Linux Distros Unpatched Vulnerability : CVE-2017-15088

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote attackers to...

BELL-CVE-2017-15088 CVE-2017-15088 does not affect BellSoft software

Bulletin has no description...

Mageia: Security Advisory (MGASA-2017-0420)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2948-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2018-1240)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2018-1007)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Photon OS 1.0: Krb5 PHSA-2017-1.0-0093

An update of the krb5 package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-1.0-0093. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121779;...

EulerOS 2.0 SP3 : krb5 (EulerOS-SA-2018-1398)

According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - null dereference in kadmind or DN container check bypass by supplying special crafted data CVE-2018-5729 - DN container check bypass by supplying...

EulerOS 2.0 SP1 : krb5 (EulerOS-SA-2018-1007)

According to the version of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote...

Fedora 27 : krb5 (2017-2dd6c320a4)

Fix CVE-2017-15088 Buffer overflow in getmatchingdata ---- Remove build dependency on python-pyrad. It is only used on the test suite, and we gracefully skip the tests if it is not present. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

CVE-2017-15088

plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow and application crash in situations involving untrusted X.509 data,...

CVE-2017-15088

plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow and application crash in situations involving untrusted X.509 data,...

CVE-2017-15088

CVE-2017-15088 affects MIT Kerberos 5 (krb5) up to version 1.15.2, where the code path plugins/preauth/pkinit/pkinit_crypto_openssl.c mishandles DN fields. The issue can allow a remote attacker to trigger arbitrary code execution or cause a denial of service (buffer overflow/app crash) in scenari...

openSUSE Security Update : krb5 (openSUSE-2017-1266)

This update for krb5 fixes the following securitz issue - CVE-2017-15088: A buffer overflow in getmatchingdata was fixed that could under specific circumstances be used to execute code bsc1065274 This update was imported from the SUSE:SLE-12-SP2:Update update project. %NASLMINLEVEL 70300 C Tenabl...

openSUSE: Security Advisory for krb5 (openSUSE-SU-2017:2993-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLED12 / SLES12 Security Update : krb5 (SUSE-SU-2017:2948-1)

This update for krb5 fixes the following issues: Security issues fixed : - CVE-2017-15088: A buffer overflow in getmatchingdata was fixed that could under specific circumstances be used to execute code bsc1065274 Note that Tenable Network Security has extracted the preceding description block...

SUSE-SU-2017:2948-1 Security update for krb5

This update for krb5 fixes the following issues: Security issues fixed: - CVE-2017-15088: A buffer overflow in getmatchingdata was fixed that could under specific circumstances be used to execute code bsc1065274...