26 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-11462
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Double free vulnerability in MIT Kerberos 5 aka krb5 allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts o...
RHEL 5 : krb5 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - krb5: kadmind doubly frees partial deserialization results MITKRB5-SA-2015-001 CVE-2014-9421 - krb5:...
RHEL 5 : krb5 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - krb5: Automatic sec context deletion could lead to double-free CVE-2017-11462 - The processdbargs functio...
Mageia: Security Advisory (MGASA-2017-0420)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:2659-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.2.0 : krb5 (EulerOS-SA-2020-1192)
According to the versions of the krb5 packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Double free vulnerability in MIT Kerberos 5 aka krb5 allows attackers to have unspecified impact via vectors involving...
Security Bulletin: IBM MQ Appliance is affected by an MIT Kerberos 5 vulnerability (CVE-2017-11462)
Summary IBM MQ Appliance has addressed the following MIT Kerberos 5 aka krb5 vulnerability. Vulnerability Details CVEID: CVE-2017-11462 DESCRIPTION: Double free vulnerability in MIT Kerberos 5 aka krb5 allows attackers to have unspecified impact via vectors involving automatic deletion of securit...
Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2019-1848)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2019-2162)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2019-2058)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : krb5 (EulerOS-SA-2019-2162)
According to the version of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Double free vulnerability in MIT Kerberos 5 aka krb5 allows attackers to have unspecified impact via vectors involving automatic deletion of security...
Security Bulletin: IBM DataPower Gateway is affected by a vulnerability in Kerberos (CVE-2017-11462)
Summary IBM DataPower Gateway has addressed the following vulnerability: CVE-2017-11462 Vulnerability Details CVEID: CVE-2017-11462 DESCRIPTION: A double free vulnerability in MIT Kerberos 5 aka krb5 has an unknown impact and attack vector involving automatic deletion of security contexts on erro...
EulerOS 2.0 SP3 : krb5 (EulerOS-SA-2019-2058)
According to the version of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Double free vulnerability in MIT Kerberos 5 aka krb5 allows attackers to have unspecified impact via vectors involving automatic deletion of security...
EulerOS 2.0 SP2 : krb5 (EulerOS-SA-2019-1848)
According to the version of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Double free vulnerability in MIT Kerberos 5 aka krb5 allows attackers to have unspecified impact via vectors involving automatic deletion of security...
Security Bulletin: IBM Tivoli Access Manager for e-business and IBM Security Access Manager releases are affected by a Kerberos vulnerability (CVE-2017-11462)
Summary IBM Tivoli Access Manager for e-business and IBM Security Access Manager have addressed the following vulnerability. Vulnerability Details CVEID: CVE-2017-11462 DESCRIPTION: A double free vulnerability in MIT Kerberos 5 aka krb5 has an unknown impact and attack vector involving automatic...
Security Bulletin: Vulnerabilities in krb5 affect IBM BladeCenter Advanced Management Module (AMM)
Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities in krb5. Vulnerability Details CVEID: CVE-2018-5730 DESCRIPTION: MIT krb5 could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in the LDAP Kerberos database...
Security fix for the ALT Linux 8 package krb5 version 1.14.6-alt1.M80P.1
1.14.6-alt1.M80P.1 built May 3, 2018 Evgeny Sinelnikov in task 204403 April 17, 2018 Evgeny Sinelnikov - Update to latest security release of krb5-1.14 - Security fixes: + CVE-2017-11368 Fix a KDC denial of service vulnerability caused by unset status strings + CVE-2017-11462 Preserve GSS context...
Fedora 27 : krb5 (2017-7a22a80c7e)
Prevent applications from accidentally implementing CVE-2017-11462 double free if seccontext is copied. - fc26+: Add ccselect hostrealm module for ccache selection based on service hostname. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
FreeBSD : krb5 -- Multiple vulnerabilities (3f3837cc-48fb-4414-aa46-5b1c23c9feae)
MIT reports : CVE-2017-11368 : In MIT krb5 1.7 and later, an authenticated attacker can cause an assertion failure in krb5kdc by sending an invalid S4U2Self or S4U2Proxy request. CVE-2017-11462 : RFC 2744 permits a GSS-API implementation to delete an existing security context on a second or...
openSUSE Security Update : krb5 (openSUSE-2017-1145)
This update for krb5 fixes several issues. This security issue was fixed : - CVE-2017-11462: Prevent automatic security context deletion to prevent double-free bsc1056995 These non-security issues were fixed : - Set 'rdns' and 'dnscanonicalizehostname' to false in krb5.conf in order to improve...