MiracleLinux 9 : krb5-1.19.1-24.el9 (AXSA:2023-4928:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4928:02 advisory. krb5: integer overflow vulnerabilities in PAC parsing CVE-2022-42898 Tenable has extracted the preceding description block directly from the MiracleLinux...

ROS-20230417-02

A vulnerability in the Kerberos5 heimdal protocol implementation is related to changing memcmp values for constant time and a workaround for a compiler error by adding "!= 0" comparisons to the memcmp result. Exploitation of the vulnerability could allow an attacker acting remotely to perform a...

MIT Kerberos5 < 1.19.4, 1.20.x < 1.20.1 Integer Overflow Vulnerability

MIT Kerberos5 is prone to an integer overflow vulnerability in PAC parsing. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PT-2022-5557

Name of the Vulnerable Software and Affected Versions curl versions prior to 7.84.0 Description The issue is related to how curl handles message verification failures when doing FTP transfers secured by krb5. This flaw allows a Man-In-The-Middle attack to go unnoticed and enables the injection of...

MIT Kerberos5 <= 1.16 Multiple Vulnerabilities

MIT Kerberos5 is prone to a Denial of Service DoS and an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

MIT Kerberos5 KDC Cross Realm Referral DoS Vulnerability

MIT Kerberos5 is prone to a Denial of Service DoS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mit:kerberos";...

MIT Kerberos5 Multiple Integer Underflow Vulnerabilities

MIT Kerberos5 is prone to multiple integer underflow vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

MIT Kerberos5 Detection (Linux/Unix SSH Login)

SSH login-based detection of MIT Kerberos5. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Kerberos5 Version Detection

This script detects the installed version of Kerberos5 and sets the result in KB. OpenVAS Vulnerability Test $Id: gbkerberos5detect.nasl 7823 2017-11-20 08:54:04Z cfischer $ Kerberos5 Version Detection Authors: Antu Sanadi Copyright: Copyright c 2010 Greenbone Networks GmbH,...

MIT Kerberos5 < 1.6.4 Multiple Vulnerabilities

MIT Kerberos5 is affected by the vulnerabilities described in CVE-2008-0062, CVE-2008-0063, CVE-2008-0947 and CVE-2008-0948. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

SuSE 10 Security Update : Kerberos5 (ZYPP Patch Number 2440)

Bugs in the handling of pointers to uninitializes resp. already freed memory could potentially be abused by attackers to execute code. CVE-2006-6144 / CVE-2006-6143 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

DEBIAN-CVE-2004-0971

The krb5-send-pr script in the kerberos5 krb5 package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files...

CVE-2004-0971

The CVE-2004-0971 issue affects the krb5-send-pr script in the krb5 package, allowing local users to overwrite files via a symlink attack on temporary files. Description in the sources notes this vulnerability for Trustix Secure Linux 1.5–2.1 and potentially other OSes. The vulnerability originat...

Security Advisory FreeBSD-SA-02:24.k5su

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:24.k5su Security Advisory The FreeBSD Project Topic: k5su utility does not honor wheel' group Category: kerberos5 Module: kerberos5/usr.bin/k5su Announced: 2002-05-20...