CVE-2017-2659

It was found that dropbear before version 2013.59 with GSSAPI leaks whether given username is valid or invalid. When an invalid username is given, the GSSAPI authentication failure was incorrectly counted towards the maximum allowed number of password attempts...

CVE-2017-2659

CVE-2017-2659 affects dropbear prior to 2013.59, where GSSAPI authentication failures are incorrectly counted toward the maximum password attempts when an invalid username is supplied. This leaks whether a username is valid or invalid during authentication, exposing a side channel that can aid cr...

openSUSE Security Update : python-paramiko (openSUSE-2019-129)

This update for python-paramiko to version 2.4.2 fixes the following issues : Security issue fixed : - CVE-2018-1000805: Fixed an authentication bypass in authhandler.py bsc1111151 Non-security issue fixed : - Disable experimental gssapi support bsc1115769 This update was imported from the...

Security update for python-paramiko (important)

openSUSE Security Update: Security update for python-paramiko Announcement ID: openSUSE-SU-2019:0129-1 Rating: important References: 1111151 1115769 1121846 Cross-References: CVE-2018-1000805 Affected Products: openSUSE Leap 15.0 An update that solves one vulnerability and has two fixes is now...

SUSE-SU-2019:0174-1 Security update for python-paramiko

This update for python-paramiko to version 2.4.2 fixes the following issues: Security issue fixed: - CVE-2018-1000805: Fixed an authentication bypass in authhandler.py bsc1111151 Non-security issue fixed: - Disable experimental gssapi support bsc1115769...

Privilege Escalation

389-ds-base is vulnerable to privilege escalation attacks. The vulnerability exists as the SASL authentication functionality in 389 Directory Server before 1.2.11.26 allows remote authenticated users to connect as an arbitrary user and gain privileges via the authzid parameter in a SASL/GSSAPI bi...

CVE-2018-15919

OpenSSH server was found to respond differently to failed GSSAPI authentication attempts when the target user existed versus when that user did not exist. A remote attacker could use this bug to test for the existence of particular usernames on a target system. Mitigation If GSSAPI Authentication...

Fedora 27 : openssh (2017-96d1995b70)

This update provides new upstream release OpenSSH 7.6 with several bug fixes and new features, including CVE-2017-15906, compatibility with WinSCP, improvement for PAM stack, enablement for s390x sandbox, new GSSAPI key exchange methods and improvement of handling kerberos tickets. Note that...

F5 Networks BIG-IP : MIT Kerberos 5 vulnerability (K15552)

MIT Kerberos 5 aka krb5 before 1.12.2 allows remote attackers to cause a denial of service buffer over-read and application crash by injecting invalid tokens into a GSSAPI application session. CVE-2014-4341 Impact A remote attacker may be able to cause a denial of service DoS by injecting invalid...

Man In The Middle (MitM)

paramiko is vulnerable to man-in-the-middle MitM attacks. These attacks are possible on the ssh client when gsskey=True, the server doesnt support gssapi-keyex and doesnt give any or no host key...

Man In The Middle (MitM)

paramiko is vulnerable to man-in-the-middle MitM attacks. These attacks are possible on the ssh client when gsskey=True, the server doesn't support gssapi-keyex and doesn't give any or no host key...

git security and bug fix update

1.8.3.1-11 - dissalow repo names beginning with dash Resolves: CVE-2017-8386 -1.8.3.1-10 - do not put unsanitized branch names in Resolves: CVE-2014-9938 -1.8.3.1-9 - add control of GSSAPI credential delegation to enable HTTPS-SSO authentication Resolves: 1369173 1.8.3.1-8 - remove needles check ...

Fedora Update for globus-gssapi-gsi FEDORA-2017-0eea793538

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 26 : globus-ftp-client / globus-gass-cache-program / globus-gass-copy / etc (2017-0eea793538)

globus-ftp-client - Adapt to Perl 5.26 - POSIX::tmpnam no longer available - Remove some redundant tests to reduce test time globus-gass-cache-program - GT6 update globus-gass-copy - Don't attempt sshftp data protection without creds 9.24 - Checksum verification based on contribution from IBM 9.2...

[SECURITY] Fedora 26 Update: globus-gssapi-gsi-12.17-1.fc26

The Globus Toolkit is an open source software toolkit used for building Grid systems and applications. It is being developed by the Globus Alliance and many others all over the world. A growing number of projects and companies are using the Globus Toolkit to unlock the potential of grids for thei...

Fedora 25 : globus-ftp-client / globus-gass-cache-program / globus-gass-copy / etc (2017-7591a8e2c9)

globus-ftp-client - Adapt to Perl 5.26 - POSIX::tmpnam no longer available - Remove some redundant tests to reduce test time globus-gass-cache-program - GT6 update globus-gass-copy - Don't attempt sshftp data protection without creds 9.24 - Checksum verification based on contribution from IBM 9.2...

Fedora 24 : globus-ftp-client / globus-gass-cache-program / globus-gass-copy / etc (2017-5f8ebbd2b1)

globus-ftp-client - Adapt to Perl 5.26 - POSIX::tmpnam no longer available - Remove some redundant tests to reduce test time globus-gass-cache-program - GT6 update globus-gass-copy - Don't attempt sshftp data protection without creds 9.24 - Checksum verification based on contribution from IBM 9.2...

[SECURITY] Fedora 25 Update: globus-gssapi-gsi-12.16-1.fc25

The Globus Toolkit is an open source software toolkit used for building Grid systems and applications. It is being developed by the Globus Alliance and many others all over the world. A growing number of projects and companies are using the Globus Toolkit to unlock the potential of grids for thei...

[SECURITY] Fedora 24 Update: globus-gssapi-gsi-12.16-1.fc24

The Globus Toolkit is an open source software toolkit used for building Grid systems and applications. It is being developed by the Globus Alliance and many others all over the world. A growing number of projects and companies are using the Globus Toolkit to unlock the potential of grids for thei...

Fedora Update for globus-gssapi-gsi FEDORA-2017-5f8ebbd2b1

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...