502 matches found
Moderate: Red Hat Security Advisory: krb5 security and bug fix update
An update for krb5 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
ALSA-2023:6699 Moderate: krb5 security and bug fix update
Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...
Moderate: krb5 security and bug fix update
Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...
CVE-2023-42771
Authentication bypass vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent unauthenticated attacker who can access the affected product to download configuration files and/or log files, and upload configuration files...
Vulnerabilities fixed in Microsoft Exchange
Microsoft has fixed vulnerabilities in Exchange. A malicious party can exploit the vulnerabilities to impersonate as another user and use their privileges to execute arbitrary code be able to execute arbitrary code or gain access to sensitive data. For successful abuse, the malicious party must b...
TP-LINK Archer C7 OS Command Injection Vulnerability
The TP-LINK Archer C7 is a wireless router from China P&L TP-LINK. A security vulnerability exists in firmware versions prior to TP-LINK Archer C7JPV2230602, and firmware versions prior to Archer C55JPV1230506, which stems from a vulnerability that could allow a network-adjacent authenticated...
krb5 bug fix update
An update is available for krb5. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kerberos is a network authentication system, which can improve the security of...
FreeBSD : FreeBSD -- Network authentication attack via pam_krb5 (9b0d9832-47c1-11ee-8e38-002590c1f29c)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9b0d9832-47c1-11ee-8e38-002590c1f29c advisory. - pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-grantin...
FreeBSD : FreeBSD -- Network authentication attack via pam_krb5 (41af0277-47bf-11ee-8e38-002590c1f29c)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 41af0277-47bf-11ee-8e38-002590c1f29c advisory. - pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-grantin...
[SECURITY] Fedora 38 Update: krb5-1.21-3.fc38
Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form...
FreeBSD-SA-23:09.pam_krb5
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-23:09.pamkrb5 Security Advisory The FreeBSD Project Topic: Network authentication attack via pamkrb5 Category: core Module: pamkrb5 Announced: 2023-08-01...
FreeBSD -- Network authentication attack via pam_krb5
Problem Description: The problem detailed in FreeBSD-SA-23:04.pamkrb5 persisted following the patch for that advisory. Impact: The impact described in FreeBSD-SA-23:04.pamkrb5 persists...
Important: Red Hat Enhancement Advisory: krb5 bug fix update
An update for krb5 is now available for Red Hat Enterprise Linux 8. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to...
CVE-2023-3326 Network authentication attack via pam_krb5
pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pamkrb5 has no way to validate...
FreeBSD-SA-23:04.pam_krb5
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-23:04.pamkrb5 Security Advisory The FreeBSD Project Topic: Network authentication attack via pamkrb5 Category: core Module: pamkrb5 Announced: 2023-06-21...
FreeBSD -- Network authentication attack via pam_krb5
Problem Description: pamkrb5 authenticates the user by essentially running kinit1 with the password, getting a ticket-granting ticket' tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. Normally, the system running the pamkrb5 module will also hav...
Moderate: Red Hat Security Advisory: krb5 security, bug fix, and enhancement update
An update for krb5 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
ALSA-2023:2570 Moderate: krb5 security, bug fix, and enhancement update
Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...
The vulnerability of the NTLM network authentication protocol for Windows operating systems allows attackers to circumvent security restrictions and gain increased privileges.
The vulnerability of the NTLM network authentication protocol for Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to circumvent security restrictions and enhance their privileges...
The vulnerability of the NTLM network authentication protocol for Windows operating systems allows attackers to circumvent security restrictions and gain increased privileges.
The vulnerability of the NTLM network authentication protocol for Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to circumvent security restrictions and enhance their privileges...