Novell Open Enterprise Server: MITKRB5-SA-2011-002 [CVE-2011-0281 CVE-2011-0282 CVE-2011-0283]

  • 7008008
  • 28-Feb-2011
  • 27-Apr-2012

Environment

Novell Open Enterprise Server 2 (OES 2) Linux

Situation

As per the disclosed facts in MITKRB5-SA-2011-002 [CVE-2011-0281 CVE-2011-0282 CVE-2011-0283] no services in OES2 are vulnerable.

Resolution

N/A

Additional Information

Details of MITKRB5-SA-2011-002 can be found @ http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt

Domain Services for Windows (DSfw) is the only component shipping Kerberos in OES2.  The Kerberos version in DSfw is V1.6.3.

Other components like Novell DNS (from OES) uses Kerberos libraries that are delivered by the DSfw component, so patching DSfw should will always suffice.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.