Novell Home

CVE-2008-0947

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2008-0947 at MITRE

Description

Buffer overflow in the RPC library used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.4 through 1.6.3 allows remote attackers to execute arbitrary code by triggering a large number of open file descriptors.

NVD CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entry: 363151

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE LINUX 10.1
  • krb5 >= 1.4.3-19.30.6
  • krb5-32bit >= 1.4.3-19.30.6
  • krb5-64bit >= 1.4.3-19.30.6
  • krb5-apps-clients >= 1.4.3-19.30.6
  • krb5-apps-servers >= 1.4.3-19.30.6
  • krb5-client >= 1.4.3-19.30.6
  • krb5-devel >= 1.4.3-19.30.6
  • krb5-devel-32bit >= 1.4.3-19.30.6
  • krb5-devel-64bit >= 1.4.3-19.30.6
  • krb5-server >= 1.4.3-19.30.6
openSUSE 10.2
  • krb5 >= 1.5.1-23.14
  • krb5-32bit >= 1.5.1-23.14
  • krb5-64bit >= 1.5.1-23.14
  • krb5-apps-clients >= 1.5.1-23.14
  • krb5-apps-servers >= 1.5.1-23.14
  • krb5-client >= 1.5.1-23.14
  • krb5-devel >= 1.5.1-23.14
  • krb5-devel-32bit >= 1.5.1-23.14
  • krb5-devel-64bit >= 1.5.1-23.14
  • krb5-server >= 1.5.1-23.14
openSUSE 10.3
  • krb5 >= 1.6.2-22.4
  • krb5-32bit >= 1.6.2-22.4
  • krb5-64bit >= 1.6.2-22.4
  • krb5-apps-clients >= 1.6.2-22.4
  • krb5-apps-servers >= 1.6.2-22.4
  • krb5-client >= 1.6.2-22.4
  • krb5-devel >= 1.6.2-22.4
  • krb5-devel-32bit >= 1.6.2-22.4
  • krb5-devel-64bit >= 1.6.2-22.4
  • krb5-server >= 1.6.2-22.4
SUSE Linux Enterprise Desktop 10 SP1 for x86
  • krb5 >= 1.4.3-19.30.6
  • krb5-client >= 1.4.3-19.30.6
  • krb5-devel >= 1.4.3-19.30.6
 sles10.s390x
sles10.x86
ZYPP Patch Nr: 5082
SUSE Linux Enterprise Desktop 10 SP1 for AMD64 and Intel EM64T
  • krb5 >= 1.4.3-19.30.6
  • krb5-32bit >= 1.4.3-19.30.6
  • krb5-client >= 1.4.3-19.30.6
  • krb5-devel >= 1.4.3-19.30.6
  • krb5-devel-32bit >= 1.4.3-19.30.6
 sles10.s390x
sles10.x86
ZYPP Patch Nr: 5082
SLE SDK 10 SP1 for IBM iSeries and IBM pSeries
SLE SDK 10 SP1 for IBM zSeries
SLE SDK 10 SP1 for IPF
SLE SDK 10 SP1 for X86-64
SLE SDK 10 SP1 for x86
  • krb5-apps-clients >= 1.4.3-19.30.6
  • krb5-apps-servers >= 1.4.3-19.30.6
  • krb5-server >= 1.4.3-19.30.6
 sles10.s390x
sles10.x86
ZYPP Patch Nr: 5082
SUSE Linux Enterprise Server 10 SP1 for x86
  • krb5 >= 1.4.3-19.30.6
  • krb5-apps-clients >= 1.4.3-19.30.6
  • krb5-apps-servers >= 1.4.3-19.30.6
  • krb5-client >= 1.4.3-19.30.6
  • krb5-devel >= 1.4.3-19.30.6
  • krb5-server >= 1.4.3-19.30.6
 sles10.s390x
sles10.x86
ZYPP Patch Nr: 5082
SUSE Linux Enterprise Server 10 SP1 for IPF
  • krb5 >= 1.4.3-19.30.6
  • krb5-apps-clients >= 1.4.3-19.30.6
  • krb5-apps-servers >= 1.4.3-19.30.6
  • krb5-client >= 1.4.3-19.30.6
  • krb5-devel >= 1.4.3-19.30.6
  • krb5-server >= 1.4.3-19.30.6
  • krb5-x86 >= 1.4.3-19.30.6
 sles10.s390x
sles10.x86
ZYPP Patch Nr: 5082
SUSE Linux Enterprise Server 10 SP1 for IBM POWER
  • krb5 >= 1.4.3-19.30.6
  • krb5-64bit >= 1.4.3-19.30.6
  • krb5-apps-clients >= 1.4.3-19.30.6
  • krb5-apps-servers >= 1.4.3-19.30.6
  • krb5-client >= 1.4.3-19.30.6
  • krb5-devel >= 1.4.3-19.30.6
  • krb5-devel-64bit >= 1.4.3-19.30.6
  • krb5-server >= 1.4.3-19.30.6
 sles10.s390x
sles10.x86
ZYPP Patch Nr: 5082
SUSE Linux Enterprise Server 10 SP1 for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP1 for IBM zSeries 64bit
  • krb5 >= 1.4.3-19.30.6
  • krb5-32bit >= 1.4.3-19.30.6
  • krb5-apps-clients >= 1.4.3-19.30.6
  • krb5-apps-servers >= 1.4.3-19.30.6
  • krb5-client >= 1.4.3-19.30.6
  • krb5-devel >= 1.4.3-19.30.6
  • krb5-devel-32bit >= 1.4.3-19.30.6
  • krb5-server >= 1.4.3-19.30.6
 sles10.s390x
sles10.x86
ZYPP Patch Nr: 5082

© 2012 Novell