| AnNyung Official Homepage | Home > Update [ 1.3 ] |
|
HOME What is AnNyung Documents Packages System White Paper Download Update . 3.x [RSS] . 2.x [RSS] . 1.3 [RSS] . 1.2 [RSS] . 1.1 [RSS] . 1.0 [RSS] FAQ Hardware RoadMap Gallery |
|
krb5 보안 업데이트 
Web Browser 로는 FTP 접속이 불가능 합니다. 문서번호 : 1206432070 업데이트 : 2008.03.25 상세내용 1.3.4-54.1 update - fixed CVE-2007-5971 - fixed CVE-2008-0062 - fixed CVE-2008-0063 CVE-2007-5971: Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. CVE-2008-0062: KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer dereference or double-free. CVE-2008-0063: The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values." Autoupdates 지원 : Packages System pkgadd -F "krb5*" update 패키지 RPMS : . krb5-libs-1.3.4-54.1.i686.rpm . krb5-server-1.3.4-54.1.i686.rpm . krb5-workstation-1.3.4-54.1.i686.rpm . krb5-devel-1.3.4-54.1.i686.rpm SRPMS : . krb5-1.3.4-54.1.src.rpm 참고 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063 |
Home > Update [ 1.3 ]
Copyright 2024 OOPS Development Organization
LAST MODIFIED: 2018/04/10