Lucene search
+L

128 matches found

OpenVAS
OpenVAS
added 2009/04/15 12:0 a.m.21 views

Fedora Core 9 FEDORA-2009-2834 (krb5)

The remote host is missing an update to krb5 announced via advisory FEDORA-2009-2834. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

10CVSS7.4AI score0.08898EPSS
Exploits3References5
Debian
Debian
added 2009/04/09 1:33 a.m.38 views

[SECURITY] [DSA 1766-1] New krb5 packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA-1766-1 [email protected] http://www.debian.org/security/ Nico Golde April 9th, 2009 http://www.debian.org/security/faq -...

10CVSS8.1AI score0.08898EPSS
Exploits3
UbuntuCve
UbuntuCve
added 2009/04/09 12:30 a.m.36 views

CVE-2009-0846

The asn1decodegeneraltime function in lib/krb5/asn.1/asn1decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 aka krb5 before 1.6.4 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via vectors involving an invalid DER encoding that...

10CVSS7.5AI score0.08898EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/04/09 12:0 a.m.39 views

openSUSE 10 Security Update : krb5 (krb5-6139)

Clients sending negotiation requests with invalid flags could crash the kerberos server CVE-2009-0845. GSS-API clients could crash when reading from an invalid address space CVE-2009-0844. Invalid length checks could crash applications using the kerberos ASN.1 parser CVE-2009-0847. Under certain...

10CVSS7.8AI score0.08898EPSS
Exploits3References4
CVE
CVE
added 2009/04/09 12:0 a.m.127 views

CVE-2009-0846

The CVE-2009-0846 issue is in MIT Kerberos 5 (krb5) before 1.6.4. The ASN.1 GeneralizedTime decoder’s asn1_decode_generaltime function triggers a free of an uninitialized pointer when processing invalid DER encoding, enabling a remote attacker to cause a denial of service (daemon crash) or possib...

10CVSS7.5AI score0.08898EPSS
Exploits0References50Affected Software1
Tenable Nessus
Tenable Nessus
added 2009/04/08 12:0 a.m.33 views

RHEL 4 : krb5 (RHSA-2009:0409)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2009:0409 advisory. Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted...

10CVSS7.1AI score0.08898EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2009/04/08 12:0 a.m.16 views

RHEL 2.1 / 3 : krb5 (RHSA-2009:0410)

Updated krb5 packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authentica...

10CVSS7.5AI score0.08898EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2009/04/08 12:0 a.m.32 views

RHEL 5 : krb5 (RHSA-2009:0408)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:0408 advisory. - krb5: buffer over-read in SPNEGO GSS-API mechanism MITKRB5-SA-2009-001 CVE-2009-0844 - krb5: NULL pointer dereference in GSSAPI SPNEGO...

10CVSS7.7AI score0.08898EPSS
Exploits3References10
Cent OS
Cent OS
added 2009/04/07 7:40 p.m.69 views

krb5 security update

CentOS Errata and Security Advisory CESA-2009:0410 Updated krb5 packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication...

10CVSS7.4AI score0.08898EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2009/04/07 6:45 p.m.36 views

Important: Red Hat Security Advisory: krb5 security update

Updated krb5 packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authenticate to...

10CVSS7AI score0.08898EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2009/04/07 12:0 a.m.34 views

krb5 security update

1.6.1-31.el53.3 - update to revised patch for CVE-2009-0844/CVE-2009-0845 1.6.1-31.el53.2 - add fix for potential buffer read overrun in the SPNEGO GSSAPI mechanism 490635, CVE-2009-0844 - add fix for NULL pointer dereference when handling certain error cases in the SPNEGO GSSAPI mechanism 490635...

10CVSS1.7AI score0.08898EPSS
Exploits3
CVE
CVE
added 2008/02/20 9:0 p.m.45 views

CVE-2008-0846

CVE-2008-0846 is a SQL injection vulnerability in Joomla!’s com_profile component (index.php) that allows remote attackers to supply an oid parameter to execute arbitrary SQL commands. The description across multiple trusted sources confirms the same flaw and parameter. The NVD entry lists the af...

7.5CVSS8.4AI score0.00907EPSS
Exploits1References2Affected Software2
NVD
NVD
added 2007/02/08 6:28 p.m.17 views

CVE-2007-0846

Cross-site scripting XSS vulnerability in forum.php in Open Tibia Server CMS OTSCMS 2.1.5 and earlier allows remote attackers to inject arbitrary HTML or web script via the name parameter...

6.8CVSS5.8AI score0.01786EPSS
Exploits1References5
CVE
CVE
added 2007/02/08 6:0 p.m.54 views

CVE-2007-0846

CVE-2007-0846 is an XSS vulnerability in Open Tibia Server CMS (OTSCMS) ≤ 2.1.5, exploitable via the name parameter in forum.php. The underlying issue is improper input handling that allows arbitrary HTML/script injection, enabling an attacker to influence pages viewed by other users. The CVSS ba...

6.8CVSS5.8AI score0.01786EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2007/02/08 6:0 p.m.28 views

CVE-2007-0846

Cross-site scripting XSS vulnerability in forum.php in Open Tibia Server CMS OTSCMS 2.1.5 and earlier allows remote attackers to inject arbitrary HTML or web script via the name parameter...

5.8AI score0.01786EPSS
Exploits1References5
CVE
CVE
added 2006/02/22 2:0 a.m.43 views

CVE-2006-0846

CVE-2006-0846 affects Leif M. Wright’s Blog 3.5. Multiple XSS vulnerabilities allow remote attackers to inject arbitrary scripts via the Referer and User-Agent HTTP headers, which are stored in a log file and not sanitized when the administrator views the Log page (ViewCommentsLog). Root cause: l...

4.3CVSS5.7AI score0.0118EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2005/03/24 5:0 a.m.45 views

CVE-2005-0846

CVE-2005-0846 affects NetWin SurgeMail 2.2g3 and describes multiple XSS vulnerabilities in the email auto-reply message, exploitable via the (1) message subject or (2) message header field to inject arbitrary web script/HTML. Exploitation details are not provided beyond this, but a remediation is...

4.3CVSS5.8AI score0.01833EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2004/10/16 4:0 a.m.87 views

CVE-2004-0846

Microsoft Excel is affected by CVE-2004-0846 due to a buffer overflow from improper validation of certain records/parameters in Excel files. The vulnerability affects Excel 2000, Excel 2002, Excel 2001 for Mac, and Excel v.X for Mac; Excel 2004 for Mac and Office 2003/XP SP3 are not affected. An ...

7.5CVSS7.5AI score0.28348EPSS
Exploits0References9Affected Software2
NVD
NVD
added 2003/11/17 5:0 a.m.19 views

CVE-2003-0846

SuSEconfig.javarunt in the javarunt package on SuSE Linux 7.3Pro allows local users to overwrite arbitrary files via a symlink attack on the .javawrapper temporary file...

4.6CVSS6.3AI score0.00368EPSS
Exploits0References2
CVE
CVE
added 2003/10/09 4:0 a.m.62 views

CVE-2003-0846

CVE-2003-0846 affects SuSEconfig.javarunt in the javarunt package on SuSE Linux 7.3Pro. The issue enables local users to overwrite arbitrary files via a symlink attack on the temporary file .java_wrapper, indicating a local elevation/impact on file integrity. The CVSS metrics in the initial entry...

4.6CVSS6.7AI score0.00368EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder