15 matches found
Gentoo Security Advisory GLSA 201201-13 (mit-krb5)
The remote host is missing updates announced in advisory GLSA 201201-13. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...
MIT Kerberos KDC Cross Realm Referral Denial of Service (CVE-2009-3295)
Kerberos is a protocol that allows for the negotiation of an authenticated, and optionally encrypted, communication channel between two points on a network. A denial of service vulnerability has been reported in MIT's Kerberos. The vulnerability is due to a NULL pointer dereference in the KDC...
Fedora Update for krb5 FEDORA-2010-8805
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for krb5 FEDORA-2010-7130
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for krb5 FEDORA-2010-4677
Check for the Version of krb5 OpenVAS Vulnerability Test Fedora Update for krb5 FEDORA-2010-4677 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
Fedora Update for krb5 FEDORA-2010-4677
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for krb5 FEDORA-2010-1722
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 12 : krb5-1.7-15.fc12 (2009-13539)
This update incorporates the upstream patches to fix CVE-2009-3295, a remotely- triggerable crash in the KDC. This update also addresses some packaging bugs, makes changes to the PAM support in ksu, and backports a change which allows GSSAPI acceptors to store delegated Kerberos credentials in...
SuSE Update for krb5 SUSE-SA:2010:006
Check for the Version of krb5 OpenVAS Vulnerability Test SuSE Update for krb5 SUSE-SA:2010:006 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...
openSUSE Security Update : krb5 (krb5-1795)
Specially crafted AES and RC4 packets could allow unauthenticated remote attackers to trigger an integer overflow leads to heap memory corruption CVE-2009-4212. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...
openSUSE Security Update : krb5 (krb5-1792)
Specially crafted ticket requests could crash the kerberos server CVE-2009-3295. Specially crafted AES and RC4 packets could allow unauthenticated remote attackers to trigger an integer underflow that leads to heap memory corruption CVE-2009-4212. %NASLMINLEVEL 70300 C Tenable Network Security,...
Fedora Update for krb5 FEDORA-2009-13539
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2009-3295
The prepreprocessreq function in kdc/dotgsreq.c in the cross-realm referral implementation in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 before 1.7.1 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a ticket request...
CVE-2009-3295
CVE-2009-3295 : In MIT Kerberos 5, the prep_reprocess_req function in kdc/do_tgs_req.c of the cross-realm referral KDC allows remote attackers to trigger a NULL pointer dereference, causing a denial of service (daemon crash). Affected: MIT Kerberos 5 up to version 1.7.x prior to 1.7.1. Root cause...
MITKRB5-SA-2009-003 [CVE-2009-3295] KDC denial of service in cross-realm referral processing
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MITKRB5-SA-2009-003 MIT krb5 Security Advisory 2009-003 Original release: 2009-12-28 Last update: 2009-12-28 Topic: KDC denial of service in cross-realm referral processing CVE-2009-3295 KDC denial of service in cross-realm referral processing CVSSv2...