Fedora 14 : samba-3.5.8-74.fc14 (2011-3118)

Tue Mar 8 2011 Guenther Deschner - 3.5.8-74 - Update to 3.5.8 - resolves: 596830 - Thu Mar 3 2011 Guenther Deschner - 3.5.7-73 - Security update to 3.5.7 to address CVE-2011-0719 - resolves: 681852 - Thu Jan 6 2011 Guenther Deschner - 3.5.6-72 - Fix GSSAPI checksum for some SMB servers -...

Fedora 13 : krb5-1.7.1-7.fc13 (2010-4608)

A GSSAPI-authenticated service could be remotely forced to trigger an assertion failure by sending it certain invalid messages MITKRB5-SA-2010-002, CVE-2010-0628. The included patch for adding PAM support to the bundled FTP server contained a bug which would cause the service to crash if a client...

Fedora 12 : krb5-1.7.1-6.fc12 (2010-4677)

A GSSAPI-authenticated service could be remotely forced to trigger an assertion failure by sending it certain invalid messages MITKRB5-SA-2010-002, CVE-2010-0628. The included patch for adding PAM support to the bundled FTP server contained a bug which would cause the service to crash if a client...

Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 : krb5 vulnerabilities (USN-940-1)

It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service. Only Ubuntu 6.06 LTS was affected. CVE-2007-5902,...

USN-940-1: Kerberos vulnerabilities

It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service. Only Ubuntu 6.06 LTS was affected. CVE-2007-5902,...

Novell NetMail 3.52d - IMAP (Authenticated) Buffer Overflow (Metasploit)

$Id: novellnetmailauth.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Ubuntu Update for krb5 vulnerabilities USN-924-1

Ubuntu Update for Linux kernel vulnerabilities USN-924-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9241.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for krb5 vulnerabilities USN-924-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

USN-924-1: Kerberos vulnerabilities

Sol Jerome discovered that the Kerberos kadmind service did not correctly free memory. An unauthenticated remote attacker could send specially crafted traffic to crash the kadmind process, leading to a denial of service. CVE-2010-0629 It was discovered that Kerberos did not correctly free memory ...

Security fix for the ALT Linux 6 package fetchmail version 6.3.14-alt1

March 27, 2010 Andrey Rahmatullin 6.3.14-alt1 - 6.3.14 + CVE-2010-0562: heap overrun in verbose SSL cert' info display - package COPYING - remove Packager: - fix buildreqs - fix configure warnings about GSSAPI headers - fix using optflags...

Security fix for the ALT Linux 5 package fetchmail version 6.3.14-alt1

March 27, 2010 Andrey Rahmatullin 6.3.14-alt1 - 6.3.14 + CVE-2010-0562: heap overrun in verbose SSL cert' info display - package COPYING - remove Packager: - fix buildreqs - fix configure warnings about GSSAPI headers - fix using optflags...

DEBIAN-CVE-2010-0628

The spnegogssacceptseccontext function in lib/gssapi/spnego/spnegomech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 aka krb5 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service assertion failure and daemon crash via an invalid packet that triggers...

Fedora 12 : krb5-1.7-15.fc12 (2009-13539)

This update incorporates the upstream patches to fix CVE-2009-3295, a remotely- triggerable crash in the KDC. This update also addresses some packaging bugs, makes changes to the PAM support in ksu, and backports a change which allows GSSAPI acceptors to store delegated Kerberos credentials in...

CentOS 5 : krb5 (CESA-2008:0164)

Updated krb5 packages that resolve several issues and fix multiple bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and serve...

Novell NetMail <=3.52d IMAP AUTHENTICATE Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Novell NetMa...

SLES10: Security update for cyrus-sasl

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: cyrus-sasl cyrus-sasl-crammd5 cyrus-sasl-devel cyrus-sasl-digestmd5 cyrus-sasl-gssapi cyrus-sasl-otp cyrus-sasl-plain cyrus-sasl-sqlauxprop More details may...

SLES11: Security update for cyrus-sasl

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: cyrus-sasl cyrus-sasl-crammd5 cyrus-sasl-digestmd5 cyrus-sasl-gssapi cyrus-sasl-otp cyrus-sasl-plain More details may also be found by searching for the SuSE...

SLES9: Security update for cyrus-sasl

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: cyrus-sasl cyrus-sasl-crammd5 cyrus-sasl-devel cyrus-sasl-digestmd5 cyrus-sasl-gssapi cyrus-sasl-otp cyrus-sasl-plain For more information, please visit the...

Mandriva Linux Security Advisory : krb5 (MDVSA-2008:070)

A memory management flaw was found in the GSSAPI library used by Kerberos that could result in an attempt to free already freed memory, possibly leading to a crash or allowing the execution of arbitrary code CVE-2007-5971. A flaw was discovered in how the Kerberos krb5kdc handled Kerberos v4...

Mandriva Linux Security Advisory : krb5 (MDVSA-2008:069)

Multiple memory management flaws were found in the GSSAPI library used by Kerberos that could result in the use of already freed memory or an attempt to free already freed memory, possibly leading to a crash or allowing the execution of arbitrary code CVE-2007-5901, CVE-2007-5971. A flaw was...

Fedora 10 : krb5-1.6.3-18.fc10 (2009-2852)

This update incorporates patches to fix potential read overflow and NULL pointer dereferences in the implementation of the SPNEGO GSSAPI mechanism CVE-2009-0844, CVE-2009-0845, attempts to free an uninitialized pointer during protocol parsing CVE-2009-0846, and a bug in length validation during...