Environment
Novell Modular Authentication Service (NMAS)
Novell Open Enterprise Server 2 (OES 2)
Novell Open Enterprise Server (Linux based)
Novell Open Enterprise Server (NetWare based)
Novell Open Enterprise Server 2 (OES 2)
Novell Open Enterprise Server (Linux based)
Novell Open Enterprise Server (NetWare based)
Situation
MITKRB5-SA-2009-002 - CVE-2009-0846 has been fixed in the following Open Enterprise Server rpoducts:
- NKDC (novell-kerberos-base 1.5-32.4) in OES2. (NKDC was discontinued in OES2 SP1 and beyond, so only fixed in SP0.)
- Kerberos functionality (novell-xad-krb5 1.6.4842-0.4.1) in Domain Services for Windows OES2 SP1. (DSfW first appeared in OES2 SP1, and didn't exist in earlier releases of OES.)
Status
Security AlertBug Number
491146
492387
Additional Information
Details on CVE-2009-0846 should be reviewed @ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0846