Lucene search
K

737 matches found

Oracle linux
Oracle linux
added 2014/09/17 12:0 a.m.48 views

krb5 security and bug fix update

1.6.1-78.el5 - gssapi: pull in upstream fix for a possible NULL dereference in spnego CVE-2014-4344, 1121509 1.6.1-77.el5 - fix what appears to be a cosmetic error in the patch for self-tests for CVE-2014-4341 1.6.1-76.el5 - run the backported self-tests, such as they are, for CVE-2014-4341...

7.8CVSS1.3AI score0.07138EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2014/09/16 5:28 a.m.5 views

krb5: denial of service flaws when handling padding length longer than the plaintext

A buffer over-read flaw was found in the way MIT Kerberos handled certain requests. A remote, unauthenticated attacker who is able to inject packets into a client or server application's GSSAPI session could use this flaw to crash the application...

5CVSS7.2AI score0.07138EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/09/16 12:0 a.m.35 views

RHEL 5 : krb5 (RHSA-2014:1245)

Updated krb5 packages that fix multiple security issues and two bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

7.8CVSS6.8AI score0.07138EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2014/09/04 12:0 a.m.67 views

AIX NAS Advisory : nas_advisory1.asc

The version of the Network Authentication Service NAS installed on the remote AIX host is affected by the following vulnerabilities related to Kerberos 5 : - An attacker can cause a denial of service buffer over-read and application crash by injecting invalid tokens into a GSSAPI application...

7.8CVSS7.9AI score0.07138EPSS
Exploits0References6
Mageia
Mageia
added 2014/08/22 10:58 a.m.37 views

Updated krb5 package fixes security vulnerabilities

MIT Kerberos 5 allows attackers to cause a denial of service via a buffer over-read or NULL pointer dereference, by injecting invalid tokens into a GSSAPI application session CVE-2014-4341, CVE-2014-4342. MIT Kerberos 5 allows attackers to cause a denial of service via a double-free flaw or NULL...

8.5CVSS9.2AI score0.08085EPSS
Exploits0References3
Debian
Debian
added 2014/08/18 5:42 p.m.29 views

[DLA 37-1] krb5 security update

Package : krb5 Version : 1.8.3+dfsg-4squeeze8 CVE ID : CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345 Debian Bug : 753624 753625 755520 755521 757416 Several vulnerabilities were discovered in krb5, the MIT implementation of Kerberos. The Common Vulnerabilities and Exposure...

8.5CVSS10AI score0.08085EPSS
Exploits0
OSV
OSV
added 2014/08/18 12:0 a.m.36 views

DLA-37-1 krb5 - security update

Bulletin has no description...

8.5CVSS7.3AI score0.08085EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/08/10 12:0 a.m.32 views

Debian DSA-3000-1 : krb5 - security update

Several vulnerabilities were discovered in krb5, the MIT implementation of Kerberos. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2014-4341 An unauthenticated remote attacker with the ability to inject packets into a legitimately established GSSAPI...

8.5CVSS7.2AI score0.08085EPSS
Exploits0References17
Debian
Debian
added 2014/08/09 2:54 p.m.30 views

[SECURITY] [DSA 3000-1] krb5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3000-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 09, 2014 http://www.debian.org/security/faq -...

8.5CVSS10AI score0.08085EPSS
Exploits0
OpenVAS
OpenVAS
added 2014/08/09 12:0 a.m.39 views

Debian Security Advisory DSA 3000-1 (krb5 - security update)

Several vulnerabilities were discovered in krb5, the MIT implementation of Kerberos. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-4341 An unauthenticated remote attacker with the ability to inject packets into a legitimately established GSSAPI...

8.5CVSS0.5AI score0.08085EPSS
Exploits0References1
OSV
OSV
added 2014/08/09 12:0 a.m.33 views

DSA-3000-1 krb5 - security update

Bulletin has no description...

8.5CVSS7.3AI score0.08085EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/08/08 12:0 a.m.27 views

Fedora 20 : krb5-1.11.5-10.fc20 (2014-8189)

This update incorporates backported upstream fixes for potential crashes caused by attempts to process malformed GSSAPI messages CVE-2014-4341, CVE-2014-4342. It also incorporates fexes for a possible double-free CVE-2014-4343 and a possible NULL pointer dereference CVE-2014-4344 in GSSAPI client...

7.8CVSS7.9AI score0.07138EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2014/08/08 12:0 a.m.32 views

Fedora 19 : krb5-1.11.3-24.fc19 (2014-8176)

This update incorporates backported upstream fixes for potential crashes caused by attempts to process malformed GSSAPI messages CVE-2014-4341, CVE-2014-4342. It also incorporates fexes for a possible double-free CVE-2014-4343 and a possible NULL pointer dereference CVE-2014-4344 in GSSAPI client...

7.8CVSS7.9AI score0.07138EPSS
Exploits0References7
OSV
OSV
added 2014/07/20 11:12 a.m.5 views

CVE-2014-4341

MIT Kerberos 5 aka krb5 before 1.12.2 allows remote attackers to cause a denial of service buffer over-read and application crash by injecting invalid tokens into a GSSAPI application session...

6.3AI score
Exploits0References16
NVD
NVD
added 2014/07/20 11:12 a.m.24 views

CVE-2014-4342

MIT Kerberos 5 aka krb5 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service buffer over-read or NULL pointer dereference, and application crash by injecting invalid tokens into a GSSAPI application session...

5CVSS6.3AI score0.06523EPSS
Exploits0References12
OSV
OSV
added 2014/07/20 11:12 a.m.1 views

DEBIAN-CVE-2014-4342

MIT Kerberos 5 aka krb5 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service buffer over-read or NULL pointer dereference, and application crash by injecting invalid tokens into a GSSAPI application session...

5CVSS7.8AI score0.06523EPSS
Exploits0References1
OSV
OSV
added 2014/07/20 11:12 a.m.5 views

CVE-2014-4342

MIT Kerberos 5 aka krb5 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service buffer over-read or NULL pointer dereference, and application crash by injecting invalid tokens into a GSSAPI application session...

6.3AI score
Exploits0References16
Prion
Prion
added 2014/07/20 11:12 a.m.16 views

Design/Logic Flaw

MIT Kerberos 5 aka krb5 before 1.12.2 allows remote attackers to cause a denial of service buffer over-read and application crash by injecting invalid tokens into a GSSAPI application session...

5CVSS6.9AI score0.07138EPSS
Exploits0References15Affected Software10
Prion
Prion
added 2014/07/20 11:12 a.m.24 views

Null pointer dereference

MIT Kerberos 5 aka krb5 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service buffer over-read or NULL pointer dereference, and application crash by injecting invalid tokens into a GSSAPI application session...

5CVSS7AI score0.06523EPSS
Exploits0References12Affected Software7
Cvelist
Cvelist
added 2014/07/20 10:0 a.m.22 views

CVE-2014-4342

MIT Kerberos 5 aka krb5 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service buffer over-read or NULL pointer dereference, and application crash by injecting invalid tokens into a GSSAPI application session...

6.2AI score0.06523EPSS
Exploits0References12
Rows per page
Query Builder