Lucene search
K

27 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:49 p.m.48 views

K16441: MIT Kerberos 5 vulnerability CVE-2014-9423

Security Advisory Description The svcauthgssacceptseccontext function in lib/rpc/svcauthgss.c in MIT Kerberos 5 aka krb5 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized interposer data to clients, which allows remote attackers to obtain sensitive...

5CVSS7.8AI score0.0389EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2015:0257-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.2AI score0.06213EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2015:0290-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS6.9AI score0.06213EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2015/10/16 12:0 a.m.26 views

SUSE: Security Advisory for krb5 (SUSE-SU-2015:0290-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS7AI score0.06213EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/10/13 12:0 a.m.35 views

SUSE: Security Advisory for krb5 (SUSE-SU-2015:0257-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS7.6AI score0.06213EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.34 views

Oracle: Security Advisory (ELSA-2015-0439)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS6.7AI score0.08085EPSS
Exploits0References2
IBM AIX
IBM AIX
added 2015/05/21 5:6 a.m.213 views

Multiple Security vulnerabilities in IBM NAS(kerberos)

IBM SECURITY ADVISORY First Issued : Thu May 21 05:06:05 CDT 2015 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/nasadvisory3.asc https://aix.software.ibm.com/aix/efixes/security/nasadvisory3.asc...

9CVSS7.9AI score0.06213EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.39 views

SUSE SLED12 / SLES12 Security Update : krb5 (SUSE-SU-2015:0290-2)

MIT kerberos krb5 was updated to fix several security issues and bugs. Security issues fixed: CVE-2014-5351: The kadm5randkeyprincipal3 function in lib/kadm5/srv/svrprincipal.c in kadmind in MIT Kerberos 5 aka krb5 sent old keys in a response to a -randkey -keepold request, which allowed remote...

9CVSS6.8AI score0.06213EPSS
Exploits0References14
F5 Networks
F5 Networks
added 2015/04/15 12:0 a.m.46 views

SOL16441 - MIT Kerberos 5 vulnerability CVE-2014-9423

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy...

5CVSS3.4AI score0.0389EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/03/13 12:0 a.m.38 views

Fedora Update for krb5 FEDORA-2015-2347

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS7.9AI score0.06213EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/10 12:0 a.m.32 views

Fedora 20 : krb5-1.11.5-18.fc20 (2015-2382)

Security fix for CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423 Security fix for CVE-2014-5351 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as muc...

9CVSS7AI score0.06213EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2015/03/10 12:0 a.m.35 views

Fedora Update for krb5 FEDORA-2015-2382

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.7AI score0.08085EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/03/06 12:0 a.m.32 views

RedHat Update for krb5 RHSA-2015:0439-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.5AI score0.08085EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/05 12:0 a.m.35 views

RHEL 7 : krb5 (RHSA-2015:0439)

Updated krb5 packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

9CVSS7.3AI score0.08085EPSS
Exploits0References21
FreeBSD
FreeBSD
added 2015/02/20 12:0 a.m.34 views

krb5 1.12 -- New release/fix multiple vulnerabilities

The MIT Kerberos team announces the availability of MIT Kerberos 5 Release 1.12.3: Fix multiple vulnerabilities in the LDAP KDC back end. CVE-2014-5354 CVE-2014-5353 Fix multiple kadmind vulnerabilities, some of which are based in the gssrpc library. CVE-2014-5352 CVE-2014-5352 CVE-2014-9421...

9CVSS7.3AI score0.06213EPSS
Exploits0References1
CVE
CVE
added 2015/02/19 11:0 a.m.101 views

CVE-2014-9423

CVE-2014-9423 affects MIT Kerberos 5 (krb5) in lib/rpc/svc_auth_gss.c, code paths in krb5 1.11.x (1.11.0–1.11.5), 1.12.x (1.12.0–1.12.2), and 1.13.x prior to 1.13.1. The issue transmits uninitialized interposer data to clients, allowing remote attackers to obtain sensitive information from a proc...

5CVSS5.9AI score0.0389EPSS
Exploits0References13Affected Software1
ArchLinux
ArchLinux
added 2015/02/17 12:0 a.m.45 views

krb5: multiple issues

CVE-2014-5352 authenticated remote code execution: In the MIT krb5 libgssapikrb5 library, after gssprocesscontexttoken is used to process a valid context deletion token, the caller is left with a security context handle containing a dangling pointer. Further uses of this handle will result in...

9CVSS1.7AI score0.06213EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2015/02/12 12:0 a.m.24 views

openSUSE Security Update : krb5 (openSUSE-2015-128)

krb5 was updated to fix five security issues. These security issues were fixed : - CVE-2014-5351: current keys returned when randomizing the keys for a service principal bnc897874 - CVE-2014-5352: An authenticated attacker could cause a vulnerable application including kadmind to crash or to...

9CVSS7.4AI score0.06213EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2015/02/12 12:0 a.m.30 views

SuSE 11.3 Security Update : krb5 (SAT Patch Number 10282)

krb5 has been updated to fix four security issues : - gssprocesscontexttoken incorrectly frees context bsc912002. CVE-2014-5352 - kadmind doubly frees partial deserialization results bsc912002. CVE-2014-9421 - kadmind incorrectly validates server principal name bsc912002. CVE-2014-9422 - libgssrp...

9CVSS7.6AI score0.06213EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2015/02/11 12:0 a.m.29 views

Ubuntu 14.04 LTS : Kerberos vulnerabilities (USN-2498-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2498-1 advisory. It was discovered that Kerberos incorrectly sent old keys in response to a -randkey -keepold request. An authenticated remote attacker could use this iss...

9CVSS7.6AI score0.06213EPSS
Exploits0References8
Rows per page
Query Builder