Environment
Novell Modular Authentication Service (NMAS)
Novell Open Enterprise Server 2 (OES 2) Linux
Novell Open Enterprise Server (NetWare 6.5)
Novell Open Enterprise Server 2 (OES 2) Linux
Novell Open Enterprise Server (NetWare 6.5)
Situation
As per the disclosed facts in MITKRB5-SA-2009-003 [CVE-2009-3295] OES2 is not vulnerable.
Novell KDC in OES2 is based on MIT KDC version 1.6.2 and the vulnerability is in MIT krb5-1.7.
Novell KDC in OES2 is based on MIT KDC version 1.6.2 and the vulnerability is in MIT krb5-1.7.
Resolution
N/A
Status
Security AlertAdditional Information
MIT announcement:
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-003.txt
CVE: CVE-2009-3295
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3295
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-003.txt
CVE: CVE-2009-3295
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3295