Lucene search
K

23 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2016-3120

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The validateasrequest function in kdcutil.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.13.6 and 1.4.x before 1.14.3, when...

6.5CVSS6.3AI score0.0462EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2016:2136-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.9AI score0.0462EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.45 views

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2016-1076)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.3AI score0.39969EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/02/07 12:0 a.m.19 views

Photon OS 1.0: Krb5 PHSA-2017-0021

An update of the krb5 package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0021. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121701;...

6.5CVSS6.5AI score0.0462EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:34 a.m.28 views

Security Bulletin: Vulnerabilities in krb5 affect PowerKVM (CVE-2016-3119, CVE-2016-3120)

Summary PowerKVM is affected by vulnerabilities in MIT Kerberos krb5. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2016-3120 DESCRIPTION: MIT Kerberos is vulnerable to a denial of service, caused by a NULL pointer dereference in the validateasrequest function. By...

6.5CVSS2.6AI score0.39969EPSS
Exploits0Affected Software1
Debian
Debian
added 2018/01/31 5:6 p.m.31 views

[SECURITY] [DLA 1265-1] krb5 security update

Package : krb5 Version : 1.10.1+dfsg-5+deb7u9 CVE ID : CVE-2013-1418 CVE-2014-5351 CVE-2014-5353 CVE-2014-5355 CVE-2016-3119 CVE-2016-3120 Debian Bug : 728845 762479 773226 778647 819468 832572 Kerberos, a system for authenticating users and services on a network, was affected by several...

6.5CVSS7.3AI score0.39969EPSS
Exploits0
ALT Linux
ALT Linux
added 2017/04/13 12:0 a.m.106 views

Security fix for the ALT Linux 7 package krb5 version 1.13.7-alt0.M70P.1

1.13.7-alt0.M70P.1 built April 13, 2017 Evgeny Sinelnikov in task 180726 March 24, 2017 Evgeny Sinelnikov - Update to supported security release Fixes: CVE-2014-5355, CVE-2015-2694, CVE-2015-2695, CVE-2015-2696, CVE-2015-2698, CVE-2015-2697, CVE-2015-8629, CVE-2015-8630, CVE-2015-8631,...

8.5CVSS6.8AI score0.39969EPSS
Exploits0
ALT Linux
ALT Linux
added 2017/02/15 12:0 a.m.29 views

Security fix for the ALT Linux 9 package krb5 version 1.14.4-alt1.S1

Feb. 15, 2017 Evgeny Sinelnikov 1.14.4-alt1.S1 - 1.14.4 - fixed CVE-2016-3120...

4CVSS6.8AI score0.0462EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/02/07 12:0 a.m.37 views

Amazon Linux AMI : krb5 (ALAS-2017-793)

A NULL pointer dereference flaw was found in MIT Kerberos kadmind service. An authenticated attacker with permission to modify a principal entry could use this flaw to cause kadmind to dereference a NULL pointer and crash by supplying an empty DB argument to the modifyprincipal command, if kadmin...

6.5CVSS6.3AI score0.39969EPSS
Exploits0References3
Amazon
Amazon
added 2017/02/06 12:0 a.m.44 views

Low: krb5

Issue Overview: A NULL pointer dereference flaw was found in MIT Kerberos kadmind service. An authenticated attacker with permission to modify a principal entry could use this flaw to cause kadmind to dereference a null pointer and crash by supplying an empty DB argument to the modifyprincipal...

6.5CVSS6.4AI score0.39969EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/12/15 12:0 a.m.24 views

Scientific Linux Security Update : krb5 on SL7.x x86_64 (20161103)

The following packages have been upgraded to a newer upstream version: krb5 1.14.1. Security Fixes : - A NULL pointer dereference flaw was found in MIT Kerberos kadmind service. An authenticated attacker with permission to modify a principal entry could use this flaw to cause kadmind to dereferen...

6.5CVSS6.3AI score0.39969EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/11/28 12:0 a.m.39 views

CentOS 7 : krb5 (CESA-2016:2591)

An update for krb5 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE li...

6.5CVSS6.3AI score0.39969EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/11/11 12:0 a.m.34 views

Oracle Linux 7 : krb5 (ELSA-2016-2591)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-2591 advisory. - Fix CVE-2016-3120 - Fix CVE-2016-3119 LDAP NULL dereference Tenable has extracted the preceding description block directly from the Oracle Linux...

6.5CVSS6.6AI score0.39969EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2016/11/09 12:0 a.m.27 views

krb5 security, bug fix, and enhancement update

1.14.1-26 - Use responder in non-preauth AS reqs - Resolves: 1363690 1.14.1-25 - Fix bad debuglog call in selinux handling - Resolves: 1292153 1.14.1-24 - Fix KKDCPP with TLS SNI by always presenting 'Host:' header - Resolves: 1364993 1.14.1-23 - Add dependency on libkadm5 to krb5-devel - Resolve...

6.5CVSS0.1AI score0.39969EPSS
Exploits0
OSV
OSV
added 2016/09/16 9:27 a.m.7 views

MGASA-2016-0306 Updated krb5 packages fix security vulnerability

The validateasrequest function in kdcutil.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.14.3, when restrictanonymoustotgt is enabled, uses an incorrect client data structure, which allows remote authenticated users to cause a denial of service NULL pointer dereference a...

6.5CVSS6.2AI score0.0462EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/09/09 12:0 a.m.22 views

openSUSE Security Update : krb5 (openSUSE-2016-1065)

This update for krb5 fixes the following issues : - CVE-2016-3120: KDC NULL pointer Dereference Denial Of Service Vulnerability bsc991088 This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package chec...

6.5CVSS6.6AI score0.0462EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/09/07 12:0 a.m.30 views

Fedora Update for krb5 FEDORA-2016-f405b25923

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.9AI score0.0462EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/09/02 12:0 a.m.27 views

Fedora 23 : krb5 (2016-f405b25923)

Bump version to 1.14.3 for the convenience of those needing the SNI fix. ---- Require krb5 to set the 'Host:' header when speaking KKDCPP. This fixes use of TLS with SNI. ---- Fix low-impact CVE-2016-3120 where S4U2Self may cause KDC crash when anon is restricted Note that Tenable Network Securit...

6.5CVSS6.7AI score0.0462EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/09/02 12:0 a.m.31 views

SUSE SLED12 / SLES12 Security Update : krb5 (SUSE-SU-2016:2136-1)

This update for krb5 fixes the following issues : - CVE-2016-3120: KDC NULL pointer Dereference Denial Of Service Vulnerability bsc991088 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatical...

6.5CVSS6.7AI score0.0462EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/09/02 12:0 a.m.25 views

Fedora 23 : krb5 (2016-4a36663643)

Misc samba and sssd-related bugfixes. ---- Bump version to 1.14.3 for the convenience of those needing the SNI fix. ---- Require krb5 to set the 'Host:' header when speaking KKDCPP. This fixes use of TLS with SNI. ---- Fix low-impact CVE-2016-3120 where S4U2Self may cause KDC crash when anon is...

6.5CVSS6.7AI score0.0462EPSS
Exploits0References2
Rows per page
Query Builder