851 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-11368
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In MIT Kerberos 5 aka krb5 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests...
Azure Linux 3.0 Security Update: heimdal / samba (CVE-2022-41916)
The version of heimdal / samba installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41916 advisory. - Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerab...
Important: Red Hat Security Advisory: krb5 security update
An update for krb5 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
krb5 security update
An update is available for krb5. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kerberos is a network authentication system, which can improve the security of...
PT-2024-40628 · Git +1 · Krb5
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of Use-of-uninitialized-value. The crash state involves the k5 hashtab add and insert entry functions in the fuzz...
Important: Red Hat Security Advisory: krb5 security update
An update for krb5 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as havi...
ROS-20240812-01
The vulnerability in the Kerberos 5 Heimdal implementation is due to bugs in the Heimdal PKI certificate checks, affecting KDC via PKINIT and kinit via PKINIT, as well as any third-party applications, that utilize libhx509 Heimdal. Exploitation of the vulnerability could allow an attacker acting...
ROS-20240723-01
A vulnerability in the Key Distribution Center KDC component of the Kerberos network authentication protocol is associated with the NULL pointer dereferencing. Exploitation of the vulnerability allows an attacker acting remotely, cause a denial of service...
Advisory ROSA-SA-2024-2451
Software: samba 4.12.3 OS: ROSA Virtualization 2.1 packageevrstring: samba-4.12.3 CVE-ID: CVE-2020-25722 BDU-ID: 2022-00004 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the Active Directory Domain Controller component of the Samba networking software package is caused by a buffer overflow...
SUSE-SU-2024:1702-1 Security update for krb5
This update for krb5 fixes the following issues: Fixed inside previous release v1.16.3-46.3.1: - CVE-2021-37750: Fixed KDC null pointer dereference via a FAST inner body that lacked a server field bsc1189929...
MIT Kerberos Security Vulnerability
MIT Kerberos is a Massachusetts Institute of Technology MIT software for authentication in network clusters.Kerberos also serves as a network authentication protocol designed to provide strong authentication services to client/server applications through a key system. A security vulnerability...
K000138461: MIT Kerberos 5 vulnerability CVE-2023-39975
Security Advisory Description kdc/dotgsreq.c in MIT Kerberos 5 aka krb5 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another. CVE-2023-39975 Impact There is no impact...
RHEL 8 : idm:DL1 (RHSA-2024:0137)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0137 advisory. Red Hat Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and...
Moderate: Red Hat Security Advisory: krb5 security update
An update for krb5 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
Oracle Linux 8 : idm:DL1 (ELSA-2024-0143)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0143 advisory. - Resolves: 2242828 Invalid CSRF protection CVE-2023-5455 ipa-healthcheck opendnssec python-jwcrypto python-kdcproxy Tenable has extracted the precedin...
RHEL 8 : idm:DL1 (RHSA-2024:0143)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0143 advisory. Red Hat Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and...
January 9, 2024—KB5034127 (OS Build 17763.5329) - EXPIRED
None None...
SUSE CVE-2023-39975
kdc/dotgsreq.c in MIT Kerberos 5 aka krb5 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another...
krb5 security and bug fix update
1.21.1-1.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.21.1-1 - New upstream version 1.21.1 - Fix double-free in KDC TGS processing CVE-2023-39975 - Add support for 'pacprivsvrenctype' KDB string attribute Resolves: rhbz2060421...
ALSA-2023:6699 Moderate: krb5 security and bug fix update
Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...