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    flag = 0;
    if (rpm_check(release:"RHEL4", sp:"5", reference:"krb5-devel-1.3.4-49.el4_5.1")) flag++;
    if (rpm_check(release:"RHEL4", sp:"5", reference:"krb5-libs-1.3.4-49.el4_5.1")) flag++;
    if (rpm_check(release:"RHEL4", sp:"5", reference:"krb5-server-1.3.4-49.el4_5.1")) flag++;
    if (rpm_check(release:"RHEL4", sp:"5", reference:"krb5-workstation-1.3.4-49.el4_5.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2008-0164.NASL
    descriptionUpdated krb5 packages that resolve several issues and fix multiple bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. A flaw was found in the way the MIT Kerberos Authentication Service and Key Distribution Center server (krb5kdc) handled Kerberos v4 protocol packets. An unauthenticated remote attacker could use this flaw to crash the krb5kdc daemon, disclose portions of its memory, or possibly execute arbitrary code using malformed or truncated Kerberos v4 protocol requests. (CVE-2008-0062, CVE-2008-0063) This issue only affected krb5kdc with Kerberos v4 protocol compatibility enabled, which is the default setting on Red Hat Enterprise Linux 4. Kerberos v4 protocol support can be disabled by adding
    last seen2020-06-01
    modified2020-06-02
    plugin id31616
    published2008-03-19
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/31616
    titleRHEL 5 : krb5 (RHSA-2008:0164)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2008:0164. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(31616);
      script_version ("1.32");
      script_cvs_date("Date: 2019/10/25 13:36:13");
    
      script_cve_id("CVE-2007-5901", "CVE-2007-5971", "CVE-2008-0062", "CVE-2008-0063", "CVE-2008-0947");
      script_bugtraq_id(26750, 28302, 28303);
      script_xref(name:"RHSA", value:"2008:0164");
    
      script_name(english:"RHEL 5 : krb5 (RHSA-2008:0164)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated krb5 packages that resolve several issues and fix multiple
    bugs are now available for Red Hat Enterprise Linux 5.
    
    This update has been rated as having critical security impact by the
    Red Hat Security Response Team.
    
    Kerberos is a network authentication system which allows clients and
    servers to authenticate to each other through use of symmetric
    encryption and a trusted third party, the KDC.
    
    A flaw was found in the way the MIT Kerberos Authentication Service
    and Key Distribution Center server (krb5kdc) handled Kerberos v4
    protocol packets. An unauthenticated remote attacker could use this
    flaw to crash the krb5kdc daemon, disclose portions of its memory, or
    possibly execute arbitrary code using malformed or truncated Kerberos
    v4 protocol requests. (CVE-2008-0062, CVE-2008-0063)
    
    This issue only affected krb5kdc with Kerberos v4 protocol
    compatibility enabled, which is the default setting on Red Hat
    Enterprise Linux 4. Kerberos v4 protocol support can be disabled by
    adding 'v4_mode=none' (without the quotes) to the '[kdcdefaults]'
    section of /var/kerberos/krb5kdc/kdc.conf.
    
    Jeff Altman of Secure Endpoints discovered a flaw in the RPC library
    as used by MIT Kerberos kadmind server. An unauthenticated remote
    attacker could use this flaw to crash kadmind or possibly execute
    arbitrary code. This issue only affected systems with certain resource
    limits configured and did not affect systems using default resource
    limits used by Red Hat Enterprise Linux 5. (CVE-2008-0947)
    
    Red Hat would like to thank MIT for reporting these issues.
    
    Multiple memory management flaws were discovered in the GSSAPI library
    used by MIT Kerberos. These flaws could possibly result in use of
    already freed memory or an attempt to free already freed memory blocks
    (double-free flaw), possibly causing a crash or arbitrary code
    execution. (CVE-2007-5901, CVE-2007-5971)
    
    In addition to the security issues resolved above, the following bugs
    were also fixed :
    
    * delegated krb5 credentials were not properly stored when SPNEGO was
    the underlying mechanism during GSSAPI authentication. Consequently,
    applications attempting to copy delegated Kerberos 5 credentials into
    a credential cache received an 'Invalid credential was supplied'
    message rather than a copy of the delegated credentials. With this
    update, SPNEGO credentials can be properly searched, allowing
    applications to copy delegated credentials as expected.
    
    * applications can initiate context acceptance (via
    gss_accept_sec_context) without passing a ret_flags value that would
    indicate that credentials were delegated. A delegated credential
    handle should have been returned in such instances. This updated
    package adds a temp_ret_flag that stores the credential status in the
    event no other ret_flags value is passed by an application calling
    gss_accept_sec_context.
    
    * kpasswd did not fallback to TCP on receipt of certain errors, or
    when a packet was too big for UDP. This update corrects this.
    
    * when the libkrb5 password-routine generated a set-password or
    change-password request, incorrect sequence numbers were generated for
    all requests subsequent to the first request. This caused password
    change requests to fail if the primary server was unavailable. This
    updated package corrects this by saving the sequence number value
    after the AP-REQ data is built and restoring this value before the
    request is generated.
    
    * when a user's password expired, kinit would not prompt that user to
    change the password, instead simply informing the user their password
    had expired. This update corrects this behavior: kinit now prompts for
    a new password to be set when a password has expired.
    
    All krb5 users are advised to upgrade to these updated packages, which
    contain backported fixes to address these vulnerabilities and fix
    these bugs."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2007-5901"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2007-5971"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2008-0062"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2008-0063"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2008-0947"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2008:0164"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:krb5-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:krb5-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:krb5-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:krb5-workstation");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.1");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2007/12/05");
      script_set_attribute(attribute:"patch_publication_date", value:"2008/03/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/03/19");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2008:0164";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL5", reference:"krb5-devel-1.6.1-17.el5_1.1")) flag++;
    
      if (rpm_check(release:"RHEL5", reference:"krb5-libs-1.6.1-17.el5_1.1")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"krb5-server-1.6.1-17.el5_1.1")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"krb5-server-1.6.1-17.el5_1.1")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"krb5-server-1.6.1-17.el5_1.1")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"krb5-workstation-1.6.1-17.el5_1.1")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"krb5-workstation-1.6.1-17.el5_1.1")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"krb5-workstation-1.6.1-17.el5_1.1")) flag++;
    
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "krb5-devel / krb5-libs / krb5-server / krb5-workstation");
      }
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_KRB5-5081.NASL
    descriptionThis update fixes the following security bugs in krb5/krb5-server : - CVE-2008-0062: null/dangling pointer (needs enabled krb4 support) - CVE-2008-0063: possible operations on uninitialized buffer content/information leak (needs enabled krb4 support) - CVE-2008-0947/CVE-2008-0948: out-of-bound array access in kadmind
    last seen2020-06-01
    modified2020-06-02
    plugin id31623
    published2008-03-19
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/31623
    titleopenSUSE 10 Security Update : krb5 (krb5-5081)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update krb5-5081.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(31623);
      script_version ("1.12");
      script_cvs_date("Date: 2019/10/25 13:36:32");
    
      script_cve_id("CVE-2008-0062", "CVE-2008-0063", "CVE-2008-0947", "CVE-2008-0948");
    
      script_name(english:"openSUSE 10 Security Update : krb5 (krb5-5081)");
      script_summary(english:"Check for the krb5-5081 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update fixes the following security bugs in krb5/krb5-server :
    
      - CVE-2008-0062: null/dangling pointer (needs enabled krb4
        support) 
    
      - CVE-2008-0063: possible operations on uninitialized
        buffer content/information leak (needs enabled krb4
        support) 
    
      - CVE-2008-0947/CVE-2008-0948: out-of-bound array access
        in kadmind's RPC lib"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected krb5 packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_cwe_id(119, 189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-apps-clients");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-apps-servers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-client");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-devel-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:krb5-server");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.2");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.3");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/03/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/03/19");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE10\.1|SUSE10\.2|SUSE10\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.1 / 10.2 / 10.3", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE10.1", reference:"krb5-1.4.3-19.30.6") ) flag++;
    if ( rpm_check(release:"SUSE10.1", reference:"krb5-apps-clients-1.4.3-19.30.6") ) flag++;
    if ( rpm_check(release:"SUSE10.1", reference:"krb5-apps-servers-1.4.3-19.30.6") ) flag++;
    if ( rpm_check(release:"SUSE10.1", reference:"krb5-client-1.4.3-19.30.6") ) flag++;
    if ( rpm_check(release:"SUSE10.1", reference:"krb5-devel-1.4.3-19.30.6") ) flag++;
    if ( rpm_check(release:"SUSE10.1", reference:"krb5-server-1.4.3-19.30.6") ) flag++;
    if ( rpm_check(release:"SUSE10.1", cpu:"x86_64", reference:"krb5-32bit-1.4.3-19.30.6") ) flag++;
    if ( rpm_check(release:"SUSE10.1", cpu:"x86_64", reference:"krb5-devel-32bit-1.4.3-19.30.6") ) flag++;
    if ( rpm_check(release:"SUSE10.2", reference:"krb5-1.5.1-23.14") ) flag++;
    if ( rpm_check(release:"SUSE10.2", reference:"krb5-apps-clients-1.5.1-23.14") ) flag++;
    if ( rpm_check(release:"SUSE10.2", reference:"krb5-apps-servers-1.5.1-23.14") ) flag++;
    if ( rpm_check(release:"SUSE10.2", reference:"krb5-client-1.5.1-23.14") ) flag++;
    if ( rpm_check(release:"SUSE10.2", reference:"krb5-devel-1.5.1-23.14") ) flag++;
    if ( rpm_check(release:"SUSE10.2", reference:"krb5-server-1.5.1-23.14") ) flag++;
    if ( rpm_check(release:"SUSE10.2", cpu:"x86_64", reference:"krb5-32bit-1.5.1-23.14") ) flag++;
    if ( rpm_check(release:"SUSE10.2", cpu:"x86_64", reference:"krb5-devel-32bit-1.5.1-23.14") ) flag++;
    if ( rpm_check(release:"SUSE10.3", reference:"krb5-1.6.2-22.4") ) flag++;
    if ( rpm_check(release:"SUSE10.3", reference:"krb5-apps-clients-1.6.2-22.4") ) flag++;
    if ( rpm_check(release:"SUSE10.3", reference:"krb5-apps-servers-1.6.2-22.4") ) flag++;
    if ( rpm_check(release:"SUSE10.3", reference:"krb5-client-1.6.2-22.4") ) flag++;
    if ( rpm_check(release:"SUSE10.3", reference:"krb5-devel-1.6.2-22.4") ) flag++;
    if ( rpm_check(release:"SUSE10.3", reference:"krb5-server-1.6.2-22.4") ) flag++;
    if ( rpm_check(release:"SUSE10.3", cpu:"x86_64", reference:"krb5-32bit-1.6.2-22.4") ) flag++;
    if ( rpm_check(release:"SUSE10.3", cpu:"x86_64", reference:"krb5-devel-32bit-1.6.2-22.4") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "krb5");
    }
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2008-0181.NASL
    descriptionUpdated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. A flaw was found in the way the MIT Kerberos Authentication Service and Key Distribution Center server (krb5kdc) handled Kerberos v4 protocol packets. An unauthenticated remote attacker could use this flaw to crash the krb5kdc daemon, disclose portions of its memory, or possibly execute arbitrary code using malformed or truncated Kerberos v4 protocol requests. (CVE-2008-0062, CVE-2008-0063) This issue only affected krb5kdc with Kerberos v4 protocol compatibility enabled, which is the default setting on Red Hat Enterprise Linux 4. Kerberos v4 protocol support can be disabled by adding
    last seen2020-06-01
    modified2020-06-02
    plugin id31609
    published2008-03-19
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/31609
    titleCentOS 3 : krb5 (CESA-2008:0181)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2008:0181 and 
    # CentOS Errata and Security Advisory 2008:0181 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(31609);
      script_version("1.18");
      script_cvs_date("Date: 2019/10/25 13:36:04");
    
      script_cve_id("CVE-2008-0062", "CVE-2008-0063", "CVE-2008-0947", "CVE-2008-0948");
      script_bugtraq_id(28302, 28303);
      script_xref(name:"RHSA", value:"2008:0181");
    
      script_name(english:"CentOS 3 : krb5 (CESA-2008:0181)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote CentOS host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated krb5 packages that fix multiple security issues are now
    available for Red Hat Enterprise Linux 2.1 and 3.
    
    This update has been rated as having critical security impact by the
    Red Hat Security Response Team.
    
    Kerberos is a network authentication system which allows clients and
    servers to authenticate to each other through use of symmetric
    encryption and a trusted third party, the KDC.
    
    A flaw was found in the way the MIT Kerberos Authentication Service
    and Key Distribution Center server (krb5kdc) handled Kerberos v4
    protocol packets. An unauthenticated remote attacker could use this
    flaw to crash the krb5kdc daemon, disclose portions of its memory, or
    possibly execute arbitrary code using malformed or truncated Kerberos
    v4 protocol requests. (CVE-2008-0062, CVE-2008-0063)
    
    This issue only affected krb5kdc with Kerberos v4 protocol
    compatibility enabled, which is the default setting on Red Hat
    Enterprise Linux 4. Kerberos v4 protocol support can be disabled by
    adding 'v4_mode=none' (without the quotes) to the '[kdcdefaults]'
    section of /var/kerberos/krb5kdc/kdc.conf.
    
    A flaw was found in the RPC library used by the MIT Kerberos kadmind
    server. An unauthenticated remote attacker could use this flaw to
    crash kadmind. This issue only affected systems with certain resource
    limits configured and did not affect systems using default resource
    limits used by Red Hat Enterprise Linux 2.1 or 3. (CVE-2008-0948)
    
    Red Hat would like to thank MIT for reporting these issues.
    
    All krb5 users are advised to update to these erratum packages which
    contain backported fixes to correct these issues."
      );
      # https://lists.centos.org/pipermail/centos-announce/2008-March/014754.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?fc3f05c1"
      );
      # https://lists.centos.org/pipermail/centos-announce/2008-March/014755.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?40b41450"
      );
      # https://lists.centos.org/pipermail/centos-announce/2008-March/014773.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?f0960a9c"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected krb5 packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(119, 189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:krb5-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:krb5-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:krb5-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:krb5-workstation");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:3");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2008/03/18");
      script_set_attribute(attribute:"patch_publication_date", value:"2008/03/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/03/19");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"CentOS Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/CentOS/release");
    if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
    os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
    os_ver = os_ver[1];
    if (! preg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 3.x", "CentOS " + os_ver);
    
    if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"CentOS-3", cpu:"i386", reference:"krb5-devel-1.2.7-68")) flag++;
    if (rpm_check(release:"CentOS-3", cpu:"ia64", reference:"krb5-devel-1.2.7-68.c3")) flag++;
    if (rpm_check(release:"CentOS-3", cpu:"x86_64", reference:"krb5-devel-1.2.7-68")) flag++;
    if (rpm_check(release:"CentOS-3", cpu:"i386", reference:"krb5-libs-1.2.7-68")) flag++;
    if (rpm_check(release:"CentOS-3", cpu:"ia64", reference:"krb5-libs-1.2.7-68.c3")) flag++;
    if (rpm_check(release:"CentOS-3", cpu:"x86_64", reference:"krb5-libs-1.2.7-68")) flag++;
    if (rpm_check(release:"CentOS-3", cpu:"i386", reference:"krb5-server-1.2.7-68")) flag++;
    if (rpm_check(release:"CentOS-3", cpu:"ia64", reference:"krb5-server-1.2.7-68.c3")) flag++;
    if (rpm_check(release:"CentOS-3", cpu:"x86_64", reference:"krb5-server-1.2.7-68")) flag++;
    if (rpm_check(release:"CentOS-3", cpu:"i386", reference:"krb5-workstation-1.2.7-68")) flag++;
    if (rpm_check(release:"CentOS-3", cpu:"ia64", reference:"krb5-workstation-1.2.7-68.c3")) flag++;
    if (rpm_check(release:"CentOS-3", cpu:"x86_64", reference:"krb5-workstation-1.2.7-68")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "krb5-devel / krb5-libs / krb5-server / krb5-workstation");
    }
    
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2008-0164.NASL
    descriptionFrom Red Hat Security Advisory 2008:0164 : Updated krb5 packages that resolve several issues and fix multiple bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. A flaw was found in the way the MIT Kerberos Authentication Service and Key Distribution Center server (krb5kdc) handled Kerberos v4 protocol packets. An unauthenticated remote attacker could use this flaw to crash the krb5kdc daemon, disclose portions of its memory, or possibly execute arbitrary code using malformed or truncated Kerberos v4 protocol requests. (CVE-2008-0062, CVE-2008-0063) This issue only affected krb5kdc with Kerberos v4 protocol compatibility enabled, which is the default setting on Red Hat Enterprise Linux 4. Kerberos v4 protocol support can be disabled by adding
    last seen2020-06-01
    modified2020-06-02
    plugin id67664
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67664
    titleOracle Linux 5 : krb5 (ELSA-2008-0164)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Red Hat Security Advisory RHSA-2008:0164 and 
    # Oracle Linux Security Advisory ELSA-2008-0164 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(67664);
      script_version("1.10");
      script_cvs_date("Date: 2019/10/25 13:36:07");
    
      script_cve_id("CVE-2007-5901", "CVE-2007-5971", "CVE-2008-0062", "CVE-2008-0063", "CVE-2008-0947");
      script_bugtraq_id(26750, 28302, 28303);
      script_xref(name:"RHSA", value:"2008:0164");
    
      script_name(english:"Oracle Linux 5 : krb5 (ELSA-2008-0164)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Oracle Linux host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "From Red Hat Security Advisory 2008:0164 :
    
    Updated krb5 packages that resolve several issues and fix multiple
    bugs are now available for Red Hat Enterprise Linux 5.
    
    This update has been rated as having critical security impact by the
    Red Hat Security Response Team.
    
    Kerberos is a network authentication system which allows clients and
    servers to authenticate to each other through use of symmetric
    encryption and a trusted third party, the KDC.
    
    A flaw was found in the way the MIT Kerberos Authentication Service
    and Key Distribution Center server (krb5kdc) handled Kerberos v4
    protocol packets. An unauthenticated remote attacker could use this
    flaw to crash the krb5kdc daemon, disclose portions of its memory, or
    possibly execute arbitrary code using malformed or truncated Kerberos
    v4 protocol requests. (CVE-2008-0062, CVE-2008-0063)
    
    This issue only affected krb5kdc with Kerberos v4 protocol
    compatibility enabled, which is the default setting on Red Hat
    Enterprise Linux 4. Kerberos v4 protocol support can be disabled by
    adding 'v4_mode=none' (without the quotes) to the '[kdcdefaults]'
    section of /var/kerberos/krb5kdc/kdc.conf.
    
    Jeff Altman of Secure Endpoints discovered a flaw in the RPC library
    as used by MIT Kerberos kadmind server. An unauthenticated remote
    attacker could use this flaw to crash kadmind or possibly execute
    arbitrary code. This issue only affected systems with certain resource
    limits configured and did not affect systems using default resource
    limits used by Red Hat Enterprise Linux 5. (CVE-2008-0947)
    
    Red Hat would like to thank MIT for reporting these issues.
    
    Multiple memory management flaws were discovered in the GSSAPI library
    used by MIT Kerberos. These flaws could possibly result in use of
    already freed memory or an attempt to free already freed memory blocks
    (double-free flaw), possibly causing a crash or arbitrary code
    execution. (CVE-2007-5901, CVE-2007-5971)
    
    In addition to the security issues resolved above, the following bugs
    were also fixed :
    
    * delegated krb5 credentials were not properly stored when SPNEGO was
    the underlying mechanism during GSSAPI authentication. Consequently,
    applications attempting to copy delegated Kerberos 5 credentials into
    a credential cache received an 'Invalid credential was supplied'
    message rather than a copy of the delegated credentials. With this
    update, SPNEGO credentials can be properly searched, allowing
    applications to copy delegated credentials as expected.
    
    * applications can initiate context acceptance (via
    gss_accept_sec_context) without passing a ret_flags value that would
    indicate that credentials were delegated. A delegated credential
    handle should have been returned in such instances. This updated
    package adds a temp_ret_flag that stores the credential status in the
    event no other ret_flags value is passed by an application calling
    gss_accept_sec_context.
    
    * kpasswd did not fallback to TCP on receipt of certain errors, or
    when a packet was too big for UDP. This update corrects this.
    
    * when the libkrb5 password-routine generated a set-password or
    change-password request, incorrect sequence numbers were generated for
    all requests subsequent to the first request. This caused password
    change requests to fail if the primary server was unavailable. This
    updated package corrects this by saving the sequence number value
    after the AP-REQ data is built and restoring this value before the
    request is generated.
    
    * when a user's password expired, kinit would not prompt that user to
    change the password, instead simply informing the user their password
    had expired. This update corrects this behavior: kinit now prompts for
    a new password to be set when a password has expired.
    
    All krb5 users are advised to upgrade to these updated packages, which
    contain backported fixes to address these vulnerabilities and fix
    these bugs."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://oss.oracle.com/pipermail/el-errata/2008-March/000547.html"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected krb5 packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:krb5-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:krb5-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:krb5-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:krb5-workstation");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:5");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2007/12/05");
      script_set_attribute(attribute:"patch_publication_date", value:"2008/03/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Oracle Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
    os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 5", "Oracle Linux " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);
    
    flag = 0;
    if (rpm_check(release:"EL5", reference:"krb5-devel-1.6.1-17.el5_1.1")) flag++;
    if (rpm_check(release:"EL5", reference:"krb5-libs-1.6.1-17.el5_1.1")) flag++;
    if (rpm_check(release:"EL5", reference:"krb5-server-1.6.1-17.el5_1.1")) flag++;
    if (rpm_check(release:"EL5", reference:"krb5-workstation-1.6.1-17.el5_1.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "krb5-devel / krb5-libs / krb5-server / krb5-workstation");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1524.NASL
    descriptionSeveral remote vulnerabilities have been discovered in the kdc component of the krb5, a system for authenticating users and services on a network. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0062 An unauthenticated remote attacker may cause a krb4-enabled KDC to crash, expose information, or execute arbitrary code. Successful exploitation of this vulnerability could compromise the Kerberos key database and host security on the KDC host. - CVE-2008-0063 An unauthenticated remote attacker may cause a krb4-enabled KDC to expose information. It is theoretically possible for the exposed information to include secret key data on some platforms. - CVE-2008-0947 An unauthenticated remote attacker can cause memory corruption in the kadmind process, which is likely to cause kadmind to crash, resulting in a denial of service. It is at least theoretically possible for such corruption to result in database corruption or arbitrary code execution, though we have no such exploit and are not aware of any such exploits in use in the wild. In versions of MIT Kerberos shipped by Debian, this bug can only be triggered in configurations that allow large numbers of open file descriptors in a process.
    last seen2020-06-01
    modified2020-06-02
    plugin id31630
    published2008-03-21
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/31630
    titleDebian DSA-1524-1 : krb5 - several vulnerabilities
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-1524. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(31630);
      script_version("1.23");
      script_cvs_date("Date: 2019/08/02 13:32:21");
    
      script_cve_id("CVE-2008-0062", "CVE-2008-0063", "CVE-2008-0947");
      script_xref(name:"DSA", value:"1524");
    
      script_name(english:"Debian DSA-1524-1 : krb5 - several vulnerabilities");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Several remote vulnerabilities have been discovered in the kdc
    component of the krb5, a system for authenticating users and services
    on a network. The Common Vulnerabilities and Exposures project
    identifies the following problems :
    
      - CVE-2008-0062
        An unauthenticated remote attacker may cause a
        krb4-enabled KDC to crash, expose information, or
        execute arbitrary code. Successful exploitation of this
        vulnerability could compromise the Kerberos key database
        and host security on the KDC host.
    
      - CVE-2008-0063
        An unauthenticated remote attacker may cause a
        krb4-enabled KDC to expose information. It is
        theoretically possible for the exposed information to
        include secret key data on some platforms.
    
      - CVE-2008-0947
        An unauthenticated remote attacker can cause memory
        corruption in the kadmind process, which is likely to
        cause kadmind to crash, resulting in a denial of
        service. It is at least theoretically possible for such
        corruption to result in database corruption or arbitrary
        code execution, though we have no such exploit and are
        not aware of any such exploits in use in the wild. In
        versions of MIT Kerberos shipped by Debian, this bug can
        only be triggered in configurations that allow large
        numbers of open file descriptors in a process."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2008-0062"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2008-0063"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2008-0947"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2008/dsa-1524"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the krb5 packages.
    
    For the old stable distribution (sarge), these problems have been
    fixed in version krb5 1.3.6-2sarge6.
    
    For the stable distribution (etch), these problems have been fixed in
    version 1.4.4-7etch5."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_cwe_id(119, 189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:krb5");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:4.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/03/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/03/21");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"3.1", prefix:"krb5-admin-server", reference:"1.3.6-2sarge6")) flag++;
    if (deb_check(release:"3.1", prefix:"krb5-clients", reference:"1.3.6-2sarge6")) flag++;
    if (deb_check(release:"3.1", prefix:"krb5-doc", reference:"1.3.6-2sarge6")) flag++;
    if (deb_check(release:"3.1", prefix:"krb5-ftpd", reference:"1.3.6-2sarge6")) flag++;
    if (deb_check(release:"3.1", prefix:"krb5-kdc", reference:"1.3.6-2sarge6")) flag++;
    if (deb_check(release:"3.1", prefix:"krb5-rsh-server", reference:"1.3.6-2sarge6")) flag++;
    if (deb_check(release:"3.1", prefix:"krb5-telnetd", reference:"1.3.6-2sarge6")) flag++;
    if (deb_check(release:"3.1", prefix:"krb5-user", reference:"1.3.6-2sarge6")) flag++;
    if (deb_check(release:"3.1", prefix:"libkadm55", reference:"1.3.6-2sarge6")) flag++;
    if (deb_check(release:"3.1", prefix:"libkrb5-dev", reference:"1.3.6-2sarge6")) flag++;
    if (deb_check(release:"3.1", prefix:"libkrb53", reference:"1.3.6-2sarge6")) flag++;
    if (deb_check(release:"4.0", prefix:"krb5-admin-server", reference:"1.4.4-7etch5")) flag++;
    if (deb_check(release:"4.0", prefix:"krb5-clients", reference:"1.4.4-7etch5")) flag++;
    if (deb_check(release:"4.0", prefix:"krb5-doc", reference:"1.4.4-7etch5")) flag++;
    if (deb_check(release:"4.0", prefix:"krb5-ftpd", reference:"1.4.4-7etch5")) flag++;
    if (deb_check(release:"4.0", prefix:"krb5-kdc", reference:"1.4.4-7etch5")) flag++;
    if (deb_check(release:"4.0", prefix:"krb5-rsh-server", reference:"1.4.4-7etch5")) flag++;
    if (deb_check(release:"4.0", prefix:"krb5-telnetd", reference:"1.4.4-7etch5")) flag++;
    if (deb_check(release:"4.0", prefix:"krb5-user", reference:"1.4.4-7etch5")) flag++;
    if (deb_check(release:"4.0", prefix:"libkadm55", reference:"1.4.4-7etch5")) flag++;
    if (deb_check(release:"4.0", prefix:"libkrb5-dbg", reference:"1.4.4-7etch5")) flag++;
    if (deb_check(release:"4.0", prefix:"libkrb5-dev", reference:"1.4.4-7etch5")) flag++;
    if (deb_check(release:"4.0", prefix:"libkrb53", reference:"1.4.4-7etch5")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2008-0180.NASL
    descriptionUpdated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. A flaw was found in the way the MIT Kerberos Authentication Service and Key Distribution Center server (krb5kdc) handled Kerberos v4 protocol packets. An unauthenticated remote attacker could use this flaw to crash the krb5kdc daemon, disclose portions of its memory, or possibly execute arbitrary code using malformed or truncated Kerberos v4 protocol requests. (CVE-2008-0062, CVE-2008-0063) This issue only affected krb5kdc with Kerberos v4 protocol compatibility enabled, which is the default setting on Red Hat Enterprise Linux 4. Kerberos v4 protocol support can be disabled by adding
    last seen2020-06-01
    modified2020-06-02
    plugin id31627
    published2008-03-21
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/31627
    titleCentOS 4 : krb5 (CESA-2008:0180)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2008:0180 and 
    # CentOS Errata and Security Advisory 2008:0180 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(31627);
      script_version("1.19");
      script_cvs_date("Date: 2019/10/25 13:36:04");
    
      script_cve_id("CVE-2007-5971", "CVE-2008-0062", "CVE-2008-0063");
      script_bugtraq_id(26750, 28303);
      script_xref(name:"RHSA", value:"2008:0180");
    
      script_name(english:"CentOS 4 : krb5 (CESA-2008:0180)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote CentOS host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated krb5 packages that fix multiple security issues are now
    available for Red Hat Enterprise Linux 4.
    
    This update has been rated as having critical security impact by the
    Red Hat Security Response Team.
    
    Kerberos is a network authentication system which allows clients and
    servers to authenticate to each other through use of symmetric
    encryption and a trusted third party, the KDC.
    
    A flaw was found in the way the MIT Kerberos Authentication Service
    and Key Distribution Center server (krb5kdc) handled Kerberos v4
    protocol packets. An unauthenticated remote attacker could use this
    flaw to crash the krb5kdc daemon, disclose portions of its memory, or
    possibly execute arbitrary code using malformed or truncated Kerberos
    v4 protocol requests. (CVE-2008-0062, CVE-2008-0063)
    
    This issue only affected krb5kdc with Kerberos v4 protocol
    compatibility enabled, which is the default setting on Red Hat
    Enterprise Linux 4. Kerberos v4 protocol support can be disabled by
    adding 'v4_mode=none' (without the quotes) to the '[kdcdefaults]'
    section of /var/kerberos/krb5kdc/kdc.conf.
    
    Red Hat would like to thank MIT for reporting these issues.
    
    A double-free flaw was discovered in the GSSAPI library used by MIT
    Kerberos. This flaw could possibly cause a crash of the application
    using the GSSAPI library. (CVE-2007-5971)
    
    All krb5 users are advised to update to these erratum packages which
    contain backported fixes to correct these issues."
      );
      # https://lists.centos.org/pipermail/centos-announce/2008-March/014768.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?e25e9b2d"
      );
      # https://lists.centos.org/pipermail/centos-announce/2008-March/014769.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?c62e5686"
      );
      # https://lists.centos.org/pipermail/centos-announce/2008-March/014774.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?001dd4ab"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected krb5 packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:krb5-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:krb5-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:krb5-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:krb5-workstation");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:4");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2007/12/05");
      script_set_attribute(attribute:"patch_publication_date", value:"2008/03/20");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/03/21");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"CentOS Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/CentOS/release");
    if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
    os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
    os_ver = os_ver[1];
    if (! preg(pattern:"^4([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 4.x", "CentOS " + os_ver);
    
    if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"krb5-devel-1.3.4-54.el4_6.1")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"krb5-devel-1.3.4-54.c4.1")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"krb5-devel-1.3.4-54.el4_6.1")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"krb5-libs-1.3.4-54.el4_6.1")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"krb5-libs-1.3.4-54.c4.1")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"krb5-libs-1.3.4-54.el4_6.1")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"krb5-server-1.3.4-54.el4_6.1")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"krb5-server-1.3.4-54.c4.1")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"krb5-server-1.3.4-54.el4_6.1")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"krb5-workstation-1.3.4-54.el4_6.1")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"krb5-workstation-1.3.4-54.c4.1")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"krb5-workstation-1.3.4-54.el4_6.1")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "krb5-devel / krb5-libs / krb5-server / krb5-workstation");
    }
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2008-0164.NASL
    descriptionUpdated krb5 packages that resolve several issues and fix multiple bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. A flaw was found in the way the MIT Kerberos Authentication Service and Key Distribution Center server (krb5kdc) handled Kerberos v4 protocol packets. An unauthenticated remote attacker could use this flaw to crash the krb5kdc daemon, disclose portions of its memory, or possibly execute arbitrary code using malformed or truncated Kerberos v4 protocol requests. (CVE-2008-0062, CVE-2008-0063) This issue only affected krb5kdc with Kerberos v4 protocol compatibility enabled, which is the default setting on Red Hat Enterprise Linux 4. Kerberos v4 protocol support can be disabled by adding
    last seen2020-06-01
    modified2020-06-02
    plugin id43676
    published2010-01-06
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/43676
    titleCentOS 5 : krb5 (CESA-2008:0164)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2008:0164 and 
    # CentOS Errata and Security Advisory 2008:0164 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(43676);
      script_version("1.18");
      script_cvs_date("Date: 2019/10/25 13:36:04");
    
      script_cve_id("CVE-2007-5901", "CVE-2007-5971", "CVE-2008-0062", "CVE-2008-0063", "CVE-2008-0947");
      script_bugtraq_id(26750, 28302, 28303);
      script_xref(name:"RHSA", value:"2008:0164");
    
      script_name(english:"CentOS 5 : krb5 (CESA-2008:0164)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote CentOS host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated krb5 packages that resolve several issues and fix multiple
    bugs are now available for Red Hat Enterprise Linux 5.
    
    This update has been rated as having critical security impact by the
    Red Hat Security Response Team.
    
    Kerberos is a network authentication system which allows clients and
    servers to authenticate to each other through use of symmetric
    encryption and a trusted third party, the KDC.
    
    A flaw was found in the way the MIT Kerberos Authentication Service
    and Key Distribution Center server (krb5kdc) handled Kerberos v4
    protocol packets. An unauthenticated remote attacker could use this
    flaw to crash the krb5kdc daemon, disclose portions of its memory, or
    possibly execute arbitrary code using malformed or truncated Kerberos
    v4 protocol requests. (CVE-2008-0062, CVE-2008-0063)
    
    This issue only affected krb5kdc with Kerberos v4 protocol
    compatibility enabled, which is the default setting on Red Hat
    Enterprise Linux 4. Kerberos v4 protocol support can be disabled by
    adding 'v4_mode=none' (without the quotes) to the '[kdcdefaults]'
    section of /var/kerberos/krb5kdc/kdc.conf.
    
    Jeff Altman of Secure Endpoints discovered a flaw in the RPC library
    as used by MIT Kerberos kadmind server. An unauthenticated remote
    attacker could use this flaw to crash kadmind or possibly execute
    arbitrary code. This issue only affected systems with certain resource
    limits configured and did not affect systems using default resource
    limits used by Red Hat Enterprise Linux 5. (CVE-2008-0947)
    
    Red Hat would like to thank MIT for reporting these issues.
    
    Multiple memory management flaws were discovered in the GSSAPI library
    used by MIT Kerberos. These flaws could possibly result in use of
    already freed memory or an attempt to free already freed memory blocks
    (double-free flaw), possibly causing a crash or arbitrary code
    execution. (CVE-2007-5901, CVE-2007-5971)
    
    In addition to the security issues resolved above, the following bugs
    were also fixed :
    
    * delegated krb5 credentials were not properly stored when SPNEGO was
    the underlying mechanism during GSSAPI authentication. Consequently,
    applications attempting to copy delegated Kerberos 5 credentials into
    a credential cache received an 'Invalid credential was supplied'
    message rather than a copy of the delegated credentials. With this
    update, SPNEGO credentials can be properly searched, allowing
    applications to copy delegated credentials as expected.
    
    * applications can initiate context acceptance (via
    gss_accept_sec_context) without passing a ret_flags value that would
    indicate that credentials were delegated. A delegated credential
    handle should have been returned in such instances. This updated
    package adds a temp_ret_flag that stores the credential status in the
    event no other ret_flags value is passed by an application calling
    gss_accept_sec_context.
    
    * kpasswd did not fallback to TCP on receipt of certain errors, or
    when a packet was too big for UDP. This update corrects this.
    
    * when the libkrb5 password-routine generated a set-password or
    change-password request, incorrect sequence numbers were generated for
    all requests subsequent to the first request. This caused password
    change requests to fail if the primary server was unavailable. This
    updated package corrects this by saving the sequence number value
    after the AP-REQ data is built and restoring this value before the
    request is generated.
    
    * when a user's password expired, kinit would not prompt that user to
    change the password, instead simply informing the user their password
    had expired. This update corrects this behavior: kinit now prompts for
    a new password to be set when a password has expired.
    
    All krb5 users are advised to upgrade to these updated packages, which
    contain backported fixes to address these vulnerabilities and fix
    these bugs."
      );
      # https://lists.centos.org/pipermail/centos-announce/2008-March/014766.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?4b44b161"
      );
      # https://lists.centos.org/pipermail/centos-announce/2008-March/014767.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?055da6b6"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected krb5 packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:krb5-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:krb5-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:krb5-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:krb5-workstation");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2007/12/05");
      script_set_attribute(attribute:"patch_publication_date", value:"2008/03/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/06");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"CentOS Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/CentOS/release");
    if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
    os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
    os_ver = os_ver[1];
    if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 5.x", "CentOS " + os_ver);
    
    if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"CentOS-5", reference:"krb5-devel-1.6.1-17.el5_1.1")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"krb5-libs-1.6.1-17.el5_1.1")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"krb5-server-1.6.1-17.el5_1.1")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"krb5-workstation-1.6.1-17.el5_1.1")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "krb5-devel / krb5-libs / krb5-server / krb5-workstation");
    }
    
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD2008-002.NASL
    descriptionThe remote host is running a version of Mac OS X 10.5 or 10.4 that does not have the security update 2008-002 applied. This update contains several security fixes for a number of programs.
    last seen2020-06-01
    modified2020-06-02
    plugin id31605
    published2008-03-19
    reporterThis script is Copyright (C) 2008-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/31605
    titleMac OS X Multiple Vulnerabilities (Security Update 2008-002)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    
    if (!defined_func("bn_random")) exit(0);
    if (NASL_LEVEL < 3004) exit(0);
    
    
    
    include("compat.inc");
    
    if (description)
    {
      script_id(31605);
      script_version ("1.38");
      script_cvs_date("Date: 2018/07/14  1:59:35");
    
      script_cve_id("CVE-2005-3352", "CVE-2005-4077", "CVE-2006-3334", "CVE-2006-3747", "CVE-2006-5793",
                    "CVE-2006-6481", "CVE-2007-0897", "CVE-2007-0898", "CVE-2007-1659", "CVE-2007-1660",
                    "CVE-2007-1661", "CVE-2007-1662", "CVE-2007-1745", "CVE-2007-1997", "CVE-2007-2445",
                    "CVE-2007-2799", "CVE-2007-3378", "CVE-2007-3725", "CVE-2007-3799", "CVE-2007-3847",
                    "CVE-2007-4510", "CVE-2007-4560", "CVE-2007-4568", "CVE-2007-4752", "CVE-2007-4766",
                    "CVE-2007-4767", "CVE-2007-4768", "CVE-2007-4887", "CVE-2007-4990", "CVE-2007-5000",
                    "CVE-2007-5266", "CVE-2007-5267", "CVE-2007-5268", "CVE-2007-5269", "CVE-2007-5795",
                    "CVE-2007-5901", "CVE-2007-5958", "CVE-2007-5971", "CVE-2007-6109", "CVE-2007-6203",
                    "CVE-2007-6335", "CVE-2007-6336", "CVE-2007-6337", "CVE-2007-6388", "CVE-2007-6421",
                    "CVE-2007-6427", "CVE-2007-6428", "CVE-2007-6429", "CVE-2008-0005", "CVE-2008-0006",
                    "CVE-2008-0044", "CVE-2008-0045", "CVE-2008-0046", "CVE-2008-0047", "CVE-2008-0048",
                    "CVE-2008-0049", "CVE-2008-0050", "CVE-2008-0051", "CVE-2008-0052", "CVE-2008-0053",
                    "CVE-2008-0054", "CVE-2008-0055", "CVE-2008-0056", "CVE-2008-0057", "CVE-2008-0058",
                    "CVE-2008-0059", "CVE-2008-0060", "CVE-2008-0062", "CVE-2008-0063", "CVE-2008-0318",
                    "CVE-2008-0596", "CVE-2008-0728", "CVE-2008-0882", "CVE-2008-0987", "CVE-2008-0988",
                    "CVE-2008-0989", "CVE-2008-0990", "CVE-2008-0992", "CVE-2008-0993", "CVE-2008-0994",
                    "CVE-2008-0995", "CVE-2008-0996", "CVE-2008-0997", "CVE-2008-0998", "CVE-2008-0999",
                    "CVE-2008-1000");
      script_bugtraq_id(19204, 21078, 24268, 25398, 25439, 25489, 25498, 26346, 26750, 26838,
                        26927, 26946, 27234, 27236, 27751, 27988, 28278, 28303, 28304, 28307,
                        28320, 28323, 28334, 28339, 28340, 28341, 28343, 28344, 28345, 28357,
                        28358, 28359, 28363, 28364, 28365, 28367, 28368, 28371, 28371, 28372,
                        28374, 28375, 28384, 28385, 28386, 28387, 28388, 28389);
    
      script_name(english:"Mac OS X Multiple Vulnerabilities (Security Update 2008-002)");
      script_summary(english:"Check for the presence of Security Update 2008-002");
    
       script_set_attribute(attribute:"synopsis", value:
    "The remote host is missing a Mac OS X update that fixes various
    security issues." );
       script_set_attribute(attribute:"description", value:
    "The remote host is running a version of Mac OS X 10.5 or 10.4 that
    does not have the security update 2008-002 applied. 
    
    This update contains several security fixes for a number of programs." );
       script_set_attribute(attribute:"see_also", value:"http://docs.info.apple.com/article.html?artnum=307562" );
       script_set_attribute(attribute:"see_also", value:"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" );
       script_set_attribute(attribute:"see_also", value:"http://www.securityfocus.com/advisories/14242" );
       script_set_attribute(attribute:"solution", value:
    "Install Security Update 2008-002 or later." );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'ClamAV Milter Blackhole-Mode Remote Code Execution');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(20, 22, 78, 79, 94, 119, 134, 189, 200, 255, 264, 362, 399);
    
      script_set_attribute(attribute:"plugin_publication_date", value: "2008/03/19");
      script_set_attribute(attribute:"patch_publication_date", value: "2007/08/24");
      script_set_attribute(attribute:"vuln_publication_date", value: "2007/06/02");
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"MacOS X Local Security Checks");
      script_copyright(english:"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.");
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/MacOSX/packages", "Host/uname");
      exit(0);
    }
    
    
    uname = get_kb_item("Host/uname");
    if (!uname) exit(0);
    
    if (egrep(pattern:"Darwin.* (8\.[0-9]\.|8\.1[01]\.)", string:uname))
    {
      packages = get_kb_item("Host/MacOSX/packages");
      if (!packages) exit(0);
    
      if (!egrep(pattern:"^SecUpd(Srvr)?(2008-00[2-8]|2009-|20[1-9][0-9]-)", string:packages))
        security_hole(0);
    }
    else if (egrep(pattern:"Darwin.* (9\.[0-2]\.)", string:uname))
    {
      packages = get_kb_item("Host/MacOSX/packages/boms");
      if (!packages) exit(0);
    
      if (!egrep(pattern:"^com\.apple\.pkg\.update\.security\.2008\.002\.bom", string:packages))
        security_hole(0);
    }
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-587-1.NASL
    descriptionIt was discovered that krb5 did not correctly handle certain krb4 requests. An unauthenticated remote attacker could exploit this flaw by sending a specially crafted traffic, which could expose sensitive information, cause a crash, or execute arbitrary code. (CVE-2008-0062, CVE-2008-0063) A flaw was discovered in the kadmind service
    last seen2020-06-01
    modified2020-06-02
    plugin id31625
    published2008-03-19
    reporterUbuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/31625
    titleUbuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : krb5 vulnerabilities (USN-587-1)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200803-31.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200803-31 (MIT Kerberos 5: Multiple vulnerabilities) Two vulnerabilities were found in the Kerberos 4 support in KDC: A global variable is not set for some incoming message types, leading to a NULL pointer dereference or a double free() (CVE-2008-0062) and unused portions of a buffer are not properly cleared when generating an error message, which results in stack content being contained in a reply (CVE-2008-0063). Jeff Altman (Secure Endpoints) discovered a buffer overflow in the RPC library server code, used in the kadmin server, caused when too many file descriptors are opened (CVE-2008-0947). Venustech AD-LAB discovered multiple vulnerabilities in the GSSAPI library: usage of a freed variable in the gss_indicate_mechs() function (CVE-2007-5901) and a double free() vulnerability in the gss_krb5int_make_seal_token_v3() function (CVE-2007-5971). Impact : The first two vulnerabilities can be exploited by a remote unauthenticated attacker to execute arbitrary code on the host running krb5kdc, compromise the Kerberos key database or cause a Denial of Service. These bugs can only be triggered when Kerberos 4 support is enabled. The RPC related vulnerability can be exploited by a remote unauthenticated attacker to crash kadmind, and theoretically execute arbitrary code with root privileges or cause database corruption. This bug can only be triggered in configurations that allow large numbers of open file descriptors in a process. The GSSAPI vulnerabilities could be exploited by a remote attacker to cause Denial of Service conditions or possibly execute arbitrary code. Workaround : Kerberos 4 support can be disabled via disabling the
    last seen2020-06-01
    modified2020-06-02
    plugin id31671
    published2008-03-26
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/31671
    titleGLSA-200803-31 : MIT Kerberos 5: Multiple vulnerabilities
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2008-070.NASL
    descriptionA memory management flaw was found in the GSSAPI library used by Kerberos that could result in an attempt to free already freed memory, possibly leading to a crash or allowing the execution of arbitrary code (CVE-2007-5971). A flaw was discovered in how the Kerberos krb5kdc handled Kerberos v4 protocol packets. An unauthenticated remote attacker could use this flaw to crash the krb5kdc daemon, disclose portions of its memory, or possibly %execute arbitrary code using malformed or truncated Kerberos v4 protocol requests (CVE-2008-0062, CVE-2008-0063). This issue only affects krb5kdc when it has Kerberos v4 protocol compatibility enabled, which is a compiled-in default in all Kerberos versions that Mandriva Linux ships prior to Mandriva Linux 2008.0. Kerberos v4 protocol support can be disabled by adding v4_mode=none (without quotes) to the [kdcdefaults] section of /etc/kerberos/krb5kdc/kdc.conf. A flaw in the RPC library as used in Kerberos
    last seen2020-06-01
    modified2020-06-02
    plugin id37527
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/37527
    titleMandriva Linux Security Advisory : krb5 (MDVSA-2008:070)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-2637.NASL
    descriptionThis update incorporates fixes included in MITKRB5-SA-2008-001 (use of uninitialized pointer / double-free in the KDC when v4 compatibility is enabled) and MITKRB5-SA-2008-002 (incorrect handling of high-numbered descriptors in the RPC library). This update also incorporates less-critical fixes for a double- free (CVE-2007-5971) and an incorrect attempt to free non-heap memory (CVE-2007-5901) in the GSSAPI library. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id31668
    published2008-03-26
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/31668
    titleFedora 7 : krb5-1.6.1-9.fc7 (2008-2637)
  • NASL familyVMware ESX Local Security Checks
    NASL idVMWARE_VMSA-2008-0009.NASL
    descriptiona. VMware Tools Local Privilege Escalation on Windows-based guest OS The VMware Tools Package provides support required for shared folders (HGFS) and other features. An input validation error is present in the Windows-based VMware HGFS.sys driver. Exploitation of this flaw might result in arbitrary code execution on the guest system by an unprivileged guest user. It doesn
    last seen2020-06-01
    modified2020-06-02
    plugin id40378
    published2009-07-27
    reporterThis script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/40378
    titleVMSA-2008-0009 : Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-2647.NASL
    descriptionThis update incorporates fixes included in MITKRB5-SA-2008-001 (use of uninitialized pointer / double-free in the KDC when v4 compatibility is enabled) and MITKRB5-SA-2008-002 (incorrect handling of high-numbered descriptors in the RPC library). This update also incorporates less-critical fixes for a double- free (CVE-2007-5971) and an incorrect attempt to free non-heap memory (CVE-2007-5901) in the GSSAPI library. This update also fixes an incorrect calculation of the length of the absolute path name of a file when the relative path is known and the library needs to look up which SELinux label to apply to the file. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id31670
    published2008-03-26
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/31670
    titleFedora 8 : krb5-1.6.2-14.fc8 (2008-2647)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2008-0180.NASL
    descriptionUpdated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. A flaw was found in the way the MIT Kerberos Authentication Service and Key Distribution Center server (krb5kdc) handled Kerberos v4 protocol packets. An unauthenticated remote attacker could use this flaw to crash the krb5kdc daemon, disclose portions of its memory, or possibly execute arbitrary code using malformed or truncated Kerberos v4 protocol requests. (CVE-2008-0062, CVE-2008-0063) This issue only affected krb5kdc with Kerberos v4 protocol compatibility enabled, which is the default setting on Red Hat Enterprise Linux 4. Kerberos v4 protocol support can be disabled by adding
    last seen2020-06-01
    modified2020-06-02
    plugin id31617
    published2008-03-19
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/31617
    titleRHEL 4 : krb5 (RHSA-2008:0180)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20080318_KRB5_ON_SL3_X.NASL
    descriptionA flaw was found in the way the MIT Kerberos Authentication Service and Key Distribution Center server (krb5kdc) handled Kerberos v4 protocol packets. An unauthenticated remote attacker could use this flaw to crash the krb5kdc daemon, disclose portions of its memory, or possibly execute arbitrary code using malformed or truncated Kerberos v4 protocol requests. (CVE-2008-0062, CVE-2008-0063) This issue only affected krb5kdc with Kerberos v4 protocol compatibility enabled, which is the default setting on Scientific Linux 4. Kerberos v4 protocol support can be disabled by adding
    last seen2020-06-01
    modified2020-06-02
    plugin id60373
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60373
    titleScientific Linux Security Update : krb5 on SL3.x, SL4.x, SL5.x i386/x86_64
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2008-0180.NASL
    descriptionFrom Red Hat Security Advisory 2008:0180 : Updated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. A flaw was found in the way the MIT Kerberos Authentication Service and Key Distribution Center server (krb5kdc) handled Kerberos v4 protocol packets. An unauthenticated remote attacker could use this flaw to crash the krb5kdc daemon, disclose portions of its memory, or possibly execute arbitrary code using malformed or truncated Kerberos v4 protocol requests. (CVE-2008-0062, CVE-2008-0063) This issue only affected krb5kdc with Kerberos v4 protocol compatibility enabled, which is the default setting on Red Hat Enterprise Linux 4. Kerberos v4 protocol support can be disabled by adding
    last seen2020-06-01
    modified2020-06-02
    plugin id67668
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67668
    titleOracle Linux 4 : krb5 (ELSA-2008-0180)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_KRB5-5082.NASL
    descriptionThis update fixes the following security bugs in krb5/krb5-server : - null/dangling pointer (needs enabled krb4 support). (CVE-2008-0062) - possible operations on uninitialized buffer content/information leak (needs enabled krb4 support). (CVE-2008-0063) - out-of-bound array access in kadmind
    last seen2020-06-01
    modified2020-06-02
    plugin id31624
    published2008-03-19
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/31624
    titleSuSE 10 Security Update : Kerberos 5 (ZYPP Patch Number 5082)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2008-069.NASL
    descriptionMultiple memory management flaws were found in the GSSAPI library used by Kerberos that could result in the use of already freed memory or an attempt to free already freed memory, possibly leading to a crash or allowing the execution of arbitrary code (CVE-2007-5901, CVE-2007-5971). A flaw was discovered in how the Kerberos krb5kdc handled Kerberos v4 protocol packets. An unauthenticated remote attacker could use this flaw to crash the krb5kdc daemon, disclose portions of its memory, or possibly %execute arbitrary code using malformed or truncated Kerberos v4 protocol requests (CVE-2008-0062, CVE-2008-0063). This issue only affects krb5kdc when it has Kerberos v4 protocol compatibility enabled, which is a compiled-in default in all Kerberos versions that Mandriva Linux ships prior to Mandriva Linux 2008.0. Kerberos v4 protocol support can be disabled by adding v4_mode=none (without quotes) to the [kdcdefaults] section of /etc/kerberos/krb5kdc/kdc.conf. A flaw in the RPC library as used in Kerberos
    last seen2020-06-01
    modified2020-06-02
    plugin id38056
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/38056
    titleMandriva Linux Security Advisory : krb5 (MDVSA-2008:069)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2008-0181.NASL
    descriptionFrom Red Hat Security Advisory 2008:0181 : Updated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. A flaw was found in the way the MIT Kerberos Authentication Service and Key Distribution Center server (krb5kdc) handled Kerberos v4 protocol packets. An unauthenticated remote attacker could use this flaw to crash the krb5kdc daemon, disclose portions of its memory, or possibly execute arbitrary code using malformed or truncated Kerberos v4 protocol requests. (CVE-2008-0062, CVE-2008-0063) This issue only affected krb5kdc with Kerberos v4 protocol compatibility enabled, which is the default setting on Red Hat Enterprise Linux 4. Kerberos v4 protocol support can be disabled by adding
    last seen2020-06-01
    modified2020-06-02
    plugin id67669
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67669
    titleOracle Linux 3 : krb5 (ELSA-2008-0181)

Oval

accepted2013-04-29T04:19:47.436-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
    ovaloval:org.mitre.oval:def:11782
  • commentCentOS Linux 3.x
    ovaloval:org.mitre.oval:def:16651
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
    ovaloval:org.mitre.oval:def:11831
  • commentCentOS Linux 4.x
    ovaloval:org.mitre.oval:def:16636
  • commentOracle Linux 4.x
    ovaloval:org.mitre.oval:def:15990
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 5
    ovaloval:org.mitre.oval:def:11414
  • commentThe operating system installed on the system is CentOS Linux 5.x
    ovaloval:org.mitre.oval:def:15802
  • commentOracle Linux 5.x
    ovaloval:org.mitre.oval:def:15459
descriptionKDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer dereference or double-free.
familyunix
idoval:org.mitre.oval:def:9496
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleKDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer dereference or double-free.
version27

Redhat

advisories
  • rhsa
    idRHSA-2008:0164
  • rhsa
    idRHSA-2008:0180
  • rhsa
    idRHSA-2008:0181
  • rhsa
    idRHSA-2008:0182
rpms
  • krb5-debuginfo-0:1.6.1-17.el5_1.1
  • krb5-devel-0:1.6.1-17.el5_1.1
  • krb5-libs-0:1.6.1-17.el5_1.1
  • krb5-server-0:1.6.1-17.el5_1.1
  • krb5-workstation-0:1.6.1-17.el5_1.1
  • krb5-debuginfo-0:1.3.4-54.el4_6.1
  • krb5-devel-0:1.3.4-54.el4_6.1
  • krb5-libs-0:1.3.4-54.el4_6.1
  • krb5-server-0:1.3.4-54.el4_6.1
  • krb5-workstation-0:1.3.4-54.el4_6.1
  • krb5-debuginfo-0:1.2.7-68
  • krb5-devel-0:1.2.2-48
  • krb5-devel-0:1.2.7-68
  • krb5-libs-0:1.2.2-48
  • krb5-libs-0:1.2.7-68
  • krb5-server-0:1.2.2-48
  • krb5-server-0:1.2.7-68
  • krb5-workstation-0:1.2.2-48
  • krb5-workstation-0:1.2.7-68
  • krb5-debuginfo-0:1.3.4-49.el4_5.1
  • krb5-devel-0:1.3.4-49.el4_5.1
  • krb5-libs-0:1.3.4-49.el4_5.1
  • krb5-server-0:1.3.4-49.el4_5.1
  • krb5-workstation-0:1.3.4-49.el4_5.1

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 28303 CVE(CAN) ID: CVE-2008-0062,CVE-2008-0063 Kerberos是一款广泛使用的使用强壮的加密来验证客户端和服务器端的网络协议。MIT Kerberos 5是一种常用的开源Kerberos实现。 Kerberos 5的实现上存在两个漏洞,远程攻击者可能利用此漏洞导致拒绝服务或获取敏感信息。 如果Kerberos 5 KDC中启用了Kerberos 4支持的话,发送畸形消息可能会触发两个漏洞: CVE-2008-0062:如果KDC接收到了畸形的Kerberos 4消息的话,且之前没有Kerberos 4通讯,就会触发空指针引用,导致KDC崩溃。如果已有有效的Kerberos 4通讯,就会使用空指针锁定发送给客户端的消息;指针可能重新发送之前生成的响应,发送进程内存的一些任意块(其中可能包含有密钥数据),或由于试图访问无效地址导致进程崩溃。如果进程没有崩溃的话,就会向free()传送随机地址,这可能会破坏释放池,导致崩溃、数据破坏或跳转到进程内存的任意地址。 CVE-2008-0063:如果将Kerberos 4消息截短的话,就会使用栈上之前的内容取代消息缺失的部分,而主名称中有些部分是从消息中的字符串读取的。这些字符串仅限于40字节或缓冲区中所找到的下一个ASCII NUL。如果KDC返回的错误消息显示数据库中没有找到主名称的话,就会在错误消息中包含主名称,其中可能包含有之前的栈内容。 MIT Kerberos 5 1.6.3 KDC 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1524-1)以及相应补丁: DSA-1524-1:New krb5 packages fix multiple vulnerabilities 链接:<a href=http://www.debian.org/security/2008/dsa-1524 target=_blank>http://www.debian.org/security/2008/dsa-1524</a> 补丁下载: Source archives: <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6.orig.tar.gz target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6.orig.tar.gz</a> Size/MD5 checksum: 6526510 7974d0fc413802712998d5fc5eec2919 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge6.diff.gz target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge6.diff.gz</a> Size/MD5 checksum: 673705 93382126a3c73ac44ed7daa7d85f166d <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge6.dsc target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5_1.3.6-2sarge6.dsc</a> Size/MD5 checksum: 782 0391aaf485ef1636ef18c6ba183c3fbe Architecture independent packages: <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.3.6-2sarge6_all.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.3.6-2sarge6_all.deb</a> Size/MD5 checksum: 718916 ca2fb37b53a19207f1e1f1de90c4c1f3 amd64 architecture (AMD x86_64 (AMD64)) <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_amd64.deb</a> Size/MD5 checksum: 137834 d43e9d3f3ef65fe8c8cbbb7b5dcbd144 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_amd64.deb</a> Size/MD5 checksum: 177730 947fb82dd795f9272935ea4cb027e543 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_amd64.deb</a> Size/MD5 checksum: 124864 4f1d0aa9d18013023f4a9f2b9a10db65 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_amd64.deb</a> Size/MD5 checksum: 104886 15037693de0d9dc27460d713b547872a <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_amd64.deb</a> Size/MD5 checksum: 63606 c4cfe2b01bfe0b579b216210817c4fa3 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_amd64.deb</a> Size/MD5 checksum: 369420 c8d1eaf98400880ff82f727fe20f90cd <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_amd64.deb</a> Size/MD5 checksum: 82806 30230dfe2605b88fdeac8811d408acdb <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_amd64.deb</a> Size/MD5 checksum: 57048 741292984684fddae11e130dcd388161 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_amd64.deb</a> Size/MD5 checksum: 652378 d8f3493f4354e0b3717ffc72d6592b88 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_amd64.deb</a> Size/MD5 checksum: 216990 0df13c59411cf57b86bd94e250cf458e arm architecture (ARM) <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_arm.deb</a> Size/MD5 checksum: 115684 ef39b71c5ecf4187e24d27c1111c9a54 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_arm.deb</a> Size/MD5 checksum: 633330 08566aa29ab8d56e26070137a16731a4 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_arm.deb</a> Size/MD5 checksum: 158874 4f60129aa092ea3d750deb168299abe7 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_arm.deb</a> Size/MD5 checksum: 54134 e23173f4ad3a59af03fbab0369a714a9 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_arm.deb</a> Size/MD5 checksum: 58252 255394fcc06d13b6dabc2e87c91dac02 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_arm.deb</a> Size/MD5 checksum: 198848 aaba0529c817ff11728515f5a116f71b <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_arm.deb</a> Size/MD5 checksum: 126814 85d31333aa01c4ab1f7b14ffaaa4c08b <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_arm.deb</a> Size/MD5 checksum: 74940 706b7cbfb01d66cbdb371a9019b3f725 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_arm.deb</a> Size/MD5 checksum: 329190 a661364db9bd2d5c5340a0c6a5c939f4 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_arm.deb</a> Size/MD5 checksum: 93938 04dc96993c79d0113a0626a4439c8cbf hppa architecture (HP PA RISC) <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_hppa.deb</a> Size/MD5 checksum: 125154 afd4a9608fff5b1b3e793881bb2c9c2c <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_hppa.deb</a> Size/MD5 checksum: 64286 b85cf8b5680c12c093ff34150623a3a0 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_hppa.deb</a> Size/MD5 checksum: 59368 3df43bbb40e060d0522495ff3e78412d <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_hppa.deb</a> Size/MD5 checksum: 669644 50027bd1d314e911c4a91647989fad1e <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_hppa.deb</a> Size/MD5 checksum: 104948 a013d1818ed8d6dd7d75a8ac11e795f9 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_hppa.deb</a> Size/MD5 checksum: 187304 401a8e21722c104f3d3aae86cf3640e9 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_hppa.deb</a> Size/MD5 checksum: 383876 d50afad26c9a0416fe47dfdf5ff649f4 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_hppa.deb</a> Size/MD5 checksum: 81992 b6c84f121f66616f578b13a3f0c654ca <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_hppa.deb</a> Size/MD5 checksum: 139202 4972377b638f980ad757128f14132874 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_hppa.deb</a> Size/MD5 checksum: 224154 8a8436e210dd8892487ea482a1de6522 i386 architecture (Intel ia32) <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_i386.deb</a> Size/MD5 checksum: 116324 445bced4eb764a78e51b68e4d7558363 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_i386.deb</a> Size/MD5 checksum: 574784 40fa136876b3219e55de089340c0c85e <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_i386.deb</a> Size/MD5 checksum: 52890 a6ae74be5b338ab7f215d0846353833e <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_i386.deb</a> Size/MD5 checksum: 165726 4b2485d3b8a50cd61ffcd2e0748d70fe <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_i386.deb</a> Size/MD5 checksum: 349416 2f33d4592484a2adf276fd29cfe9d728 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_i386.deb</a> Size/MD5 checksum: 127878 7232e14b8bc1d78fa4346b4ed393a3b9 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_i386.deb</a> Size/MD5 checksum: 95656 00f7666dac13adf2a7bfc81c9d801f2f <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_i386.deb</a> Size/MD5 checksum: 191526 d8613e5a3d87838ee7155f54c1c12f3d <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_i386.deb</a> Size/MD5 checksum: 57762 2baa509aad5f6b837753e5a3e65e63f1 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_i386.deb</a> Size/MD5 checksum: 75890 5e52830c36794bb8ed2cdd14611ec690 ia64 architecture (Intel ia64) <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_ia64.deb</a> Size/MD5 checksum: 134332 473be671406f747295c4a94d3f2ca3c5 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_ia64.deb</a> Size/MD5 checksum: 289396 c95c79f18a2a8cb78131a35073c09ebe <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_ia64.deb</a> Size/MD5 checksum: 890018 a9ca82650f5f96ac66d2b4436b0d1345 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_ia64.deb</a> Size/MD5 checksum: 167350 f448dced91316668c1d33d6a0776eb2c <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_ia64.deb</a> Size/MD5 checksum: 240384 5dc95c9ea35a7b052041e177114c5acf <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_ia64.deb</a> Size/MD5 checksum: 79982 8980a39a06eeca5ef5adb623786742a2 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_ia64.deb</a> Size/MD5 checksum: 73692 039a88dc8793fa4de6e461408cde62bd <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_ia64.deb</a> Size/MD5 checksum: 105008 273a9dbaf7a4882f39ebd9de527f76fb <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_ia64.deb</a> Size/MD5 checksum: 502382 97f1d32991c1778752bad887f4029990 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_ia64.deb</a> Size/MD5 checksum: 165288 7d2e3c354cc50db22fc34a396902690f m68k architecture (Motorola Mc680x0) <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_m68k.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_m68k.deb</a> Size/MD5 checksum: 71116 2f35c57d9f24856b013e27b0eef24a25 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_m68k.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_m68k.deb</a> Size/MD5 checksum: 516020 203205bb2e6f66161c2aa98746687190 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_m68k.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_m68k.deb</a> Size/MD5 checksum: 49768 39d4529ec4e27e2fdc75de762c5643fa <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_m68k.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_m68k.deb</a> Size/MD5 checksum: 107660 0659ab018fbf062504348fc63ef97cc6 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_m68k.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_m68k.deb</a> Size/MD5 checksum: 147864 b86ebef3ec1541aeabc20be31e503049 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_m68k.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_m68k.deb</a> Size/MD5 checksum: 305872 1fc4f6385b5196c1c892731eac06f5b3 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_m68k.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_m68k.deb</a> Size/MD5 checksum: 122106 c60b71edc9196adda91d40c4b84a908e <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_m68k.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_m68k.deb</a> Size/MD5 checksum: 174180 6d750c072a8d641bd661ea5c688199f3 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_m68k.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_m68k.deb</a> Size/MD5 checksum: 53478 74055ea66e27e24d79c824691da8fe0f <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_m68k.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_m68k.deb</a> Size/MD5 checksum: 88692 074a5c747c652e7ce8d911077ca5586c mips architecture (MIPS (Big Endian)) <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_mips.deb</a> Size/MD5 checksum: 145108 f432457761497dcfd8e1ba6fe7ac43fa <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_mips.deb</a> Size/MD5 checksum: 164386 512e3b183ffc5f121f82981f32235377 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_mips.deb</a> Size/MD5 checksum: 57750 d827cf9980ed4eba196dedf93e7d9b5d <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_mips.deb</a> Size/MD5 checksum: 680860 b4718176172f14d54d2a4662ae28e534 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_mips.deb</a> Size/MD5 checksum: 128738 a9592a522e7cc0f6db4c121ac04db438 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_mips.deb</a> Size/MD5 checksum: 65060 9b5613121aff8f341cb2dc3786b28d78 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_mips.deb</a> Size/MD5 checksum: 103404 eb3ca8cddb900bd4dfdb10b67ca9622c <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_mips.deb</a> Size/MD5 checksum: 225708 d09d386a5705b48584ffd51b0127883d <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_mips.deb</a> Size/MD5 checksum: 355178 359ca6a220b6a9e7af7b949e7a64fb5d <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_mips.deb</a> Size/MD5 checksum: 80956 407fec89580608afebb4ff89d95bdf72 mipsel architecture (MIPS (Little Endian)) <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_mipsel.deb</a> Size/MD5 checksum: 146678 76f8820a81a1c068ab60348f1302d087 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_mipsel.deb</a> Size/MD5 checksum: 103808 db8b0c06f58646093ca80554061cc0d1 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_mipsel.deb</a> Size/MD5 checksum: 65266 c27b18832cafb60109ba97e529706a53 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_mipsel.deb</a> Size/MD5 checksum: 226540 0ddfa3be4f63eeb0066682928c193996 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_mipsel.deb</a> Size/MD5 checksum: 82060 2479f67cadc3533fb499507fc1977b5d <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_mipsel.deb</a> Size/MD5 checksum: 355120 d1644230bb4cc0788a04f5f0c8eb961c <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_mipsel.deb</a> Size/MD5 checksum: 58164 5dcd7db602701983272b2fbb0db88864 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_mipsel.deb</a> Size/MD5 checksum: 130098 472042e34a7ac48352205df510767ddd <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_mipsel.deb</a> Size/MD5 checksum: 165632 3074194d27a16bd4e737a9462d6a217a <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_mipsel.deb</a> Size/MD5 checksum: 682776 b0046283d8860fc6c8fe968b335ff463 powerpc architecture (PowerPC) <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_powerpc.deb</a> Size/MD5 checksum: 61758 9496fefe85772ad549b84ae523c56e77 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_powerpc.deb</a> Size/MD5 checksum: 217812 c5aa73b8513a3698002cc3cedfeff012 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_powerpc.deb</a> Size/MD5 checksum: 105320 3677c003bd4c271bbe3daef5cf8f52df <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_powerpc.deb</a> Size/MD5 checksum: 143838 61244dbf640bd19ee1cc738ee7b44b34 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_powerpc.deb</a> Size/MD5 checksum: 57018 9afa2ba534be545b9d76d1f69c8e5468 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_powerpc.deb</a> Size/MD5 checksum: 165746 74c29add119101782727226dc9200db0 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_powerpc.deb</a> Size/MD5 checksum: 634906 93dd67378ead6cb763cc304516cbf632 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_powerpc.deb</a> Size/MD5 checksum: 353104 c5b16a1f26d01435b2bcb540b5b97730 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_powerpc.deb</a> Size/MD5 checksum: 82702 f728717a6a25b233526ad69934e376f4 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_powerpc.deb</a> Size/MD5 checksum: 126246 da0e3adca803929ae44fad884949cbe2 s390 architecture (IBM S/390) <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_s390.deb</a> Size/MD5 checksum: 214176 9c4b2684ce790d6544d078efde32f5d3 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_s390.deb</a> Size/MD5 checksum: 132996 1ed627f09d5b25bb3eaaaa4148207d7f <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_s390.deb</a> Size/MD5 checksum: 63428 332d6f0c94eabdca1df666a3ec0c6184 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_s390.deb</a> Size/MD5 checksum: 57214 f518a8dd4336c3916bb8c533bd8b6301 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_s390.deb</a> Size/MD5 checksum: 624898 27ed5f1406b97c3a429ed6cc41a5421a <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_s390.deb</a> Size/MD5 checksum: 99652 0e49258823390960faaf06522ab8f1cc <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_s390.deb</a> Size/MD5 checksum: 376188 ec0fdc218fbe9c53fa5aaec87667b5a7 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_s390.deb</a> Size/MD5 checksum: 82370 3a26a1e22c24add8b16498a641444a77 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_s390.deb</a> Size/MD5 checksum: 180336 34967e4eb80a75b18a23a9f3bf05bb5f <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_s390.deb</a> Size/MD5 checksum: 121318 883136f99bce1a8f9f413dc3d68f5762 sparc architecture (Sun SPARC/UltraSPARC) <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge6_sparc.deb</a> Size/MD5 checksum: 576786 3c142ce93bd9b408ea9a6d6046e3d067 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge6_sparc.deb</a> Size/MD5 checksum: 58950 91be8dfc1160f334f0ed514eaeddb3c4 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge6_sparc.deb</a> Size/MD5 checksum: 53520 89ceeef920ad596b129365a1f6876818 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge6_sparc.deb</a> Size/MD5 checksum: 73596 cca4a24557097c3be9dc611d686d0688 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge6_sparc.deb</a> Size/MD5 checksum: 93348 0a954f5b7f637eeaea3b656699314b99 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge6_sparc.deb</a> Size/MD5 checksum: 114068 e7a1986874465f458987516f27a705d1 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge6_sparc.deb</a> Size/MD5 checksum: 157712 2c8a0b75fc4982ee9265d2dd8cab2cc4 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge6_sparc.deb</a> Size/MD5 checksum: 126780 d6faa238b06d1ff65c6b20b54c7b4fac <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge6_sparc.deb</a> Size/MD5 checksum: 194584 39322280b333988d5cce973c7c00cdad <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge6_sparc.deb</a> Size/MD5 checksum: 330436 27d8b24e5a2bbb57d8078c7b1d391d53 Debian 4.0 (stable) - --------------- Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch5.dsc target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch5.dsc</a> Size/MD5 checksum: 876 e8f30ac6b710091985a2b669632ca174 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4.orig.tar.gz target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4.orig.tar.gz</a> Size/MD5 checksum: 11017910 a675e5953bb8a29b5c6eb6f4ab0bb32a <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch5.diff.gz target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5_1.4.4-7etch5.diff.gz</a> Size/MD5 checksum: 1590551 c7d7bfb6aa34876ec8b5d0767ed65c2d Architecture independent packages: <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.4.4-7etch5_all.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.4.4-7etch5_all.deb</a> Size/MD5 checksum: 1806352 0e3b03d93b1a62a41f9d004d3f6a69eb alpha architecture (DEC Alpha) <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_alpha.deb</a> Size/MD5 checksum: 76136 61c8f8b99cd2c5e08fe20121d5a33119 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_alpha.deb</a> Size/MD5 checksum: 461032 12fe64d352941f674f01b875532ec91f <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_alpha.deb</a> Size/MD5 checksum: 91648 ee8cf04beb8687f4afc0684fbed232e9 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_alpha.deb</a> Size/MD5 checksum: 1087614 dc627be2679028513f541ab0db184758 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_alpha.deb</a> Size/MD5 checksum: 245650 57d128cab47e74d75ad56da8b81866fe <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_alpha.deb</a> Size/MD5 checksum: 154868 4cac528d66a64df26a385bb15552061c <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_alpha.deb</a> Size/MD5 checksum: 136110 a0d904994baba8064c640014e238020c <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_alpha.deb</a> Size/MD5 checksum: 216328 7e96a8117e5397282f9027dc99fee308 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_alpha.deb</a> Size/MD5 checksum: 89690 a14489d539fc5274175e92b8c1f99cc4 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_alpha.deb</a> Size/MD5 checksum: 65866 c153e17e3514e566d1b719bd4941c3f2 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_alpha.deb</a> Size/MD5 checksum: 1017046 543b2403aee468ad0a1692708de9a587 amd64 architecture (AMD x86_64 (AMD64)) <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_amd64.deb</a> Size/MD5 checksum: 83852 4e7e51683f130dfdbaaaa2b6bbdfd70b <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_amd64.deb</a> Size/MD5 checksum: 61474 5ed45d3180ad5cda0839f53d8d9fc716 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_amd64.deb</a> Size/MD5 checksum: 768634 4f227f866f481d0a11a90b1a41d14bbb <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_amd64.deb</a> Size/MD5 checksum: 141926 5944b339ff70c630a2d04026dc8a436c <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_amd64.deb</a> Size/MD5 checksum: 68170 d5b5cc9a99c26889dcf685f88cc92a9a <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_amd64.deb</a> Size/MD5 checksum: 129822 8f01b6b85827382fcb2ac54b561a1ec0 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_amd64.deb</a> Size/MD5 checksum: 222262 b16ea5bddeb302c73844a465d5b27020 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_amd64.deb</a> Size/MD5 checksum: 1072208 5458abcef1aa9174a703a51d9910bf42 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_amd64.deb</a> Size/MD5 checksum: 190378 b663d232374d5d8ea6a1aeb6596e1e66 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_amd64.deb</a> Size/MD5 checksum: 426424 39665f5600ac062e43d78823f79016a6 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_amd64.deb</a> Size/MD5 checksum: 86108 786e35f5915b137445eb034ef1f53eee arm architecture (ARM) <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_arm.deb</a> Size/MD5 checksum: 1013602 3087dae461053141fd9099ba1bf1f520 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_arm.deb</a> Size/MD5 checksum: 63418 6d76005bc5336972fff07aa9961bcbca <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_arm.deb</a> Size/MD5 checksum: 682712 20f548e7e7fe59ffc450c46c58b73fd1 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_arm.deb</a> Size/MD5 checksum: 136110 b1774fea7cea371790dc1d7b9a293395 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_arm.deb</a> Size/MD5 checksum: 173154 785af0fd07d78658edb4a4c25082ca22 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_arm.deb</a> Size/MD5 checksum: 59834 e369f2b68c8090e91191718d207da76d <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_arm.deb</a> Size/MD5 checksum: 206238 c69f58637e68a2d455750e32b5b770c0 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_arm.deb</a> Size/MD5 checksum: 390054 b972d264ad97b69120ee4e4d898f3055 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_arm.deb</a> Size/MD5 checksum: 81426 82979ab1f34edf407dc1a32f4be2a911 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_arm.deb</a> Size/MD5 checksum: 123540 f9534a82bfa054018029c9a3934fc121 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_arm.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_arm.deb</a> Size/MD5 checksum: 78826 62163e751d27902012a16758fbbf67e0 hppa architecture (HP PA RISC) <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_hppa.deb</a> Size/MD5 checksum: 1050680 8ea8f26032837464c794e615623ac59e <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_hppa.deb</a> Size/MD5 checksum: 87564 ec92090e89dc2c03500c52cbd188e4c3 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_hppa.deb</a> Size/MD5 checksum: 441724 6cc26ce6c3e4fa233222786b15bc08ac <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_hppa.deb</a> Size/MD5 checksum: 64206 fa4e68946117f10d2dbbcea75fabe5d0 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_hppa.deb</a> Size/MD5 checksum: 132802 23e6e453b5943c8df76fd87a18fe2182 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_hppa.deb</a> Size/MD5 checksum: 85370 9011819683422a091d363e0d0064e82e <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_hppa.deb</a> Size/MD5 checksum: 815220 652f24a16193c3d8bf9f128000888850 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_hppa.deb</a> Size/MD5 checksum: 145028 88cb8fd42c037cca495bb200a8d5bacd <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_hppa.deb</a> Size/MD5 checksum: 69692 0ce8e82456cc62420ba31f7ce0aa3a39 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_hppa.deb</a> Size/MD5 checksum: 201216 b7aa6c970117a632b2e60d14829ba7b7 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_hppa.deb</a> Size/MD5 checksum: 232082 7a823371e31f4b3e937a4e9d7a83d09b i386 architecture (Intel ia32) <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_i386.deb</a> Size/MD5 checksum: 80306 8c8461beb8bd866080134bf1a25ef557 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_i386.deb</a> Size/MD5 checksum: 62446 22a83f7567df841b9f34ffc133534a64 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_i386.deb</a> Size/MD5 checksum: 133360 5e72e490c20ac03f49b7fd6921047048 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_i386.deb</a> Size/MD5 checksum: 680166 991c24aa3b8e2d82f07e49865d70119b <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_i386.deb</a> Size/MD5 checksum: 408376 f375a2157e2b1de2eadecbb2f03c8637 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_i386.deb</a> Size/MD5 checksum: 174112 f9efe4ee2c52dba6806f548d778e0f53 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_i386.deb</a> Size/MD5 checksum: 58050 b99734e1b92043a8cc816c588b04fce5 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_i386.deb</a> Size/MD5 checksum: 196558 0b03b5d3920efa1c5efbf8cbe3901f15 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_i386.deb</a> Size/MD5 checksum: 124206 21cc6d63e1eeaeb9deb70e227d61d84b <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_i386.deb</a> Size/MD5 checksum: 1037936 a1a2470171c5403563ed285be9caaa9a <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_i386.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_i386.deb</a> Size/MD5 checksum: 78598 80b9f57c39a90e17b67480271ec8cc2a ia64 architecture (Intel ia64) <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_ia64.deb</a> Size/MD5 checksum: 305920 940370e13598d9c00b123f97aa3f09ad <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_ia64.deb</a> Size/MD5 checksum: 164602 6dd81cf1a5487ad63e2ab3cf1ce342f1 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_ia64.deb</a> Size/MD5 checksum: 112994 4ccb79847d301064e5e6496f2577b5e5 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_ia64.deb</a> Size/MD5 checksum: 80324 88cc01f93ed8fe3b9c9861176050f004 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_ia64.deb</a> Size/MD5 checksum: 105592 8745ddb42d7cb7afb95ef4f946a26c60 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_ia64.deb</a> Size/MD5 checksum: 1088562 0d2cdc97965b7827a78bca972aed38fd <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_ia64.deb</a> Size/MD5 checksum: 91338 40c9d44d05f3262c1a5d6950c4255e16 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_ia64.deb</a> Size/MD5 checksum: 269600 4acf36a3831bd4d2bb0af4d9130d0f27 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_ia64.deb</a> Size/MD5 checksum: 1043576 6e487c186d462bc98b8ccdfbb5891324 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_ia64.deb</a> Size/MD5 checksum: 190500 4cc37a9cd6bb13da4ca73f87b60738d3 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_ia64.deb</a> Size/MD5 checksum: 592208 ac3bd63fc244d99757d33c8b8fa8f745 mips architecture (MIPS (Big Endian)) <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_mips.deb</a> Size/MD5 checksum: 71184 99f78076e71ddc74b7809de695945048 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_mips.deb</a> Size/MD5 checksum: 128534 d08156f659ccfaa953e612ab0f1be1e0 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_mips.deb</a> Size/MD5 checksum: 86416 a0ccc69288f43974099646a0b4df2702 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_mips.deb</a> Size/MD5 checksum: 807408 caa736a161edf63d4b7b0200642293cc <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_mips.deb</a> Size/MD5 checksum: 81794 820abd7cda885cfbcd651eeb819b6ea2 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_mips.deb</a> Size/MD5 checksum: 176908 eb82211002e6f5fa451b8c6fc72cd8c5 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_mips.deb</a> Size/MD5 checksum: 230468 6498dab212c73d4c618a77b105d40302 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_mips.deb</a> Size/MD5 checksum: 389766 cb2be7e8aa8890f3011c7721474048cb <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_mips.deb</a> Size/MD5 checksum: 145004 1d8436cb03bf8df56127ab37a1787096 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_mips.deb</a> Size/MD5 checksum: 62920 610d234fcd0e209b0d2e6c0f3be39f6b <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_mips.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_mips.deb</a> Size/MD5 checksum: 1112710 5b98f43fa267c04b32bc96927ad868a2 mipsel architecture (MIPS (Little Endian)) <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_mipsel.deb</a> Size/MD5 checksum: 87478 dce62567d27548de56ad38615fd5a8fe <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_mipsel.deb</a> Size/MD5 checksum: 71596 8cfffdf23386228753133a6d675a75dc <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_mipsel.deb</a> Size/MD5 checksum: 131106 22011c6b9dfeaf6318baffbb40b4b005 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_mipsel.deb</a> Size/MD5 checksum: 63834 9a2e78369d8fa1d0d8688eb48e443518 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_mipsel.deb</a> Size/MD5 checksum: 810348 c36eb2099ac9fd31e57d5693ec8eb92b <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_mipsel.deb</a> Size/MD5 checksum: 82652 3699856d5fe3d28c74e0e66469d05859 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_mipsel.deb</a> Size/MD5 checksum: 1087382 a5cac22f1da48cbb4c80f7f736b70b2f <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_mipsel.deb</a> Size/MD5 checksum: 179494 4a1d3e8cc558c330b9f4a6bded87913b <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_mipsel.deb</a> Size/MD5 checksum: 145716 1f45bb37dd7e13ea4c6b21f52c43c657 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_mipsel.deb</a> Size/MD5 checksum: 232788 88bc4c67b09b541769a7a00abc5d2688 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_mipsel.deb</a> Size/MD5 checksum: 391848 05272bb8eb78e5e3fa374c9cb6597403 powerpc architecture (PowerPC) <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_powerpc.deb</a> Size/MD5 checksum: 222776 d87408739c95de5b207a88550278a0d0 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_powerpc.deb</a> Size/MD5 checksum: 1083104 a5a89067cd381199a75e9751be977884 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_powerpc.deb</a> Size/MD5 checksum: 143844 488e4411a9d507c14961e8c1a867a18b <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_powerpc.deb</a> Size/MD5 checksum: 84364 fd1d52f855615c98fc8d207dcea36d2f <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_powerpc.deb</a> Size/MD5 checksum: 137308 16ac4ae9b3a4eec6e584d4b9902771ed <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_powerpc.deb</a> Size/MD5 checksum: 399370 2c4951062f1fa124af1a36a8b0c1e761 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_powerpc.deb</a> Size/MD5 checksum: 86864 33e72918f1ae2f968537d4e3328237b8 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_powerpc.deb</a> Size/MD5 checksum: 67384 3547b618672d7e775018128fa421551d <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_powerpc.deb</a> Size/MD5 checksum: 753506 cdc2c41be06d280160c3f7ee8b7f3417 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_powerpc.deb</a> Size/MD5 checksum: 61930 dad1ac368a357004137a4beaf0a4f8ba <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_powerpc.deb</a> Size/MD5 checksum: 179574 499b4b287b5726f7a8afea620d5606c5 s390 architecture (IBM S/390) <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.4.4-7etch5_s390.deb</a> Size/MD5 checksum: 63392 7e446e33886543cc1432026dbde49ea8 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.4.4-7etch5_s390.deb</a> Size/MD5 checksum: 87886 02735411cb4acaa71b8aa72bf7d9683d <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_s390.deb</a> Size/MD5 checksum: 438990 5aacff7c6ec54f708cb98fa0718bfcc0 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.4.4-7etch5_s390.deb</a> Size/MD5 checksum: 129266 31c153db1328ee93b97e64bdb01a3cc3 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.4.4-7etch5_s390.deb</a> Size/MD5 checksum: 195506 d3175c75393ac80363919b170e1446e0 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_s390.deb</a> Size/MD5 checksum: 1073530 ac4c767b43f20d304e9683ebfddf3a68 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.4.4-7etch5_s390.deb</a> Size/MD5 checksum: 224438 5a59744997773137c0409af842e7fdf0 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.4.4-7etch5_s390.deb</a> Size/MD5 checksum: 68782 57ed0962a4cf4f2f7c7d60edf52449ed <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_s390.deb</a> Size/MD5 checksum: 140470 8fd23a0ec4c4b5c81c48d7b0228a5fa8 <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_s390.deb</a> Size/MD5 checksum: 82118 7a84a0ceeb5110380a231be90d6f36ce <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_s390.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.4.4-7etch5_s390.deb</a> Size/MD5 checksum: 733368 6a3ea5e404cebc11888aaad6fdc2cedd sparc architecture (Sun SPARC/UltraSPARC) <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.4.4-7etch5_sparc.deb</a> Size/MD5 checksum: 131724 561314d157da780fc7de7c06524e8a3c <a href=http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.4.4-7etch5_sparc.deb</a> Size/MD5 checksum: 77124 6de298978f0404514a0b16d863efa276 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.4.4-7etch5_sparc.deb</a> Size/MD5 checksum: 961534 754258b22c1eaf83c3167775c3138a58 <a href=http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.4.4-7etch5_sparc.deb target=_blank>http://security.debian.org/pool/updates
idSSV:3062
last seen2017-11-19
modified2008-03-20
published2008-03-20
reporterRoot
titleMIT Kerberos 5 KDC多个内存破坏信息泄露漏洞

References