CVE-2025-58181

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption...

OESA-2024-1443 libgsasl security update

The library includes support for the SASL framework and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, and NTLM mechanisms. Security Fixes: GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API...

OESA-2024-1441 libgsasl security update

The library includes support for the SASL framework and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, and NTLM mechanisms. Security Fixes: GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API...

Fedora 10 : krb5-1.6.3-18.fc10 (2009-2852)

This update incorporates patches to fix potential read overflow and NULL pointer dereferences in the implementation of the SPNEGO GSSAPI mechanism CVE-2009-0844, CVE-2009-0845, attempts to free an uninitialized pointer during protocol parsing CVE-2009-0846, and a bug in length validation during...

Fedora Core 9 FEDORA-2009-2834 (krb5)

The remote host is missing an update to krb5 announced via advisory FEDORA-2009-2834. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...