6 matches found
Debian DSA-4648-1 : libpam-krb5 - security update
Russ Allbery discovered a buffer overflow in the PAM module for MIT Kerberos, which could result in denial of service or potentially the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisor...
[SECURITY] [DLA 2166-1] libpam-krb5 security update
Package : libpam-krb5 Version : 4.6-3+deb8u1 CVE ID : CVE-2020-10595 The krb5 PAM module pamkrb5.so had a buffer overflow that might have caused remote code execution in situations involving supplemental prompting by a Kerberos library. It might have overflown a buffer provided by the underlying...
[SECURITY] [DSA 4648-1] libpam-krb5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4648-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 31, 2020 https://www.debian.org/security/faq -...
CVE-2020-10595
pam-krb5 before 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. It may overflow a buffer provided by the underlying Kerberos library by a single '\0' byte if an attacker responds to a prompt with an answer of a...
CVE-2020-10595
CVE-2020-10595 affects the pam-krb5 PAM module. The issue is a buffer overflow in pam_krb5.so when the Kerberos library performs supplemental prompting (e.g., PKINIT or no_prompt PAM options). This can overflow a buffer provided by the underlying Kerberos library, potentially leading to heap/stac...
CVE-2020-10595
pam-krb5 before 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. It may overflow a buffer provided by the underlying Kerberos library by a single '\0' byte if an attacker responds to a prompt with an answer of a...