CVE-2003-0028

Name of the Vulnerable Software and Affected Versions glibc versions 2.1.3 through 2.2.4 krb5-workstation versions 1.1.1 through 1.2.7 krb5-server versions 1.1.1 through 1.2.7 krb5-devel versions 1.1.1 through 1.2.7 krb5-libs versions 1.1.1 through 1.2.7 krb5 versions 1.1.1 through 1.2.7 glibc-common version 2.2.4 glibc-profile versions 2.1.3 through 2.2.4 glibc-devel versions 2.1.3 through 2.2.4

Description The issue is related to multiple vulnerabilities in various packages of the Red Hat Linux operating system, including glibc and krb5. These vulnerabilities can be exploited remotely, potentially leading to a breach of confidentiality, integrity, and availability of protected information. The vulnerabilities are related to integer overflows in certain functions, which can allow remote attackers to execute arbitrary code.

Recommendations For glibc versions 2.1.3 through 2.2.4, update to a version that is not affected by the vulnerability. For krb5-workstation versions 1.1.1 through 1.2.7, update to a version that is not affected by the vulnerability. For krb5-server versions 1.1.1 through 1.2.7, update to a version that is not affected by the vulnerability. For krb5-devel versions 1.1.1 through 1.2.7, update to a version that is not affected by the vulnerability. For krb5-libs versions 1.1.1 through 1.2.7, update to a version that is not affected by the vulnerability. For krb5 versions 1.1.1 through 1.2.7, update to a version that is not affected by the vulnerability. For glibc-common version 2.2.4, update to a version that is not affected by the vulnerability. For glibc-profile versions 2.1.3 through 2.2.4, update to a version that is not affected by the vulnerability. For glibc-devel versions 2.1.3 through 2.2.4, update to a version that is not affected by the vulnerability. As a temporary workaround, consider restricting access to the vulnerable functions until a patch is available.