Fedora 10 : krb5-1.6.3-18.fc10 (2009-2852)

This update incorporates patches to fix potential read overflow and NULL pointer dereferences in the implementation of the SPNEGO GSSAPI mechanism CVE-2009-0844, CVE-2009-0845, attempts to free an uninitialized pointer during protocol parsing CVE-2009-0846, and a bug in length validation during...

Mandriva Linux Security Advisory : krb5 (MDVSA-2008:070)

A memory management flaw was found in the GSSAPI library used by Kerberos that could result in an attempt to free already freed memory, possibly leading to a crash or allowing the execution of arbitrary code CVE-2007-5971. A flaw was discovered in how the Kerberos krb5kdc handled Kerberos v4...

Mandriva Linux Security Advisory : krb5 (MDVSA-2008:069)

Multiple memory management flaws were found in the GSSAPI library used by Kerberos that could result in the use of already freed memory or an attempt to free already freed memory, possibly leading to a crash or allowing the execution of arbitrary code CVE-2007-5901, CVE-2007-5971. A flaw was...

Fedora Core 10 FEDORA-2009-2852 (krb5)

The remote host is missing an update to krb5 announced via advisory FEDORA-2009-2852. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Fedora Core 9 FEDORA-2009-2834 (krb5)

The remote host is missing an update to krb5 announced via advisory FEDORA-2009-2834. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Fedora Core 9 FEDORA-2009-2834 (krb5)

The remote host is missing an update to krb5 announced via advisory FEDORA-2009-2834. OpenVAS Vulnerability Test $Id: fcore20092834.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-2834 krb5 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

Mandriva Update for krb5 MDVSA-2008:070 (krb5)

Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDVSA-2008:070 krb5 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Mandriva Update for krb5 MDVSA-2008:069 (krb5)

Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDVSA-2008:069 krb5 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Mandriva Update for krb5 MDVSA-2008:069 (krb5)

Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDVSA-2008:069 krb5 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Mandriva Update for krb5 MDKSA-2007:077 (krb5)

Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDKSA-2007:077 krb5 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Mandriva Update for krb5 MDKSA-2007:077-1 (krb5)

Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDKSA-2007:077-1 krb5 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora 9 : krb5-1.6.3-16.fc9 (2009-2834)

This update incorporates patches to fix potential read overflow and NULL pointer dereferences in the implementation of the SPNEGO GSSAPI mechanism CVE-2009-0844, CVE-2009-0845, attempts to free an uninitialized pointer during protocol parsing CVE-2009-0846, and a bug in length validation during...

RHEL 5 : krb5 (RHSA-2009:0408)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:0408 advisory. - krb5: buffer over-read in SPNEGO GSS-API mechanism MITKRB5-SA-2009-001 CVE-2009-0844 - krb5: NULL pointer dereference in GSSAPI SPNEGO...

krb5: NULL pointer dereference in GSSAPI SPNEGO (MITKRB5-SA-2009-001)

The spnegogssacceptseccontext function in lib/gssapi/spnego/spnegomech.c in MIT Kerberos 5 aka krb5 1.5 through 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via invalid ContextFlags data in the reqFlags field in a...

krb5 security update

1.6.1-31.el53.3 - update to revised patch for CVE-2009-0844/CVE-2009-0845 1.6.1-31.el53.2 - add fix for potential buffer read overrun in the SPNEGO GSSAPI mechanism 490635, CVE-2009-0844 - add fix for NULL pointer dereference when handling certain error cases in the SPNEGO GSSAPI mechanism 490635...

CVE-2009-0845

Summary of CVE-2009-0845 details from provided sources : The SPNEGO implementation in MIT Kerberos 5 (krb5) up to version 1.6.3 is affected. Specifically, in spnego_mech.c, the spnego_gss_accept_sec_context path can be triggered when SPNEGO is used with invalid ContextFlags data in a negTokenInit...

RedHat Update for krb5 RHSA-2008:0180-01

Check for the Version of krb5 OpenVAS Vulnerability Test RedHat Update for krb5 RHSA-2008:0180-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

RedHat Update for krb5 RHSA-2008:0180-01

Check for the Version of krb5 OpenVAS Vulnerability Test RedHat Update for krb5 RHSA-2008:0180-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

CentOS Update for krb5-devel CESA-2008:0180 centos4 x86_64

Check for the Version of krb5-devel OpenVAS Vulnerability Test CentOS Update for krb5-devel CESA-2008:0180 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modi...

GLSA-200803-31 : MIT Kerberos 5: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200803-31 MIT Kerberos 5: Multiple vulnerabilities Two vulnerabilities were found in the Kerberos 4 support in KDC: A global variable is not set for some incoming message types, leading to a NULL pointer dereference or a double fr...