116 matches found
EUVD-2008-5661
Malware in sbrugna...
EUVD-2008-3811
Malware in sbrugna...
EUVD-2004-0652
Malware in sbrugna...
EUVD-2009-1382
Malware in sbrugna...
RHSA-2010:0258 Red Hat Security Advisory: pam_krb5 security and bug fix update
Bulletin has no description...
RHSA-2008:0907 Red Hat Security Advisory: pam_krb5 security update
Bulletin has no description...
OPENSUSE-SU-2024:10521-1 pam_krb5-2.4.4-6.7 on GA media
These are all security issues fixed in the pamkrb5-2.4.4-6.7 package on the GA media of openSUSE Tumbleweed...
Oracle Linux 5 : pam_krb5 (ELSA-2010-0258)
The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2010-0258 advisory. - dont vary the password prompt depending on whether or not the user exists or is known to the KDC CVE-2009-1384, 505265 Tenable has extracted the preceding...
FreeBSD : FreeBSD -- Network authentication attack via pam_krb5 (9b0d9832-47c1-11ee-8e38-002590c1f29c)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9b0d9832-47c1-11ee-8e38-002590c1f29c advisory. - pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-grantin...
FreeBSD : FreeBSD -- Network authentication attack via pam_krb5 (41af0277-47bf-11ee-8e38-002590c1f29c)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 41af0277-47bf-11ee-8e38-002590c1f29c advisory. - pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-grantin...
FreeBSD -- Network authentication attack via pam_krb5
Problem Description: The problem detailed in FreeBSD-SA-23:04.pamkrb5 persisted following the patch for that advisory. Impact: The impact described in FreeBSD-SA-23:04.pamkrb5 persists...
FreeBSD-SA-23:09.pam_krb5
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-23:09.pamkrb5 Security Advisory The FreeBSD Project Topic: Network authentication attack via pamkrb5 Category: core Module: pamkrb5 Announced: 2023-08-01...
CVE-2023-3326
pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pamkrb5 has no way to validate...
CVE-2023-3326
pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pamkrb5 has no way to validate...
CVE-2023-3326
pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pamkrb5 has no way to validate...
CVE-2023-3326
CVE-2023-3326 affects pam_krb5 in FreeBSD deployments where a keytab is not provisioned. The module authenticates by requesting a Kerberos TGT from KDC using the user password, but without a keytab there is no way to validate the KDC’s response, allowing an attacker who can control both the passw...
CVE-2023-3326
pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pamkrb5 has no way to validate...
CVE-2023-3326 Network authentication attack via pam_krb5
pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pamkrb5 has no way to validate...
CVE-2023-3326 Network authentication attack via pam_krb5
pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pamkrb5 has no way to validate...
FreeBSD -- Network authentication attack via pam_krb5
Problem Description: pamkrb5 authenticates the user by essentially running kinit1 with the password, getting a ticket-granting ticket' tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. Normally, the system running the pamkrb5 module will also hav...