Buffer overflow in Heimdal unwrap_des3()

Description The DES for Samba 4.11 and earlier and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a maliciously small packet. Examples of where Samba can use GSSAPI include the client and...

Slackware Linux 15.0 / current samba Vulnerability (SSA:2022-298-02)

The version of samba installed on the remote host is prior to 4.15.11 / 4.17.2. It is, therefore, affected by a vulnerability as referenced in the SSA:2022-298-02 advisory. - A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of...

PT-2022-5230 · Heimdal +9 · Heimdal +9

Name of the Vulnerable Software and Affected Versions: Samba affected versions not specified Description: A heap-based buffer overflow issue was found in the GSSAPI unwrap des and unwrap des3 routines of Heimdal, which is part of the Samba network interaction program. This issue allows a remote...

SUSE-SU-2022:3562-1 Security update for libgsasl

This update for libgsasl fixes the following issues: - CVE-2022-2469: Fixed OOB read in GSSAPI server bsc1201715...

SUSE-SU-2022:3561-1 Security update for libgsasl

This update for libgsasl fixes the following issues: - CVE-2022-2469: Fixed OOB read in GSSAPI server bsc1201715...

samba -- buffer overflow in Heimdal unwrap_des3()

The Samba Team reports: The DES for Samba 4.11 and earlier and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a maliciously small packet...

curl: CVE-2022-32208: FTP-KRB bad message verification

Summary: libcurl handles gssunwrap GSSSBADSIG error incorrectly. This enables malicious attacker to inject arbitrary FTP server responses to GSSAPI protected FTP control connection and/or make the client consume unrelated heap memory as a FTP command response. The defective krb5decode function is...

PowerProxy - PowerShell SOCKS Proxy With Reverse Proxy Capabilities

PowerShell SOCKS proxy with reverse proxy capabilities. PowerProxy is written with penetration testers in mind. Reverse proxy functionality is a priority, for traversing networks that block inbound connections. Reverse proxy connections are encrypted by default. Username/Password authentication i...

new packages: python-urllib-gssapi

An update is available for python-urllib-gssapi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Roc...

new packages: python-requests-gssapi

An update is available for python-requests-gssapi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

new packages: python-gssapi

An update is available for python-gssapi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

new packages: perl-GSSAPI

An update is available for perl-GSSAPI. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

Mageia: Security Advisory (MGASA-2020-0003)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

perl-GSSAPI bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

perl-GSSAPI bug fix and enhancement update

An update is available for perl-GSSAPI. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

ALBA-2021:4327 perl-GSSAPI bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

CLSA-2021-1634922250 Fixed CVEs in bind: CVE-2021-25214, CVE-2021-25216, CVE-2021-25215

A broken inbound incremental zone update IXFR can cause named to terminate unexpectedly CVE-2021-25214 - An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself CVE-2021-25215 - A second vulnerability in BIND's GSSAPI security...

Fix of CVE: CVE-2021-25215, CVE-2021-25214, CVE-2021-25216

A broken inbound incremental zone update IXFR can cause named to terminate unexpectedly CVE-2021-25214 - An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself CVE-2021-25215 - A second vulnerability in BIND's GSSAPI security...

Fix of CVE: CVE-2020-8625

Fix buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation CVE-2020-8625...

SUSE: Security Advisory (SUSE-SU-2019:0174-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...