Astra Linux - уязвимость в heimdal, krb5

PAC parsing in MIT Kerberos 5 also known as krb5 before versions 1.19.4 and 1.20.x before version 1.20.1 contains integer overflows that may lead to remote code execution in the KDC, kadmind, or a GSS or Kerberos application server on 32-bit platforms. This results in a heap-based buffer overflow...

JLSEC-2026-91

PAC parsing in MIT Kerberos 5 aka krb5 before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution in KDC, kadmind, or a GSS or Kerberos application server on 32-bit platforms which have a resultant heap-based buffer overflow, and cause a denial of service ...

MiracleLinux 8 : krb5-1.18.2-22.el8 (AXSA:2022-4355:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4355:04 advisory. krb5: integer overflow vulnerabilities in PAC parsing CVE-2022-42898 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 7 : krb5-1.15.1-55.el7 (AXSA:2022-4203:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4203:03 advisory. krb5: integer overflow vulnerabilities in PAC parsing CVE-2022-42898 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : krb5-1.19.1-24.el9 (AXSA:2023-4928:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4928:02 advisory. krb5: integer overflow vulnerabilities in PAC parsing CVE-2022-42898 Tenable has extracted the preceding description block directly from the MiracleLinux...

TencentOS Server 3: krb5 (TSSA-2022:0230)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0230 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Siemens SIMATIC S7-1500 Integer Overflow or Wraparound (CVE-2022-42898)

PAC parsing in MIT Kerberos 5 aka krb5 before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution in KDC, kadmind, or a GSS or Kerberos application server on 32-bit platforms which have a resultant heap-based buffer overflow, and cause a denial of service ...

USN-7582-2: Samba regression

USN-7582-1 fixed vulnerabilities in Samba. The update introduced a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker...

USN-7582-1: Samba vulnerabilities

Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. CVE-2022-3437 Greg Hudson discovered that Samba incorrectly handled PAC parsing. On...

USN-7582-1 samba vulnerabilities

Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. CVE-2022-3437 Greg Hudson discovered that Samba incorrectly handled PAC parsing. On...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Samba vulnerabilities (USN-7582-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7582-1 advisory. Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could...

krb5 security update

1.15.1-55.0.3 - Length check when parsing GSS token encapsulation Orabug: 36927256 - Add a simple DER support header Orabug: 36927256 - Fix vulnerabilities in GSS message token handling Orabug: 36927256 1.15.1-55.0.1 - Add recursion limit for ASN.1 indefinite lengths Orabug: 32582360 1.15.1-55 -...

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2024-2273)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for krb5 (SUSE-SU-2023:0198-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL MAIN 5.04 : krb5 Multiple Vulnerabilities (NS-SA-2023-0102)

The remote NewStart CGSL host, running version MAIN 5.04, has krb5 packages installed that are affected by multiple vulnerabilities: - The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/dotgsreq.c via a FAST inne...

EulerOS Virtualization 3.0.6.6 : samba (EulerOS-SA-2023-2434)

According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to...

EulerOS Virtualization 3.0.6.6 : krb5 (EulerOS-SA-2023-2426)

According to the versions of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - PAC parsing in MIT Kerberos 5 aka krb5 before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code...

CLSA-2023-1689701119 Fix CVE(s): CVE-2021-3738, CVE-2022-42898

SECURITY UPDATE: use after free in Samba AD DC RPC server - debian/patches/CVE-2021-3738-pre.patch: prepare service routines before fixing CVE-2021-3738 - debian/patches/CVE-2021-3738.patch: avoids a crash caused by use-after-free in Samba AD DC RPC server - CVE-2021-3738.patch SECURITY UPDATE:...

krb5: integer overflow vulnerabilities in PAC parsing

A vulnerability was found in MIT krb5. This flaw allows an authenticated attacker to cause a KDC or kadmind process to crash by reading beyond the bounds of allocated memory, creating a denial of service. A privileged attacker may similarly be able to cause a Kerberos or GSS application service t...

EulerOS Virtualization 3.0.6.0 : krb5 (EulerOS-SA-2023-2222)

According to the versions of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - PAC parsing in MIT Kerberos 5 aka krb5 before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code...