14 matches found
FreeBSD Ports: krb5
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD : krb5 -- multiple checksum handling vulnerabilities (11bbccbc-03ee-11e0-bcdb-001fc61c2a55)
The MIT Kerberos team reports : MIT krb5 clients incorrectly accept an unkeyed checksums in the SAM-2 preauthentication challenge. An unauthenticated remote attacker could alter a SAM-2 challenge, affecting the prompt text seen by the user or the kind of response sent to the KDC. Under some...
Mandriva Update for krb5 MDVSA-2010:246 (krb5)
Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDVSA-2010:246 krb5 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Mandriva Update for krb5 MDVSA-2010:245 (krb5)
Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDVSA-2010:245 krb5 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Mandriva Update for krb5 MDVSA-2010:245 (krb5)
Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDVSA-2010:245 krb5 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
CVE-2010-1323
MIT Kerberos 5 aka krb5 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center KDC, or forge a KRB-SAFE message via...
CVE-2010-1323
MIT Kerberos 5 aka krb5 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center KDC, or forge a KRB-SAFE message via...
CVE-2010-1323
MIT Kerberos 5 aka krb5 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center KDC, or forge a KRB-SAFE message via...
CVE-2010-1323
MIT Kerberos 5 aka krb5 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center KDC, or forge a KRB-SAFE message via...
Debian DSA-2129-1 : krb5 - checksum verification weakness
A vulnerability has been found in krb5, the MIT implementation of Kerberos. MIT krb5 clients incorrectly accept unkeyed checksums in the SAM-2 preauthentication challenge: an unauthenticated remote attacker could alter a SAM-2 challenge, affecting the prompt text seen by the user or the kind of...
Mandriva Linux Security Advisory : krb5 (MDVSA-2010:245)
A vulnerability was discovered and corrected in krb5 : An unauthenticated remote attacker could alter a SAM-2 challenge, affecting the prompt text seen by the user or the kind of response sent to the KDC. Under some circumstances, this can negate the incremental security benefit of using a...
DSA-2129-1 krb5 - checksum verification weakness
Bulletin has no description...
krb5: incorrect acceptance of certain checksums (MITKRB5-SA-2010-007)
MIT Kerberos 5 aka krb5 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center KDC, or forge a KRB-SAFE message via...
krb5 -- multiple checksum handling vulnerabilities
The MIT Kerberos team reports: MIT krb5 clients incorrectly accept an unkeyed checksums in the SAM-2 preauthentication challenge. An unauthenticated remote attacker could alter a SAM-2 challenge, affecting the prompt text seen by the user or the kind of response sent to the KDC. Under some...