Oracle Solaris Third-Party Patch Update : kerberos (cve_2010_1322_improper_input)

The remote Solaris system is missing necessary patches to address security updates : - The mergeauthdata function in kdcauthdata.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.8.x before 1.8.4 does not properly manage an index into an authorization-data list, which allows remot...

openSUSE Security Update : krb5 (openSUSE-SU-2010:1053-1)

Multiple remote vulnerabilities in the MIT krb5 package have been fixed. They affect client as well as server software. CVE-2010-1323, CVE-2010-1324,CVE-2010-4020 and CVE-2010-4021 have been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

Oracle Linux 6 : krb5 (ELSA-2011-0200)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0200 advisory. - add upstream patches to fix standalone kpropd exiting if the per-client child process exits with an error, and hang or crash in the KDC when using th...

Gentoo Security Advisory GLSA 201201-13 (mit-krb5)

The remote host is missing updates announced in advisory GLSA 201201-13. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

Fedora Update for krb5 FEDORA-2011-14650

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001)

This host is missing an important security update according to Mac OS X 10.6.6 Update/Mac OS X Security Update 2011-001. OpenVAS Vulnerability Test $Id: secpodmacosxsu11-001.nasl 7015 2017-08-28 11:51:24Z teissa $ Mac OS X v10.6.6 Multiple Vulnerabilities 2011-001 Authors: Antu Sanadi Copyright:...

openSUSE Security Update : krb5 (openSUSE-SU-2010:1053-1)

Multiple remote vulnerabilities in the MIT krb5 package have been fixed. They affect client as well as server software. CVE-2010-1323, CVE-2010-1324,CVE-2010-4020 and CVE-2010-4021 have been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

openSUSE Security Update : krb5 (openSUSE-SU-2010:1053-1)

Multiple remote vulnerabilities in the MIT krb5 package have been fixed. They affect client as well as server software. CVE-2010-1323, CVE-2010-1324,CVE-2010-4020 and CVE-2010-4021 have been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

Fedora Update for krb5 FEDORA-2011-5345

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2011-0007 Synopsis: VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console Iss...

VMSA-2011-0007 : VMware ESXi and ESX Denial of Service and third-party updates for Likewise components and ESX Service Console

a. ESX/ESXi Socket Exhaustion By sending malicious network traffic to an ESXi or ESX host an attacker could exhaust the available sockets which would prevent further connections to the host. In the event a host becomes inaccessible its virtual machines will continue to run and have network...

Fedora Update for krb5 FEDORA-2011-1225

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

krb5 security update

1.8.2-3.4 - add upstream patches to fix standalone kpropd exiting if the per-client child process exits with an error, and hang or crash in the KDC when using the LDAP kdb backend CVE-2010-4022, CVE-2011-0281, CVE-2011-0282, 671101 1.8.2-3.3 - pull up crypto changes made between 1.8.2 and 1.8.3 t...

FreeBSD Ports: krb5

The remote host is missing an update to the system as announced in the referenced advisory. VID 1d193bba-03f6-11e0-bf50-001a926c7637 OpenVAS Vulnerability Test $ Description: Auto generated from VID 1d193bba-03f6-11e0-bf50-001a926c7637 Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...

Ubuntu Update for krb5 vulnerabilities USN-1030-1

Ubuntu Update for Linux kernel vulnerabilities USN-1030-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10301.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for krb5 vulnerabilities USN-1030-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Fedora Update for krb5 FEDORA-2010-18409

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 14 : krb5-1.8.2-7.fc14 (2010-18409)

This update incorporates the upstream patches to correct bugs outlined in MITKRB5-SA-2010-007 CVE-2010-1323, CVE-2010-1324, and CVE-2010-4020. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

CVE-2010-4020

MIT Kerberos 5 aka krb5 1.8.x through 1.8.3 does not reject RC4 key-derivation checksums, which might allow remote authenticated users to forge a 1 AD-SIGNEDPATH or 2 AD-KDC-ISSUED signature, and possibly gain privileges, by leveraging the small key space that results from certain one-byte...

CVE-2010-4020

MIT Kerberos 5 aka krb5 1.8.x through 1.8.3 does not reject RC4 key-derivation checksums, which might allow remote authenticated users to forge a 1 AD-SIGNEDPATH or 2 AD-KDC-ISSUED signature, and possibly gain privileges, by leveraging the small key space that results from certain one-byte...

CVE-2010-4020

MIT Kerberos 5 aka krb5 1.8.x through 1.8.3 does not reject RC4 key-derivation checksums, which might allow remote authenticated users to forge a 1 AD-SIGNEDPATH or 2 AD-KDC-ISSUED signature, and possibly gain privileges, by leveraging the small key space that results from certain one-byte...