5 matches found
Gentoo Security Advisory GLSA 200803-31 (mit-krb5)
The remote host is missing updates announced in advisory GLSA 200803-31. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200803-31 (mit-krb5)
The remote host is missing updates announced in advisory GLSA 200803-31. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SuSE 10 Security Update : Kerberos (ZYPP Patch Number 4852)
This update fixes multiple vulnerabilities in krb5. It's unlikely that those vulnerabilities can actually be exploited. CVE-2007-5894 / CVE-2007-5902 / CVE-2007-5971 / CVE-2007-5972 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
CVE-2007-5894
The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 krb5 does not initialize the length variable when authtype has a certain value, which has unknown impact and remote authenticated attack vectors. NOTE: the original disclosure misidentifies the conditions under which the...
CVE-2007-5894
MIT Kerberos 5 (krb5) is affected by CVE-2007-5894 and related issues (CVE-2007-5902, CVE-2007-5971, CVE-2007-5972) as described in multiple advisories. The core item in CVE-2007-5894 concerns an uninitialized length variable in the gssftp ftpd handling (krb5’s GSSAPI/KDC stack), with vendor note...