502 matches found
Important: Red Hat Security Advisory: krb5 security update
Updated krb5 packages that fix several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to...
Critical: Red Hat Security Advisory: krb5 security update
Updated krb5 packages that fix several security flaws are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to...
Debian DSA-1276-1 : krb5 - several vulnerabilities
Several remote vulnerabilities have been discovered in the MIT reference implementation of the Kerberos network authentication protocol suite, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-0956 It...
krb5 security update
CentOS Errata and Security Advisory CESA-2007:0095 Updated krb5 packages that fix a number of issues are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers...
[SECURITY] Fedora Core 5 Update: krb5-1.4.3-5.4
Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords...
[SECURITY] Fedora Core 6 Update: krb5-1.5-21
Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords...
[SECURITY] Fedora Core 5 Update: krb5-1.4.3-5.3
Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords...
[SECURITY] Fedora Core 6 Update: krb5-1.5-13
Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords...
Debian DSA-757-1 : krb5 - buffer overflow, double-free memory
Daniel Wachdorf reported two problems in the MIT krb5 distribution used for network authentication. First, the KDC program from the krb5-kdc package can corrupt the heap by trying to free memory which has already been freed on receipt of a certain TCP connection. This vulnerability can cause the...
[SECURITY] [DSA 757-1] New krb5 packages fix multiple vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA 757-1 [email protected] http://www.debian.org/security/ Michael Stone July 17, 2005 http://www.debian.org/security/faq - ------------------------------------------------------------------------...
MIT Kerberos 5 contains double free vulnerability in "krb5_recvauth()" function
Overview An unauthenticated attacker can cause krb5recvauth function to free a block of memory twice, possibly leading to arbitrary code execution. Description Kerberos is a network authentication system that uses a trusted third party a KDC to authenticate clients and servers to each other. It i...
MIT Kerberos 5 allows unauthenticated attacker to cause MIT krb5 Key Distribution Center to overflow a heap buffer by one byte
Overview Unauthenticated attacker can cause MIT krb5 Key Distribution Center KDC to overflow a heap buffer by one byte, possibly leading to arbitrary code execution. Description Kerberos is a network authentication system which uses a trusted third party a KDC to authenticate clients and servers ...
APG Technology ClassMaster - Unauthorized Folder Access
source: https://www.securityfocus.com/bid/13604/info ClassMaster is reportedly affected by a vulnerability that may allow attackers to gain unauthorized access to users' folders. An attacker is able to gain complete access to user shares over a network without providing any sort of authentication...
DEBIAN-CVE-2005-0096
Memory leak in the NTLM fakeauthauth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service memory consumption...
DEBIAN-CVE-2005-0097
The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service crash via a malformed NTLM type 3 message that triggers a NULL dereference...
[SA12694] AIX Network Authentication Service Multiple Vulnerabilities
TITLE: AIX Network Authentication Service Multiple Vulnerabilities SECUNIA ADVISORY ID: SA12694 VERIFY ADVISORY: http://secunia.com/advisories/12694/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: From remote OPERATING SYSTEM: AIX 5.x http://secunia.com/product/213/ SOFTWARE: IBM...
DEBIAN-CVE-2004-0541
Buffer overflow in the ntlmcheckauth NTLM authentication function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password "pass" variable...
Mandrake Linux Security Advisory : krb5 (MDKSA-2003:043-1)
Multiple vulnerabilities have been found in the Kerberos network authentication system. The MIT Kerberos team have released an advisory detailing these vulnerabilities, a description of which follows. An integer signedness error in the ASN.1 decoder before version 1.2.5 allows remote attackers to...
RHEL 2.1 : krb5 (RHSA-2003:052)
Updated kerberos packages fix a number of vulnerabilities found in MIT Kerberos. Kerberos is a network authentication system. The MIT Kerberos team released an advisory describing a number of vulnerabilities that affect the kerberos packages shipped by Red Hat. An integer signedness error in the...
Vulnerabilities in KTH Kerberos IV
OVERVIEW Kerberos is a network authentication protocol which by using secret-key cryptography provides authentication over insecure networks. There are at least two common free Kerberos implementations: MIT and KTH Royal Institute of Techology, Sweden. The latter is included in OpenBSD and FreeBS...