26 matches found
Oracle Linux 5 : Important: / krb5 (ELSA-2007-0562)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0562 advisory. 1.3.4-49 - add patch to fix buffer overflow in kadmind 239073, CVE-2007-2798 1.3.4-48 - add patch to fix buffer overflow and double-free in rpc library...
Scientific Linux Security Update : krb5 on SL3.x i386/x86_64
David Coffey discovered an uninitialized pointer free flaw in the RPC library used by kadmind. A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash or potentially execute arbitrary code as root. CVE-2007-2442 David Coffey also discovered an...
Scientific Linux Security Update : krb5 on SL5.x, SL4.x, SL3.x i386/x86_64
David Coffey discovered an uninitialized pointer free flaw in the RPC library used by kadmind. On Scientific Linux 4 and 5, glibc detects attempts to free invalid pointers. A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash. CVE-2007-2442...
HP-UX PHSS_41167 : HP-UX Running Kerberos, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02544 SSRT100107 rev.1)
s700800 11.23 KRB5-Client Version 1.0 Cumulative patch : Potential security vulnerabilities have been identified on HP-UX running Kerberos. These vulnerabilities could be exploited by remote unauthenticated users to create a Denial of Service DoS or to execute arbitrary code. %NASLMINLEVEL 70300 ...
Mandriva Update for krb5 MDKSA-2007:137 (krb5)
Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDKSA-2007:137 krb5 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Ubuntu: Security Advisory (USN-477-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for krb5 FEDORA-2007-0740
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for krb5 FEDORA-2007-620
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
SuSE Update for krb5 SUSE-SA:2007:038
Check for the Version of krb5 OpenVAS Vulnerability Test $Id: gbsuse2007038.nasl 8050 2017-12-08 09:34:29Z santu $ SuSE Update for krb5 SUSE-SA:2007:038 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you...
Gentoo Security Advisory GLSA 200707-11 (mit-krb5)
The remote host is missing updates announced in advisory GLSA 200707-11. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Debian: Security Advisory (DSA-1323-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 6.06 LTS / 6.10 / 7.04 : krb5 vulnerabilities (USN-477-1)
Wei Wang discovered that the krb5 RPC library did not correctly handle certain error conditions. A remote attacker could cause kadmind to free an uninitialized pointer, leading to a denial of service or possibly execution of arbitrary code with root privileges. CVE-2007-2442 Wei Wang discovered...
Mac OS X Multiple Vulnerabilities (Security Update 2007-007)
The remote host is running a version of Mac OS X 10.4 or 10.3 which does not have the security update 2007-007 applied. This update contains several security fixes for the following programs : - bzip2 - CFNetwork - CoreAudio - cscope - gnuzip - iChat - Kerberos - mDNSResponder - PDFKit - PHP -...
Debian DSA-1323-1 : krb5 - several vulnerabilities
Several remote vulnerabilities have been discovered in the MIT reference implementation of the Kerberos network authentication protocol suite, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-2442 We...
USN-477-1: krb5 vulnerabilities
Wei Wang discovered that the krb5 RPC library did not correctly handle certain error conditions. A remote attacker could cause kadmind to free an uninitialized pointer, leading to a denial of service or possibly execution of arbitrary code with root privileges. CVE-2007-2442 Wei Wang discovered...
Mandrake Linux Security Advisory : krb5 (MDKSA-2007:137)
David Coffey discovered an uninitialized pointer free flaw in the RPC library used by kadmind. A remote unauthenticated attacker who could access kadmind could trigger the flaw causing kadmind to crash or possibly execute arbitrary code CVE-2007-2442. David Coffey also discovered an overflow flaw...
CVE-2007-2798
Stack-based buffer overflow in the renameprincipal2svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal...
CVE-2007-2798
CVE-2007-2798 : Stack-based buffer overflow in the kadmind rename_principal_2_svc function of MIT Kerberos (krb5) 1.5.3, 1.6.1 and related builds. An authenticated remote attacker could execute arbitrary code by sending a crafted request to rename a principal. Connected advisories (MiracleLinux A...
Critical: Red Hat Security Advisory: krb5 security update
Updated krb5 packages that fix several security flaws are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to...
Important: krb5 security update
1.3.4-49 - add patch to fix buffer overflow in kadmind 239073, CVE-2007-2798 1.3.4-48 - add patch to fix buffer overflow and double-free in rpc library 239073, CVE-2007-2442/CVE-2007-2443...