28 matches found
Fedora 41 : krb5 (2025-42a13f896e)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-42a13f896e advisory. Disallowing use of the arcfour-hmac-md5 encryption type for session keys Add support for the PKINIT paChecksum2 sequence, required for Active Directory...
Fedora 42 : krb5 (2025-3de9fe91ff)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-3de9fe91ff advisory. Disallowing use of the arcfour-hmac-md5 encryption type for session keys Add support for the PKINIT paChecksum2 sequence, required for Active Directory...
CLSA-2025-1748001506 krb5: Fix of CVE-2024-3596
CVE-2024-3596: implement support for Message-Authenticator in libkrad...
CLSA-2025-1739962899 krb5: Fix of CVE-2024-3596
CVE-2024-3596: implement support for Message-Authenticator in libkrad...
CLSA-2025-1739812242 Fix CVE(s): CVE-2024-3596
SECURITY UPDATE: Generate and verify message MACs in libkrad - debian/patches/CVE-2024-3596.patch: implement support for Message-Authenticator in libkrad - CVE-2024-3596 debian/control: add package Recommends to krb5-doc...
CLSA-2025-1739387995 krb5: Fix of CVE-2024-3596
CVE-2024-3596: implement support for Message-Authenticator in libkrad...
USN-7257-1 krb5 vulnerability
Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl discovered that Kerberos incorrectly authenticated certain responses. An attacker able to intercept communications between a RADIUS client and server could possibly use this issue to forge responses, bypas...
krb5 security update
1.15.1-55.0.7 - libkrad: implement support for Message-Authenticator CVE-2024-3596 Orabug: 37241077...
krb5 security update
1.21.1-4.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.21.1-4 - libkrad: implement support for Message-Authenticator CVE-2024-3596 Resolves: RHEL-55423 - Fix various issues detected by static analysis Resolves: RHEL-58216 - Remove RSA protocol for PKINIT Resolves: RHEL-15323...
freeradius: forgery attack
A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...
freeradius: forgery attack
A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...
krb5 security update
1.18.2-30.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.18.2-30 - libkrad: implement support for Message-Authenticator CVE-2024-3596 Resolves: RHEL-50253 - Remove RSA protocol for PKINIT Resolves: RHEL-17616...
freeradius: forgery attack
A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...
freeradius: forgery attack
A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...
freeradius: forgery attack
A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...
freeradius: forgery attack
A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...
freeradius: forgery attack
A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...
freeradius: forgery attack
A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...
USN-7055-1 freeradius vulnerability
Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl discovered that FreeRADIUS incorrectly authenticated certain responses. An attacker able to intercept communications between a RADIUS client and server could possibly use this issue to forge responses,...
freeradius: forgery attack
A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...