Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2014-5351

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The kadm5randkeyprincipal3 function in lib/kadm5/srv/svrprincipal.c in kadmind in MIT Kerberos 5 aka krb5 before 1.13 sends old keys in a response to a -randkey...

2.1CVSS6.7AI score0.02616EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.13 views

RHEL 5 : krb5 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - krb5: kadmind doubly frees partial deserialization results MITKRB5-SA-2015-001 CVE-2014-9421 - krb5:...

6.5CVSS6.3AI score0.39969EPSS
Exploits0References14
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2014-0477)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.1CVSS6.5AI score0.02616EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2015:0290-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS6.9AI score0.06213EPSS
Exploits0References6
Debian
Debian
added 2018/01/31 5:6 p.m.31 views

[SECURITY] [DLA 1265-1] krb5 security update

Package : krb5 Version : 1.10.1+dfsg-5+deb7u9 CVE ID : CVE-2013-1418 CVE-2014-5351 CVE-2014-5353 CVE-2014-5355 CVE-2016-3119 CVE-2016-3120 Debian Bug : 728845 762479 773226 778647 819468 832572 Kerberos, a system for authenticating users and services on a network, was affected by several...

6.5CVSS7.3AI score0.39969EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/10/16 12:0 a.m.26 views

SUSE: Security Advisory for krb5 (SUSE-SU-2015:0290-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS7AI score0.06213EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.39 views

SUSE SLED12 / SLES12 Security Update : krb5 (SUSE-SU-2015:0290-2)

MIT kerberos krb5 was updated to fix several security issues and bugs. Security issues fixed: CVE-2014-5351: The kadm5randkeyprincipal3 function in lib/kadm5/srv/svrprincipal.c in kadmind in MIT Kerberos 5 aka krb5 sent old keys in a response to a -randkey -keepold request, which allowed remote...

9CVSS6.8AI score0.06213EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2015/03/10 12:0 a.m.32 views

Fedora 20 : krb5-1.11.5-18.fc20 (2015-2382)

Security fix for CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423 Security fix for CVE-2014-5351 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as muc...

9CVSS7AI score0.06213EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2015/03/10 12:0 a.m.35 views

Fedora Update for krb5 FEDORA-2015-2382

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.7AI score0.08085EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/02/12 12:0 a.m.24 views

openSUSE Security Update : krb5 (openSUSE-2015-128)

krb5 was updated to fix five security issues. These security issues were fixed : - CVE-2014-5351: current keys returned when randomizing the keys for a service principal bnc897874 - CVE-2014-5352: An authenticated attacker could cause a vulnerable application including kadmind to crash or to...

9CVSS7.4AI score0.06213EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2015/02/11 12:0 a.m.29 views

Ubuntu 14.04 LTS : Kerberos vulnerabilities (USN-2498-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2498-1 advisory. It was discovered that Kerberos incorrectly sent old keys in response to a -randkey -keepold request. An authenticated remote attacker could use this iss...

9CVSS7.6AI score0.06213EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2015/02/11 12:0 a.m.28 views

Ubuntu: Security Advisory (USN-2498-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8AI score0.06213EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/01/27 12:0 a.m.44 views

AIX NAS Advisory : nas_advisory2.asc

The version of the Network Authentication Service NAS installed on the remote AIX host is affected by a vulnerability related to Kerberos 5 which allows authenticated users to retrieve current keys, which can be used to forge tickets. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text ...

2.1CVSS6.8AI score0.02616EPSS
Exploits0References3
IBM AIX
IBM AIX
added 2015/01/20 4:42 a.m.195 views

AIX NAS vulnerability

IBM SECURITY ADVISORY First Issued:Tue Jan 20 04:42:45 CST 2015 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/nasadvisory2.asc https://aix.software.ibm.com/aix/efixes/security/nasadvisory2.asc...

2.1CVSS6.3AI score0.02616EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/11/23 12:0 a.m.30 views

Mandriva Linux Security Advisory : krb5 (MDVSA-2014:224)

Updated krb5 packages fix security vulnerability : The kadm5randkeyprincipal3 function in lib/kadm5/srv/svrprincipal.c in kadmind in MIT Kerberos 5 aka krb5 before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authenticated users to forge tickets by...

2.1CVSS6.8AI score0.02616EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/11/13 12:0 a.m.15 views

SuSE 11.3 Security Update : krb5 (SAT Patch Number 9827)

This update for krb5 fixes the following issues : - When randomizing the keys for a service principal, current keys could be returned. CVE-2014-5351 - klist -s crashes when handling multiple referral entries. bnc890623 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

2.1CVSS6.7AI score0.02616EPSS
Exploits0References4
ALT Linux
ALT Linux
added 2014/10/31 12:0 a.m.36 views

Security fix for the ALT Linux 8 package krb5 version 1.13-alt1

Oct. 31, 2014 Alexey Shabalin 1.13-alt1 - 1.13 - fixed CVE-2014-5351 - move header from /usr/include/krb5 to /usr/include - drop kdcrotate service - update krb5.conf: + add logging example + add realms example + add domainrealm example + define defaultccachename as KEYRING:persistent:%uid...

2.1CVSS6.5AI score0.02616EPSS
Exploits0
ALT Linux
ALT Linux
added 2014/10/31 12:0 a.m.19 views

Security fix for the ALT Linux 7 package krb5 version 1.13-alt1

Oct. 31, 2014 Alexey Shabalin 1.13-alt1 - 1.13 - fixed CVE-2014-5351 - move header from /usr/include/krb5 to /usr/include - drop kdcrotate service - update krb5.conf: + add logging example + add realms example + add domainrealm example + define defaultccachename as KEYRING:persistent:%uid...

2.1CVSS6.5AI score0.02616EPSS
Exploits0
ALT Linux
ALT Linux
added 2014/10/31 12:0 a.m.23 views

Security fix for the ALT Linux 9 package krb5 version 1.13-alt1

Oct. 31, 2014 Alexey Shabalin 1.13-alt1 - 1.13 - fixed CVE-2014-5351 - move header from /usr/include/krb5 to /usr/include - drop kdcrotate service - update krb5.conf: + add logging example + add realms example + add domainrealm example + define defaultccachename as KEYRING:persistent:%uid...

2.1CVSS6.5AI score0.02616EPSS
Exploits0
OSV
OSV
added 2014/10/10 1:55 a.m.11 views

CVE-2014-5351

The kadm5randkeyprincipal3 function in lib/kadm5/srv/svrprincipal.c in kadmind in MIT Kerberos 5 aka krb5 before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authenticated users to forge tickets by leveraging administrative access...

6.1AI score
Exploits0References15
Rows per page
Query Builder