52 matches found
RHEL 5 : krb5 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - krb5: kadmind doubly frees partial deserialization results MITKRB5-SA-2015-001 CVE-2014-9421 - krb5:...
krb5 -- Integer overflow vulnerabilities in PAC parsing
MITKRB5-SA-2022-001 Vulnerabilities in PAC parsing: Due to an integer overflow vulnerabilities in PAC parsing An authenticated attacker may be able to cause a KDC or kadmind process to crash by reading beyond the bounds of allocated memory, creating a denial of service. On 32-bit platforms an...
Oracle: Security Advisory (ELSA-2012-1131)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 6 : krb5 (ELSA-2015-0794)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0794 advisory. - fix for CVE-2014-5355 1193939 'krb5: unauthenticated denial of service in recvauthcommon and others' - fix for CVE-2014-5353 1174543 'Fix LDAP misuse...
Security fix for the ALT Linux 7 package krb5 version 1.13-alt3
Feb. 8, 2015 Ivan A. Melnikov 1.13-alt3 - fix for MITKRB5-SA-2015-001 CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423...
Security fix for the ALT Linux 9 package krb5 version 1.13-alt3
Feb. 8, 2015 Ivan A. Melnikov 1.13-alt3 - fix for MITKRB5-SA-2015-001 CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423...
Security fix for the ALT Linux 8 package krb5 version 1.13-alt3
Feb. 8, 2015 Ivan A. Melnikov 1.13-alt3 - fix for MITKRB5-SA-2015-001 CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423...
OracleVM 3.3 : krb5 (OVMSA-2014-0034)
The remote OracleVM system is missing necessary patches to address critical security updates : - actually apply that last patch - incorporate fix for MITKRB5-SA-2014-001 CVE-2014-4345, 1128157 - ksu: when evaluating .k5users, don't throw away data from .k5users when we're not passed a command to...
Oracle Linux 6 : krb5 (ELSA-2014-1389)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1389 advisory. - incorporate fix for MITKRB5-SA-2014-001 CVE-2014-4345, 1128157 - gssapi: pull in upstream fix for a possible NULL dereference in spnego CVE-2014-4344...
krb5 security and bug fix update
1.10.3-33 - actually apply that last patch 1.10.3-32 - incorporate fix for MITKRB5-SA-2014-001 CVE-2014-4345, 1128157 1.10.3-31 - ksu: when evaluating .k5users, don't throw away data from .k5users when we're not passed a command to run, which implicitly means we're attempting to run the target...
Oracle Linux 6 : krb5 (ELSA-2011-1790)
The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2011-1790 advisory. 1.9-22.1 - add candidate patch to fix a NULL pointer dereference while processing TGS requests MITKRB5-SA-2011-007, 754046 Tenable has extracted the preceding...
Oracle Linux 5 : krb5 (ELSA-2012-0306)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2012-0306 advisory. - add upstream patch for telnetd buffer overflow CVE-2011-4862, 770351 - ftpd: add backported patch to check for errors when calling setegid MITKRB5-SA-2011-005...
Oracle Linux 6 : krb5 (ELSA-2011-0200)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0200 advisory. - add upstream patches to fix standalone kpropd exiting if the per-client child process exits with an error, and hang or crash in the KDC when using th...
Oracle Linux 5 : krb5 (ELSA-2010-0926)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2010-0926 advisory. 1.6.1-36.el55.6 - incorporate candidate patch for checksum acceptance issues from MITKRB5-SA-2010-007 CVE-2010-1323, 652307 Tenable has extracted the preceding...
Scientific Linux Security Update : krb5 on SL3.x, SL4.x, SL5.x i386/x86_64
CVE-2009-4212 krb: KDC integer overflows in AES and RC4 decryption routines MITKRB5-SA-2009-004 Multiple integer underflow flaws, leading to heap-based corruption, were found in the way the MIT Kerberos Key Distribution Center KDC decrypted ciphertexts encrypted with the Advanced Encryption...
RHEL 5 : krb5 (RHSA-2012:0306)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:0306 advisory. - krb5, krb5-appl: ftpd incorrect group privilege dropping MITKRB5-SA-2011-005 CVE-2011-1526 Note that Nessus has not tested for this issue but has...
krb5-appl -- telnetd code execution vulnerability
The MIT Kerberos Team reports: When an encryption key is supplied via the TELNET protocol, its length is not validated before the key is copied into a fixed-size buffer. Also see MITKRB5-SA-2011-008...
krb5 security update
1.9-22.1 - add candidate patch to fix a NULL pointer dereference while processing TGS requests MITKRB5-SA-2011-007, 754046...
MITKRB5-SA-2011-007 KDC null pointer dereference in TGS handling [CVE-2011-1530]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MITKRB5-SA-2011-007 MIT krb5 Security Advisory 2011-007 Original release: 2011-12-06 Last update: 2011-12-06 Topic: KDC null pointer dereference in TGS handling CVE-2011-1530 KDC null pointer dereference in TGS handling CVSSv2 Vector:...
RHEL 6 : krb5 (RHSA-2011:1790)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:1790 advisory. - krb5 krb5kdc: NULL pointer dereference in the TGS handling MITKRB5-SA-2011-007 CVE-2011-1530 Note that Nessus has not tested for this issue but has...