Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2024-0253
HistoryJul 03, 2024 - 7:36 p.m.

Updated krb5 packages fix security vulnerabilities

2024-07-0319:36:28
Gentoo Foundation
advisories.mageia.org
5
krb5 packages
security vulnerabilities
plaintext extra count
gss krb5 wrap token
truncated
invalid memory reads
gss message token handling
cve-2024-37370
cve-2024-37371
unix

7.2 High

AI Score

Confidence

Low

JSON

Before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. (CVE-2024-37370) Before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. (CVE-2024-37371)

OSVersionArchitecturePackageVersionFilename
Mageia9noarchkrb5< 1.20.1-1.2krb5-1.20.1-1.2.mga9

Related

openvas 3
nessus 6
osv 1
alpinelinux 2
veracode 2
nvd 2
vulnrichment 1
redhatcve 2
ubuntucve 2
cvelist 2
cve 2
debiancve 2
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:2300-1)
2024-07-05 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:2303-1)
2024-07-05 00:00:00
Mageia: Security Advisory (MGASA-2024-0253)
2024-07-04 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : krb5 (SUSE-SU-2024:2302-1)
2024-07-05 00:00:00
SUSE SLES15 Security Update : krb5 (SUSE-SU-2024:2303-1)
2024-07-05 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : krb5 (SUSE-SU-2024:2307-1)
2024-07-06 00:00:00
osv
osv
krb5 - security update
2024-07-05 00:00:00
alpinelinux
alpinelinux
CVE-2024-37371
2024-06-28 23:15:11
CVE-2024-37370
2024-06-28 22:15:02
veracode
veracode
Plaintext Modification
2024-07-01 11:00:24
Denial Of Service (DoS)
2024-07-01 11:46:03
nvd
nvd
CVE-2024-37371
2024-06-28 23:15:11
CVE-2024-37370
2024-06-28 22:15:02
vulnrichment
vulnrichment
CVE-2024-37370
2024-06-28 00:00:00
redhatcve
redhatcve
CVE-2024-37371
2024-06-28 05:08:51
CVE-2024-37370
2024-06-28 05:08:57
ubuntucve
ubuntucve
CVE-2024-37370
2024-06-28 00:00:00
CVE-2024-37371
2024-06-28 00:00:00
cvelist
cvelist
CVE-2024-37370
2024-06-28 00:00:00
CVE-2024-37371
2024-06-28 00:00:00
cve
cve
CVE-2024-37370
2024-06-28 22:15:02
CVE-2024-37371
2024-06-28 23:15:11
debiancve
debiancve
CVE-2024-37370
2024-06-28 22:15:02
CVE-2024-37371
2024-06-28 23:15:11

7.2 High

AI Score

Confidence

Low

JSON
Related for MGASA-2024-0253
openvas3nessus6osv1alpinelinux2veracode2nvd2vulnrichment1redhatcve2ubuntucve2cvelist2cve2debiancve2