35 matches found
K16443: MIT Kerberos 5 vulnerabilities CVE-2014-9421 and CVE-2014-5352
Security Advisory Description CVE-2014-9421 The authgssapiunwrapdata function in lib/rpc/authgssapimisc.c in MIT Kerberos 5 aka krb5 through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly handle partial XDR deserialization, which allows remote authenticated users to cau...
Security Bulletin: IBM DataPower Gateway affected by vulnerabilities in Kerberos
Summary IBM has provided explicit mitigation for the following Kerberos CVEs. DataPower did not previously provide the conditions necessary to exploit these CVEs. The explicit mitigations provided here protect against possible future changes that might have made them exploitable. Vulnerability...
SUSE: Security Advisory (SUSE-SU-2015:0257-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:0290-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerabilities in Kerberos (krb5) affect IBM Security Network Protection (CVE-2014-5352, CVE-2014-5353, CVE-2014-5355, CVE-2014-9421, and CVE-2014-9422)
Summary IBM Security Network Protection uses Kerberos krb5 to provide network authentication. The Kerberos krb5 version that is shipped with IBM Security Network Protection contains multiple security vulnerabilities. Vulnerability Details CVE-ID: CVE-2014-5352 Description: MIT krb5 could allow a...
SUSE: Security Advisory for krb5 (SUSE-SU-2015:0290-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory for krb5 (SUSE-SU-2015:0257-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2015-0794)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2015-0439)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Multiple Security vulnerabilities in IBM NAS(kerberos)
IBM SECURITY ADVISORY First Issued : Thu May 21 05:06:05 CDT 2015 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/nasadvisory3.asc https://aix.software.ibm.com/aix/efixes/security/nasadvisory3.asc...
SUSE SLED12 / SLES12 Security Update : krb5 (SUSE-SU-2015:0290-2)
MIT kerberos krb5 was updated to fix several security issues and bugs. Security issues fixed: CVE-2014-5351: The kadm5randkeyprincipal3 function in lib/kadm5/srv/svrprincipal.c in kadmind in MIT Kerberos 5 aka krb5 sent old keys in a response to a -randkey -keepold request, which allowed remote...
RedHat Update for krb5 RHSA-2015:0794-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 6 : krb5 (CESA-2015:0794)
Updated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available fo...
krb5 security update
1.10.3-37 - fix for CVE-2014-5355 1193939 'krb5: unauthenticated denial of service in recvauthcommon and others' 1.10.3-36 - fix for CVE-2014-5353 1174543 'Fix LDAP misused policy name crash' 1.10.3-35 - Changelog fixes to make errata subsystem happy. 1.10.3-34 - fix for CVE-2014-5352 1179856...
RHEL 6 : krb5 (RHSA-2015:0794)
Updated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available fo...
Oracle Linux 7 : krb5 (ELSA-2015-0439)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0439 advisory. - fix for CVE-2014-5352 1179856 'gssprocesscontexttoken incorrectly frees context MITKRB5-SA-2015-001' - fix for CVE-2014-9421 1179857 'kadmind doubly...
Fedora Update for krb5 FEDORA-2015-2347
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 20 : krb5-1.11.5-18.fc20 (2015-2382)
Security fix for CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423 Security fix for CVE-2014-5351 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as muc...
Fedora Update for krb5 FEDORA-2015-2382
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RedHat Update for krb5 RHSA-2015:0439-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...