15 matches found
MiracleLinux 3 : krb5-1.6.1-36.AXS3.2 (AXSA:2010-210:02)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2010-210:02 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartex...
Scientific Linux Security Update : krb5 on SL5.x i386/x86_64
A use-after-free flaw was discovered in the MIT Kerberos administration daemon, kadmind. A remote, authenticated attacker could use this flaw to crash the kadmind daemon. Administrative privileges are not required to trigger this flaw, as any realm user can request information about their own...
Gentoo Security Advisory GLSA 201201-13 (mit-krb5)
The remote host is missing updates announced in advisory GLSA 201201-13. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...
SuSE 11 Security Update : krb5 (SAT Patch Number 2235)
Authenticated users could crash the kadmind process by referencing freed memory CVE-2010-0629. This has been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is...
Fedora 11 : krb5-1.6.3-29.fc11 (2010-6108)
Sol Jerome noticed that the kadmind server daemon could be made to dereference freed memory and crash. This update backports the changeset which contains the fix for this bug CVE-2010-0629. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
RHEL 5 : krb5 (RHSA-2010:0343)
Updated krb5 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
openSUSE Security Update : krb5 (openSUSE-SU-2010:0099-1)
Authenticated users could crash the kadmind process by referencing freed memory CVE-2010-0629. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update krb5-2267. The text description of this plugin is...
openSUSE Security Update : krb5 (openSUSE-SU-2010:0099-1)
Authenticated users could crash the kadmind process by referencing freed memory CVE-2010-0629. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update krb5-2267. The text description of this plugin is...
[SECURITY] [DSA 2031-1] New krb5 packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-2031-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano April 11, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2031-1] New krb5 packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-2031-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano April 11, 2010 http://www.debian.org/security/faq -...
krb5 security and bug fix update
1.6.1-36.el55.3 - add upstream patch to fix a few use-after-free bugs, including one in kadmind CVE-2010-0629, 578185 1.6.1-36.el55.2 - pull changes to libkrb5 to properly handle and chase off-path referrals back from 1.7 574387...
CVE-2010-0629
Use-after-free vulnerability in kadmin/server/serverstubs.c in kadmind in MIT Kerberos 5 aka krb5 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service daemon crash via a request from a kadmin client that sends an invalid API version number...
CVE-2010-0629
CVE-2010-0629 describes a use-after-free in the MIT Kerberos 5 kadmind component (server_stubs.c) that can allow a remote authenticated user to crash kadmind, causing a denial of service. The affected range is MIT Kerberos 5 1.5 through 1.6.3. The vulnerability is triggered by a kadmin client sen...
USN-924-1: Kerberos vulnerabilities
Sol Jerome discovered that the Kerberos kadmind service did not correctly free memory. An unauthenticated remote attacker could send specially crafted traffic to crash the kadmind process, leading to a denial of service. CVE-2010-0629 It was discovered that Kerberos did not correctly free memory ...
MITKRB5-SA-2010-003 [CVE-2010-0629] denial of service in kadmind in older krb5 releases
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MITKRB5-SA-2010-003 MIT krb5 Security Advisory 2010-003 Original release: 2010-04-06 Last update: 2010-04-06 Topic: denial of service in kadmind in older krb5 releases CVE-2010-0629 denial of service in kadmind in older krb5 releases CVSSv2 Vector:...