14 matches found
Oracle Linux 4 : mod_auth_kerb (ELSA-2006-0746)
From Red Hat Security Advisory 2006:0746 : Updated modauthkerb packages that fix a security flaw and a bug in multiple realm handling are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. modauthkerb is...
Gentoo Security Advisory GLSA 200701-14 (mod_auth_kerb)
The remote host is missing updates announced in advisory GLSA 200701-14. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
[SECURITY] [DSA 1247-1] New libapache-mod-auth-kerb packages fix remote denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1247-1 [email protected] http://www.debian.org/security/ Noah Meyerhans January 08, 2007 - ------------------------------------------------------------------------ Package :...
Low mod_auth_kerb security update
5.0-1.3.el4 - add fix for CVE-2006-5989 Nalin Dahyabhai, 216482...
CentOS 4 : mod_auth_kerb (CESA-2006:0746)
Updated modauthkerb packages that fix a security flaw and a bug in multiple realm handling are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. modauthkerb is module for the Apache HTTP Server designed to...
RHEL 4 : mod_auth_kerb (RHSA-2006:0746)
The remote Redhat Enterprise Linux 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2006:0746 advisory. modauthkerb is module for the Apache HTTP Server designed to provide Kerberos authentication over HTTP. An off by one flaw was found in the way...
mod_auth_kerb security update
CentOS Errata and Security Advisory CESA-2006:0746 Updated modauthkerb packages that fix a security flaw and a bug in multiple realm handling are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. modauthke...
Low: Red Hat Security Advisory: mod_auth_kerb security update
Updated modauthkerb packages that fix a security flaw and a bug in multiple realm handling are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. modauthkerb is module for the Apache HTTP Server designed to...
[ MDKSA-2006:218 ] - Updated apache-mod_auth_kerb packages fixes DoS vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2006:218 http://www.mandriva.com/security/ Package : apache-modauthkerb Date : November 23, 2006 Affected: Corporate 4.0 Problem Description: An off-by-one error in the dergetoid function in modauthkerb 5.0 allow...
CVE-2006-5989
Off-by-one error in the dergetoid function in modauthkerb 5.0 allows remote attackers to cause a denial of service crash via a crafted Kerberos message that triggers a heap-based buffer overflow in the component array...
CVE-2006-5989
Off-by-one error in the dergetoid function in modauthkerb 5.0 allows remote attackers to cause a denial of service crash via a crafted Kerberos message that triggers a heap-based buffer overflow in the component array...
CVE-2006-5989
Off-by-one error in the dergetoid function in modauthkerb 5.0 allows remote attackers to cause a denial of service crash via a crafted Kerberos message that triggers a heap-based buffer overflow in the component array...
CVE-2006-5989
CVE-2006-5989 arises from an off-by-one bug in the der_get_oid() handling within mod_auth_kerb 5.0, causing a heap-based buffer overflow in the component array. Multiple advisories (Debian DSA-1247-1, Gentoo GLSA-200701-14, Fedora 2006-1341) describe that a crafted Kerberos message could crash th...
CVE-2006-5989
Off-by-one error in the dergetoid function in modauthkerb 5.0 allows remote attackers to cause a denial of service crash via a crafted Kerberos message that triggers a heap-based buffer overflow in the component array...