9 matches found
EUVD-2010-3997
Malware in sbrugna...
FreeBSD Ports: krb5
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: krb5
The remote host is missing an update to the system as announced in the referenced advisory. VID 4ccbd40d-03f7-11e0-bf50-001a926c7637 OpenVAS Vulnerability Test $ Description: Auto generated from VID 4ccbd40d-03f7-11e0-bf50-001a926c7637 Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...
DEBIAN-CVE-2010-4021
The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 does not properly restrict the use of TGT credentials for armoring TGS requests, which might allow remote authenticated users to impersonate a client by rewriting an inner request, aka a "KrbFastReq forgery issue."...
Design/Logic Flaw
The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 does not properly restrict the use of TGT credentials for armoring TGS requests, which might allow remote authenticated users to impersonate a client by rewriting an inner request, aka a "KrbFastReq forgery issue."...
CVE-2010-4021
The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 does not properly restrict the use of TGT credentials for armoring TGS requests, which might allow remote authenticated users to impersonate a client by rewriting an inner request, aka a "KrbFastReq forgery issue."...
CVE-2010-4021
CVE-2010-4021 affects MIT Kerberos 5 (krb5) 1.7, where the KDC may inappropriately allow TGT credentials to armoring TGS requests. This can let a remote authenticated attacker impersonate a client by rewriting an inner request via a problematic KrbFastArmoredReq handling. The issue is tied to iss...
CVE-2010-4021
The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 does not properly restrict the use of TGT credentials for armoring TGS requests, which might allow remote authenticated users to impersonate a client by rewriting an inner request, aka a "KrbFastReq forgery issue."...
krb5 -- multiple checksum handling vulnerabilities
The MIT Kerberos team reports: MIT krb incorrectly accepts an unkeyed checksum with DES session keys for version 2 RFC 4121 of the GSS-API krb5 mechanism. An unauthenticated remote attacker can forge GSS tokens that are intended to be integrity-protected but unencrypted, if the targeted...