24 matches found
Solaris 10 (sparc) : 123809-02
SunOS 5.10: rpcsecgss patch. Date this patch was last updated by Sun : Jun/25/07 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Oracle Linux 5 : Important: / krb5 (ELSA-2007-0562)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0562 advisory. 1.3.4-49 - add patch to fix buffer overflow in kadmind 239073, CVE-2007-2798 1.3.4-48 - add patch to fix buffer overflow and double-free in rpc library...
Scientific Linux Security Update : krb5 on SL3.x i386/x86_64
David Coffey discovered an uninitialized pointer free flaw in the RPC library used by kadmind. A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash or potentially execute arbitrary code as root. CVE-2007-2442 David Coffey also discovered an...
Scientific Linux Security Update : krb5 on SL5.x, SL4.x, SL3.x i386/x86_64
David Coffey discovered an uninitialized pointer free flaw in the RPC library used by kadmind. On Scientific Linux 4 and 5, glibc detects attempts to free invalid pointers. A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash. CVE-2007-2442...
HP-UX PHSS_41167 : HP-UX Running Kerberos, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02544 SSRT100107 rev.1)
s700800 11.23 KRB5-Client Version 1.0 Cumulative patch : Potential security vulnerabilities have been identified on HP-UX running Kerberos. These vulnerabilities could be exploited by remote unauthenticated users to create a Denial of Service DoS or to execute arbitrary code. %NASLMINLEVEL 70300 ...
Mandriva Update for krb5 MDKSA-2007:137 (krb5)
Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDKSA-2007:137 krb5 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Ubuntu: Security Advisory (USN-477-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for krb5 FEDORA-2007-2066
Check for the Version of krb5 OpenVAS Vulnerability Test Fedora Update for krb5 FEDORA-2007-2066 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
Fedora Update for krb5 FEDORA-2007-0740
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for krb5 FEDORA-2007-620
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Gentoo Security Advisory GLSA 200707-11 (mit-krb5)
The remote host is missing updates announced in advisory GLSA 200707-11. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Debian: Security Advisory (DSA-1323-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 6.06 LTS / 6.10 / 7.04 : krb5 vulnerabilities (USN-477-1)
Wei Wang discovered that the krb5 RPC library did not correctly handle certain error conditions. A remote attacker could cause kadmind to free an uninitialized pointer, leading to a denial of service or possibly execution of arbitrary code with root privileges. CVE-2007-2442 Wei Wang discovered...
Mac OS X Multiple Vulnerabilities (Security Update 2007-007)
The remote host is running a version of Mac OS X 10.4 or 10.3 which does not have the security update 2007-007 applied. This update contains several security fixes for the following programs : - bzip2 - CFNetwork - CoreAudio - cscope - gnuzip - iChat - Kerberos - mDNSResponder - PDFKit - PHP -...
Solaris 10 (sparc) : 123809-02
SunOS 5.10: rpcsecgss patch. Date this patch was last updated by Sun : Jun/25/07 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if ! definedfunc"bnrandom...
Debian DSA-1323-1 : krb5 - several vulnerabilities
Several remote vulnerabilities have been discovered in the MIT reference implementation of the Kerberos network authentication protocol suite, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-2442 We...
USN-477-1: krb5 vulnerabilities
Wei Wang discovered that the krb5 RPC library did not correctly handle certain error conditions. A remote attacker could cause kadmind to free an uninitialized pointer, leading to a denial of service or possibly execution of arbitrary code with root privileges. CVE-2007-2442 Wei Wang discovered...
Mandrake Linux Security Advisory : krb5 (MDKSA-2007:137)
David Coffey discovered an uninitialized pointer free flaw in the RPC library used by kadmind. A remote unauthenticated attacker who could access kadmind could trigger the flaw causing kadmind to crash or possibly execute arbitrary code CVE-2007-2442. David Coffey also discovered an overflow flaw...
CVE-2007-2442
The gssrpcsvcauthgssapi function in the RPC library in MIT Kerberos 5 krb5 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup...
CVE-2007-2442
CVE-2007-2442 affects MIT Kerberos 5 (krb5) RPC library. In krb5 1.6.1 and earlier, the function gssrpc__svcauth_gssapi can mishandle a zero-length RPC credential, causing kadmind to free an uninitialized pointer during cleanup. This remote flaw could enable arbitrary code execution on vulnerable...