14 matches found
Oracle: Security Advisory (ELSA-2014-1245)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2014-1389)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2014-443)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : krb5 (ALAS-2014-443)
It was found that if a KDC served multiple realms, certain requests could cause the setupserverrealm function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request. CVE-2013-1418 , CVE-2013-6800 A NULL pointer...
Medium: krb5
Issue Overview: It was found that if a KDC served multiple realms, certain requests could cause the setupserverrealm function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request. CVE-2013-1418, CVE-2013-6800 A NU...
SOL15785 - Kerberos vulnerability CVE-2013-6800
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists...
krb5 security and bug fix update
1.10.3-33 - actually apply that last patch 1.10.3-32 - incorporate fix for MITKRB5-SA-2014-001 CVE-2014-4345, 1128157 1.10.3-31 - ksu: when evaluating .k5users, don't throw away data from .k5users when we're not passed a command to run, which implicitly means we're attempting to run the target...
RHEL 6 : krb5 (RHSA-2014:1389)
Updated krb5 packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...
Scientific Linux Security Update : krb5 on SL5.x i386/x86_64 (20140916)
It was found that if a KDC served multiple realms, certain requests could cause the setupserverrealm function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request. CVE-2013-1418, CVE-2013-6800 A NULL pointer...
Oracle Linux 5 : krb5 (ELSA-2014-1245)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1245 advisory. - gssapi: pull in upstream fix for a possible NULL dereference in spnego CVE-2014-4344, 1121509 - fix what appears to be a cosmetic error in the patch...
Fedora Update for krb5 FEDORA-2014-9305
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for krb5 FEDORA-2013-21786
Check for the Version of krb5 OpenVAS Vulnerability Test Fedora Update for krb5 FEDORA-2013-21786 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Fedora Update for krb5 FEDORA-2013-21786
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2013-6800
CVE-2013-6800 affects MIT Kerberos v5 (krb5) 1.10.x when the KDC serves multiple realms. The vulnerability is a NULL pointer dereference in setup_server_realm() that can be triggered by a crafted request, causing a DoS/daemon crash by remote authenticated users. Public notices in Debian (DLA-1265...