Lucene search
GoogleOSV:DSA-3153-1HistoryFeb 03, 2015 - 12:00 a.m.
krb5 - security update
2015-02-0300:00:00
Google
osv.dev
12
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.018 Low
EPSS
Percentile
86.5%
Multiple vulnerabilities have been found in krb5, the MIT
implementation of Kerberos:
- CVE-2014-5352
Incorrect memory management in the libgssapi_krb5 library might
result in denial of service or the execution of arbitrary code. - CVE-2014-9421
Incorrect memory management in kadmind’s processing of XDR data
might result in denial of service or the execution of arbitrary code. - CVE-2014-9422
Incorrect processing of two-component server principals might result
in impersonation attacks. - CVE-2014-9423
An information leak in the libgssrpc library.
For the stable distribution (wheezy), these problems have been fixed in
version 1.10.1+dfsg-5+deb7u3.
For the unstable distribution (sid), these problems have been fixed in
version 1.12.1+dfsg-17.
We recommend that you upgrade your krb5 packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| krb5 | eq | 1.10.1+dfsg-5 | |
| krb5 | eq | 1.10.1+dfsg-5+deb7u1 | |
| krb5 | eq | 1.10.1+dfsg-5+deb7u2 |
References
Related
altlinux
altlinux
Security fix for the ALT Linux 8 package krb5 version 1.13-alt3
2015-02-08 00:00:00
Security fix for the ALT Linux 9 package krb5 version 1.13-alt3
2015-02-08 00:00:00
Security fix for the ALT Linux 7 package krb5 version 1.13-alt3
2015-02-08 00:00:00
debian
debian
[SECURITY] [DSA 3153-1] krb5 security update
2015-02-03 20:50:06
[SECURITY] [DLA 146-1] krb5 security update
2015-02-07 10:52:32
freebsd
freebsd
krb5 -- Vulnerabilities in kadmind, libgssrpc, gss_process_context_token VU#540092
2015-02-03 00:00:00
krb5 1.12 -- New release/fix multiple vulnerabilities
2015-02-20 00:00:00
krb5 1.11 -- New release/fix multiple vulnerabilities
2015-02-25 00:00:00
mageia
mageia
Updated krb5 packages fix security vulnerabilities
2015-02-15 18:57:20
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:0257-1)
2021-06-09 00:00:00
Debian Security Advisory DSA 3153-1 (krb5 - security update)
2015-02-03 00:00:00
SUSE: Security Advisory for krb5 (SUSE-SU-2015:0257-1)
2015-10-13 00:00:00
nessus
nessus
suse
suse
Security update for krb5 (important)
2015-02-11 18:08:30
Security update for krb5 (important)
2015-02-16 14:05:49
Security update for krb5 (important)
2015-02-16 15:04:57
securityvulns
securityvulns
MIT Kerberos 5 multiple security vulnerabilities
2015-02-11 00:00:00
ibm
ibm
osv
osv
krb5 - security update
2015-02-07 00:00:00
aix
aix
Multiple Security vulnerabilities in IBM NAS(kerberos)
2015-05-21 05:06:05
fedora
fedora
[SECURITY] Fedora 21 Update: krb5-1.12.2-14.fc21
2015-03-12 16:33:54
[SECURITY] Fedora 21 Update: krb5-1.12.2-17.fc21
2015-06-21 00:28:50
[SECURITY] Fedora 20 Update: krb5-1.11.5-18.fc20
2015-03-09 08:18:34
archlinux
archlinux
krb5: multiple issues
2015-02-17 00:00:00
ubuntu
ubuntu
Kerberos vulnerabilities
2015-02-10 00:00:00
f5
f5
K16443 : MIT Kerberos 5 vulnerabilities CVE-2014-9421 and CVE-2014-5352
2015-04-15 00:00:00
SOL16443 - MIT Kerberos 5 vulnerabilities CVE-2014-9421 and CVE-2014-5352
2015-04-15 00:00:00
K16441 : MIT Kerberos 5 vulnerability CVE-2014-9423
2015-04-15 00:00:00
oraclelinux
oraclelinux
krb5 security update
2015-04-09 00:00:00
krb5 security, bug fix and enhancement update
2015-03-11 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:13:02
Privilege Escalation
2019-05-02 05:13:02
Denial Of Service (DoS)
2019-01-15 09:05:33
centos
centos
krb5 security update
2015-04-09 11:47:52
krb5 security update
2015-03-17 13:28:30
amazon
amazon
Medium: krb5
2015-05-05 15:44:00
redhat
redhat
(RHSA-2015:0794) Moderate: krb5 security update
2015-04-09 00:00:00
(RHSA-2015:0439) Moderate: krb5 security, bug fix and enhancement update
2015-03-05 00:00:00
ubuntucve
ubuntucve
debiancve
debiancve
prion
prion
cve
cve
attackerkb
attackerkb
Microsoft Internet Explorer Use-After-Free Vulnerability
2014-10-15 00:00:00
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.018 Low
EPSS
Percentile
86.5%
Related for OSV:DSA-3153-1