30 matches found
MiracleLinux 3 : krb5-1.6.1-80.AXS3 (AXSA:2014-537:02)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-537:02 advisory. Description : Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practi...
EUVD-2016-4172
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2016-3119
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The processdbargs function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 through 1.13.4 and 1.14....
K15566: Kerberos vulnerability CVE-2014-4345
Security Advisory Description Off-by-one error in the krb5encodekrbsecretkey function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to cause...
SUSE CVE-2016-3119
The processdbargs function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service NULL pointer dereferenc...
Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2016-1076)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.5.1 : krb5 (EulerOS-SA-2018-1376)
According to the version of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A NULL pointer dereference flaw was found in MIT Kerberos kadmind service. An authenticated attacker with permission to modify a...
EulerOS 2.0 SP1 : krb5 (EulerOS-SA-2016-1076)
According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference flaw was found in MIT Kerberos kadmind service. An authenticated attacker with permission to modify a principal entry...
Amazon Linux AMI : krb5 (ALAS-2017-793)
A NULL pointer dereference flaw was found in MIT Kerberos kadmind service. An authenticated attacker with permission to modify a principal entry could use this flaw to cause kadmind to dereference a NULL pointer and crash by supplying an empty DB argument to the modifyprincipal command, if kadmin...
Scientific Linux Security Update : krb5 on SL7.x x86_64 (20161103)
The following packages have been upgraded to a newer upstream version: krb5 1.14.1. Security Fixes : - A NULL pointer dereference flaw was found in MIT Kerberos kadmind service. An authenticated attacker with permission to modify a principal entry could use this flaw to cause kadmind to dereferen...
SUSE-SU-2016:1088-1 Security update for krb5
This update for krb5 fixes the following security issue: - CVE-2016-3119: An authenticated attacker with permission to modify a principal entry could have caused kadmind to dereference a null pointer by supplying an empty DB argument to the modifyprincipal command, if kadmind is configured to use...
SUSE SLED12 / SLES12 Security Update : krb5 (SUSE-SU-2016:0994-1)
This update for krb5 fixes the following security issue : - CVE-2016-3119: An authenticated attacker with permission to modify a principal entry could have caused kadmind to dereference a NULL pointer by supplying an empty DB argument to the modifyprincipal command, if kadmind is configured to us...
SUSE-SU-2016:0994-1 Security update for krb5
This update for krb5 fixes the following security issue: - CVE-2016-3119: An authenticated attacker with permission to modify a principal entry could have caused kadmind to dereference a null pointer by supplying an empty DB argument to the modifyprincipal command, if kadmind is configured to use...
openSUSE Security Update : krb5 (openSUSE-2016-424)
This update for krb5 fixes the following security issue : - CVE-2016-3119: An authenticated attacker with permission to modify a principal entry could have caused kadmind to dereference a NULL pointer by supplying an empty DB argument to the modifyprincipal command, if kadmind is configured to us...
MIT Kerberos 5 kadmind LDAP KDB Module Denial of Service Vulnerability
MIT Kerberos 5 also known as krb5 is a network authentication protocol developed by the Massachusetts Institute of Technology MIT in the United States, which adopts a client/server structure, and both the client and the server side can authenticate each other i.e., double authentication, which...
CVE-2016-3119
The processdbargs function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service NULL pointer dereferenc...
CVE-2016-3119
The processdbargs function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service NULL pointer dereferenc...
CVE-2016-3119
The processdbargs function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service NULL pointer dereferenc...
CVE-2016-3119
The processdbargs function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service NULL pointer dereferenc...
DEBIAN-CVE-2014-4345
Off-by-one error in the krb5encodekrbsecretkey function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to cause a denial of service buffer...