363 matches found
SUSE SLED15 / SLES15 Security Update : krb5 (SUSE-SU-2020:3377-1)
This update for krb5 fixes the following security issue : CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message bsc1178512. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted...
OPENSUSE-SU-2020:2062-1 Security update for krb5
This update for krb5 fixes the following security issue: - CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message bsc1178512. This update was imported from the SUSE:SLE-15-SP1:Update update project...
Security update for krb5 (moderate)
openSUSE Security Update: Security update for krb5 Announcement ID: openSUSE-SU-2020:2062-1 Rating: moderate References: 1178512 Cross-References: CVE-2020-28196 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for krb5 fixes...
OPENSUSE-SU-2020:2037-1 Security update for krb5
This update for krb5 fixes the following security issue: - CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message bsc1178512. This update was imported from the SUSE:SLE-15-SP1:Update update project...
Security update for krb5 (moderate)
openSUSE Security Update: Security update for krb5 Announcement ID: openSUSE-SU-2020:2037-1 Rating: moderate References: 1178512 Cross-References: CVE-2020-28196 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for krb5 fixes...
CVE-2020-28196
A flaw was found in krb5. MIT Kerberos 5 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit...
Debian: Security Advisory (DSA-4795-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4795-1 : krb5 - security update
Demi Obeneour discovered that unbounded recursion in the ASN1 parser of libkrb5 could result in denial of service. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4795. The text itself is copyright C Software...
[SECURITY] [DSA 4795-1] krb5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4795-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 21, 2020 https://www.debian.org/security/faq -...
SUSE-SU-2020:3379-1 Security update for krb5
This update for krb5 fixes the following security issue: - CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message bsc1178512...
SUSE-SU-2020:3375-1 Security update for krb5
This update for krb5 fixes the following security issue: - CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message bsc1178512...
CVE-2020-26883
In Play Framework 2.6.0 through 2.8.2, stack consumption can occur because of unbounded recursion during parsing of crafted JSON documents...
CVE-2020-26883
In Play Framework 2.6.0 through 2.8.2, stack consumption can occur because of unbounded recursion during parsing of crafted JSON documents...
DEBIAN-CVE-2020-28196
MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit...
ALPINE-CVE-2020-28196
MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit...
CVE-2020-28196
MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit...
CVE-2020-28196
MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit...
CVE-2020-28196
MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit...
CVE-2020-28196
MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit...
Stack Overflow in Apache Mesos
When parsing a JSON payload with deeply nested JSON structures, the parser in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.1, 1.6.0 to 1.6.1, and 1.7.0 might overflow the stack due to unbounded recursion. A malicious actor can therefore cause a denial of service of Mesos masters...