211 matches found
SuSE9 Security Update : IBM Java (YOU Patch Number 12669)
IBM Java 1.4.2 SR13 was updated to FP8 to fix various bugs and security issues. The following security issues were fixed : - The kgacceptkrb5 function in krb5/acceptseccontext.c in the GSS-API library in MIT Kerberos 5 aka krb5 through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other...
krb5: null pointer dereference in GSS-API library leads to DoS (MITKRB5-SA-2010-005)
The kgacceptkrb5 function in krb5/acceptseccontext.c in the GSS-API library in MIT Kerberos 5 aka krb5 through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of...
FreeBSD : krb5 -- multiple checksum handling vulnerabilities (0d57c1d9-03f4-11e0-bf50-001a926c7637)
The MIT Kerberos team reports : MIT krb incorrectly accepts an unkeyed checksum with DES session keys for version 2 RFC 4121 of the GSS-API krb5 mechanism. An unauthenticated remote attacker can forge GSS tokens that are intended to be integrity-protected but unencrypted, if the targeted...
krb5: null pointer dereference in GSS-API library leads to DoS (MITKRB5-SA-2010-005)
The kgacceptkrb5 function in krb5/acceptseccontext.c in the GSS-API library in MIT Kerberos 5 aka krb5 through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of...
MIT Kerberos 5 multiple checksum vulnerabilities
Checksum vulnerabilities in GSS-API, JDC, PAC and more...
krb5: null pointer dereference in GSS-API library leads to DoS (MITKRB5-SA-2010-005)
The kgacceptkrb5 function in krb5/acceptseccontext.c in the GSS-API library in MIT Kerberos 5 aka krb5 through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of...
Mandriva Update for heimdal MDVSA-2010:130 (heimdal)
Check for the Version of heimdal OpenVAS Vulnerability Test Mandriva Update for heimdal MDVSA-2010:130 heimdal Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
Mandriva Update for heimdal MDVSA-2010:130 (heimdal)
Check for the Version of heimdal OpenVAS Vulnerability Test Mandriva Update for heimdal MDVSA-2010:130 heimdal Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
[ MDVSA-2010:130 ] heimdal
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:130 http://www.mandriva.com/security/ Package : heimdal Date : July 7, 2010 Affected: Enterprise Server 5.0 Problem Description: A vulnerability has been found and corrected in heimdal: Certain invalid GSS-A...
Fedora 12 : krb5-1.7.1-9.fc12 (2010-8805)
Shawn Emery discovered a remotely-triggerable NULL pointer dereference in the Kerberos GSS-API library which could be used to cause GSS-API-authenticated services to crash. This update incorporates fixes to instead correctly detect the error and return an error code. Note that Tenable Network...
Fedora 11 : krb5-1.6.3-31.fc11 (2010-8796)
Shawn Emery discovered a remotely-triggerable NULL pointer dereference in the Kerberos GSS-API library which could be used to cause GSS-API-authenticated services to crash. This update incorporates fixes to instead correctly detect the error and return an error code. Note that Tenable Network...
Debian Security Advisory DSA 2052-1 (krb5)
The remote host is missing an update to krb5 announced via advisory DSA 2052-1. OpenVAS Vulnerability Test $Id: deb20521.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2052-1 krb5 Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...
Debian: Security Advisory (DSA-2052-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for krb5-devel CESA-2010:0423 centos3 i386
Check for the Version of krb5-devel OpenVAS Vulnerability Test CentOS Update for krb5-devel CESA-2010:0423 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...
CentOS Update for krb5-devel CESA-2010:0423 centos3 i386
Check for the Version of krb5-devel OpenVAS Vulnerability Test CentOS Update for krb5-devel CESA-2010:0423 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...
Mandriva Update for krb5 MDVSA-2010:100 (krb5)
Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDVSA-2010:100 krb5 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
RedHat Update for krb5 RHSA-2010:0423-01
Check for the Version of krb5 OpenVAS Vulnerability Test RedHat Update for krb5 RHSA-2010:0423-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Mandriva Update for krb5 MDVSA-2010:100 (krb5)
Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDVSA-2010:100 krb5 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
CentOS Update for krb5-devel CESA-2010:0423 centos4 i386
Check for the Version of krb5-devel OpenVAS Vulnerability Test CentOS Update for krb5-devel CESA-2010:0423 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...
openSUSE Security Update : krb5 (openSUSE-SU-2010:0292-1)
This update fixes a denial-of-service vulnerability in kadmind. A remote attack can send a malformed GSS-API token that triggers a NULL pointer dereference. CVE-2010-1321: CVSS v2 Base Score: 6.8 MEDIUM AV:N/AC:L/Au:S/C:N/I:N/A:C %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...