58 matches found
Amazon Linux 2 : krb5 (ALAS-2022-1845)
It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1845 advisory. A flaw was found in krb5. MIT Kerberos 5 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit...
RHEL 8 : Red Hat Virtualization Host security update [ovirt-4.4.6] (Moderate) (RHSA-2021:2239)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:2239 advisory. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host,...
NewStart CGSL MAIN 6.02 : krb5 Vulnerability (NS-SA-2022-0057)
The remote NewStart CGSL host, running version MAIN 6.02, has krb5 packages installed that are affected by a vulnerability: - MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c...
AlmaLinux 8 : krb5 (ALSA-2021:1593)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1593 advisory. - MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the...
Security Bulletin: Vulnerability in MIT Kerberos 5 (CVE-2020-28196) affects HMC
Summary MIT Kerberos 5 krb5 is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-28196 DESCRIPTION: MIT Kerberos 5 aka krb5 is vulnerable to a denial of service, caused by an unbounded recursion flaw in...
CVE-2020-28196 affecting package krb5 1.17-4
CVE-2020-28196 affecting package krb5 1.17-4. An upgraded version of the package is available that resolves this issue...
Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2021-2141)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.2 : krb5 (EulerOS-SA-2021-2141)
According to the version of the krb5 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because...
Oracle Linux 7 : krb5 (ELSA-2021-9294)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-9294 advisory. 1.15.1-50.0.1 - Add recursion limit for ASN.1 indefinite lengths Orabug: 32582360 Tenable has extracted the preceding description block directly from the Oracle...
SUSE: Security Advisory (SUSE-SU-2020:3377-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 8 : krb5 (ELSA-2021-1593)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1593 advisory. - Add recursion limit for ASN.1 indefinite lengths CVE-2020-28196 Tenable has extracted the preceding description block directly from the Oracle Linux security...
krb5 security update
1.18.2-8 - Add recursion limit for ASN.1 indefinite lengths CVE-2020-28196 - Resolves: 1906492 1.18.2-7 - Document -k option in kvno1 synopsis - Resolves: 1869055 1.18.2-6 - Enable MD5 override for FIPS RADIUS - Resolves: 1872689 1.18.2-5.2 - Unify kvno option documentation - Resolves: 1869055...
CentOS 8 : krb5 (CESA-2021:1593)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:1593 advisory. - krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1encode.c may lead to DoS CVE-2020-28196 Note that Nessus has not tested...
Moderate: krb5 security update
Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...
RLSA-2021:1593 Moderate: krb5 security update
Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...
Oracle MySQL Server 8.0 <= 8.0.23 Security Update (cpuapr2021) - Windows
Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...
SUSE: Security Advisory (SUSE-SU-2020:3375-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:3379-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : krb5 (EulerOS-SA-2021-1685)
According to the version of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the...
Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2021-1685)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...