Lucene search
K

122 matches found

Prion
Prion
added 2018/04/04 6:29 p.m.12 views

Default credentials

The GSKit IBM Spectrum Protect 7.1 and 7.2 and IBM Spectrum Protect Snapshot 4.1.3, 4.1.4, and 4.1.6 CMS KDB logic fails to salt the hash function resulting in weaker than expected protection of passwords. A weak password may be recovered. Note: After update the customer should change password to...

5CVSS8.4AI score0.00931EPSS
Exploits0References7Affected Software3
Cvelist
Cvelist
added 2018/04/04 6:0 p.m.17 views

CVE-2018-1447

The GSKit IBM Spectrum Protect 7.1 and 7.2 and IBM Spectrum Protect Snapshot 4.1.3, 4.1.4, and 4.1.6 CMS KDB logic fails to salt the hash function resulting in weaker than expected protection of passwords. A weak password may be recovered. Note: After update the customer should change password to...

5.1CVSS6.2AI score0.00931EPSS
Exploits0References7
CVE
CVE
added 2018/04/04 6:0 p.m.77 views

CVE-2018-1447

CVE-2018-1447 affects the GSKit CMS KDB logic used with IBM Spectrum Protect 7.1/7.2 and IBM Spectrum Protect Snapshot 4.1.3, 4.1.4, and 4.1.6, where the hashing process is not salted, yielding weaker password protection and potential password recovery. The vulnerability is discussed in IBM GSKit...

8.1CVSS6.7AI score0.00931EPSS
Exploits0References7Affected Software2
Tenable Nessus
Tenable Nessus
added 2017/05/01 12:0 a.m.29 views

EulerOS 2.0 SP1 : krb5 (EulerOS-SA-2016-1076)

According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference flaw was found in MIT Kerberos kadmind service. An authenticated attacker with permission to modify a principal entry...

6.5CVSS6.4AI score0.39969EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/02/07 12:0 a.m.38 views

Amazon Linux AMI : krb5 (ALAS-2017-793)

A NULL pointer dereference flaw was found in MIT Kerberos kadmind service. An authenticated attacker with permission to modify a principal entry could use this flaw to cause kadmind to dereference a NULL pointer and crash by supplying an empty DB argument to the modifyprincipal command, if kadmin...

6.5CVSS6.3AI score0.39969EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2017/01/03 12:0 a.m.46 views

ipa security update

4.4.0-14.0.1.el73.1.1 - Blank out header-logo.png product-name.png Replace login-screen-logo.png 20362818 4.4.0-14.1.1 - Resolves: 1370493 CVE-2016-7030 ipa: DoS attack against kerberized services by abusing password policy - ipa-kdb: search for password policies globally - Renamed patches 1011 a...

7.5CVSS6.9AI score0.047EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/12/15 12:0 a.m.24 views

Scientific Linux Security Update : krb5 on SL7.x x86_64 (20161103)

The following packages have been upgraded to a newer upstream version: krb5 1.14.1. Security Fixes : - A NULL pointer dereference flaw was found in MIT Kerberos kadmind service. An authenticated attacker with permission to modify a principal entry could use this flaw to cause kadmind to dereferen...

6.5CVSS6.3AI score0.39969EPSS
Exploits0References3
CNVD
CNVD
added 2016/09/13 12:0 a.m.2 views

AlienVault Unified Security Management 'get_directive_kdb.php' SQL Injection Vulnerability

AlienVault Unified Security Management USM is a security management platform from AlienVault, Inc. that provides security monitoring, security event management and reporting, and threat awareness systems. A SQL injection vulnerability exists in AlienVault Unified Security Management USM that...

8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/04/19 12:0 a.m.32 views

SUSE SLES11 Security Update : krb5 (SUSE-SU-2016:1088-1)

This update for krb5 fixes the following security issue : - CVE-2016-3119: An authenticated attacker with permission to modify a principal entry could have caused kadmind to dereference a NULL pointer by supplying an empty DB argument to the modifyprincipal command, if kadmind is configured to us...

5.3CVSS6.3AI score0.39969EPSS
Exploits0References4
OSV
OSV
added 2016/04/18 7:17 a.m.7 views

SUSE-SU-2016:1088-1 Security update for krb5

This update for krb5 fixes the following security issue: - CVE-2016-3119: An authenticated attacker with permission to modify a principal entry could have caused kadmind to dereference a null pointer by supplying an empty DB argument to the modifyprincipal command, if kadmind is configured to use...

5.3CVSS5.3AI score0.39969EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/04/13 12:0 a.m.26 views

SUSE SLED12 / SLES12 Security Update : krb5 (SUSE-SU-2016:0994-1)

This update for krb5 fixes the following security issue : - CVE-2016-3119: An authenticated attacker with permission to modify a principal entry could have caused kadmind to dereference a NULL pointer by supplying an empty DB argument to the modifyprincipal command, if kadmind is configured to us...

5.3CVSS6.3AI score0.39969EPSS
Exploits0References4
OSV
OSV
added 2016/04/08 1:36 p.m.5 views

SUSE-SU-2016:0994-1 Security update for krb5

This update for krb5 fixes the following security issue: - CVE-2016-3119: An authenticated attacker with permission to modify a principal entry could have caused kadmind to dereference a null pointer by supplying an empty DB argument to the modifyprincipal command, if kadmind is configured to use...

5.3CVSS5.3AI score0.39969EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/04/05 12:0 a.m.27 views

openSUSE Security Update : krb5 (openSUSE-2016-424)

This update for krb5 fixes the following security issue : - CVE-2016-3119: An authenticated attacker with permission to modify a principal entry could have caused kadmind to dereference a NULL pointer by supplying an empty DB argument to the modifyprincipal command, if kadmind is configured to us...

5.3CVSS6.3AI score0.39969EPSS
Exploits0References1
CNVD
CNVD
added 2016/03/28 12:0 a.m.5 views

MIT Kerberos 5 kadmind LDAP KDB Module Denial of Service Vulnerability

MIT Kerberos 5 also known as krb5 is a network authentication protocol developed by the Massachusetts Institute of Technology MIT in the United States, which adopts a client/server structure, and both the client and the server side can authenticate each other i.e., double authentication, which...

5.3CVSS6.3AI score0.39969EPSS
Exploits0References1
NVD
NVD
added 2016/03/26 1:59 a.m.19 views

CVE-2016-3119

The processdbargs function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service NULL pointer dereferenc...

5.3CVSS5AI score0.39969EPSS
Exploits0References7
OSV
OSV
added 2016/03/26 1:59 a.m.28 views

CVE-2016-3119

The processdbargs function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service NULL pointer dereferenc...

5.3CVSS6.4AI score
Exploits0References7
Snyk
Snyk
added 2016/03/26 1:59 a.m.1 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. The processdbargs function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which...

5.3CVSS7.2AI score0.39969EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2016/03/26 1:59 a.m.27 views

CVE-2016-3119

The processdbargs function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service NULL pointer dereferenc...

5.3CVSS6.5AI score0.39969EPSS
Exploits0References1
Prion
Prion
added 2016/03/26 1:59 a.m.24 views

Null pointer dereference

The processdbargs function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service NULL pointer dereferenc...

3.5CVSS6.4AI score0.39969EPSS
Exploits0References7Affected Software3
Cvelist
Cvelist
added 2016/03/26 1:0 a.m.20 views

CVE-2016-3119

The processdbargs function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service NULL pointer dereferenc...

5.1AI score0.39969EPSS
Exploits0References7
Rows per page
Query Builder