Lucene search
K

32 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/02/23 7:48 p.m.58 views

Security Bulletin: IBM Security Network Intrusion Prevention System is affected by krb5 vulnerabilities (CVE-2014-4341, CVE-2013-1418 )

Summary Security vulnerabilities have been discovered in krb5 used with IBM Security Intrusion Prevention System. Vulnerability Details CVEID: CVE-2014-4341 DESCRIPTION: MIT Kerberos is vulnerable to a denial of service, caused by a NULL pointer dereference. By injecting invalid tokens into a...

5CVSS6.6AI score0.07138EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2014:0989-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.6AI score0.07138EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/01/11 12:0 a.m.26 views

F5 Networks BIG-IP : MIT Kerberos 5 vulnerability (K15552)

MIT Kerberos 5 aka krb5 before 1.12.2 allows remote attackers to cause a denial of service buffer over-read and application crash by injecting invalid tokens into a GSSAPI application session. CVE-2014-4341 Impact A remote attacker may be able to cause a denial of service DoS by injecting invalid...

5CVSS7.4AI score0.07138EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.31 views

Oracle: Security Advisory (ELSA-2014-1245)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.1AI score0.07138EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.27 views

Oracle: Security Advisory (ELSA-2014-1389)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS6.6AI score0.08085EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.23 views

Amazon Linux: Security Advisory (ALAS-2014-443)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS6.6AI score0.08085EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/03/10 12:0 a.m.35 views

Fedora Update for krb5 FEDORA-2015-2382

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.7AI score0.08085EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/03/06 12:0 a.m.32 views

RedHat Update for krb5 RHSA-2015:0439-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.5AI score0.08085EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/05 12:0 a.m.34 views

RHEL 7 : krb5 (RHSA-2015:0439)

Updated krb5 packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

9CVSS7.3AI score0.08085EPSS
Exploits0References21
Tenable Nessus
Tenable Nessus
added 2015/02/26 12:0 a.m.36 views

FreeBSD : krb5 1.11 -- New release/fix multiple vulnerabilities (dbf9e66c-bd50-11e4-a7ba-206a8a720317)

The MIT Kerberos team announces the availability of MIT Kerberos 5 Release 1.11.6 : Handle certain invalid RFC 1964 GSS tokens correctly to avoid invalid memory reference vulnerabilities. CVE-2014-4341 Fix memory management vulnerabilities in GSSAPI SPNEGO. CVE-2014-4343 CVE-2014-4344 Fix buffer...

9CVSS6.8AI score0.08085EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2015/02/25 12:0 a.m.35 views

krb5 1.11 -- New release/fix multiple vulnerabilities

The MIT Kerberos team announces the availability of MIT Kerberos 5 Release 1.11.6: Handle certain invalid RFC 1964 GSS tokens correctly to avoid invalid memory reference vulnerabilities. CVE-2014-4341 Fix memory management vulnerabilities in GSSAPI SPNEGO. CVE-2014-4343 CVE-2014-4344 Fix buffer...

9CVSS8.1AI score0.08085EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/11/18 12:0 a.m.34 views

Amazon Linux AMI : krb5 (ALAS-2014-443)

It was found that if a KDC served multiple realms, certain requests could cause the setupserverrealm function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request. CVE-2013-1418 , CVE-2013-6800 A NULL pointer...

8.5CVSS7.1AI score0.08085EPSS
Exploits0References8
Amazon
Amazon
added 2014/11/11 12:0 a.m.33 views

Medium: krb5

Issue Overview: It was found that if a KDC served multiple realms, certain requests could cause the setupserverrealm function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request. CVE-2013-1418, CVE-2013-6800 A NU...

8.5CVSS7.7AI score0.08085EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/10/14 12:0 a.m.50 views

Scientific Linux Security Update : krb5 on SL5.x i386/x86_64 (20140916)

It was found that if a KDC served multiple realms, certain requests could cause the setupserverrealm function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request. CVE-2013-1418, CVE-2013-6800 A NULL pointer...

7.8CVSS6.9AI score0.07138EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/10/14 12:0 a.m.38 views

RHEL 6 : krb5 (RHSA-2014:1389)

Updated krb5 packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

8.5CVSS7.1AI score0.08085EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2014/09/18 12:0 a.m.41 views

Oracle Linux 5 : krb5 (ELSA-2014-1245)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1245 advisory. - gssapi: pull in upstream fix for a possible NULL dereference in spnego CVE-2014-4344, 1121509 - fix what appears to be a cosmetic error in the patch...

7.8CVSS7.1AI score0.07138EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2014/09/17 12:0 a.m.48 views

krb5 security and bug fix update

1.6.1-78.el5 - gssapi: pull in upstream fix for a possible NULL dereference in spnego CVE-2014-4344, 1121509 1.6.1-77.el5 - fix what appears to be a cosmetic error in the patch for self-tests for CVE-2014-4341 1.6.1-76.el5 - run the backported self-tests, such as they are, for CVE-2014-4341...

7.8CVSS1.3AI score0.07138EPSS
Exploits0
IBM AIX
IBM AIX
added 2014/08/28 3:15 a.m.56 views

Multiple Security vulnerabilities in IBM NAS

IBM SECURITY ADVISORY First Issued : Thu Aug 28 03:15:00 CDT 2014 | Updated: Fri Sep 5 01:11:34 CDT 2014 | Update: The same ifix with a packaging change has been added in | Update: "A. FIXES" section. The most recent version of this document is available here:...

7.8CVSS6.4AI score0.07138EPSS
Exploits0
OpenVAS
OpenVAS
added 2014/08/27 12:0 a.m.30 views

Fedora Update for krb5 FEDORA-2014-9305

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS7.6AI score0.08085EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2014/08/15 12:0 a.m.27 views

Fedora Update for krb5 FEDORA-2014-9315

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS7.6AI score0.08085EPSS
Exploits1References2
Rows per page
Query Builder