Download
| Alert*
oval:org.secpod.oval:def:507420
Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos ... oval:org.secpod.oval:def:507423 Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos ... oval:org.secpod.oval:def:507422 Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos ... oval:org.secpod.oval:def:3301325 SUSE Security Update: Security update for krb5 oval:org.secpod.oval:def:19500077 Integer overflow vulnerabilities in PAC parsing oval:org.secpod.oval:def:1506231 [1.18.2-22.0.1] - Fixed race condition in krb5_set_password [Orabug: 33609767] [1.] - Fix integer overflows in PAC parsing - Resolves: rhbz#2140967 oval:org.secpod.oval:def:1506232 [1.15.1-55.0.1] - Add recursion limit for ASN.1 indefinite lengths [Orabug: 32582360] [1.15.1-55] - Fix integer overflows in PAC parsing - Resolves: rhbz#2140961 oval:org.secpod.oval:def:3000285 It was discovered that there was a potential Denial of Service attack against krb5, a suite of tools implementing the Kerberos authentication system. An integer overflow in PAC parsing could have been exploited if a cross-realm entity acted maliciously. oval:org.secpod.oval:def:1601635 Integer overflow vulnerabilities in PAC parsing oval:org.secpod.oval:def:610264 Greg Hudson discovered integer overflow flaws in the PAC parsing in krb5, the MIT implementation of Kerberos, which may result in remote code execution , information exposure , or denial of service . oval:org.secpod.oval:def:85961 Greg Hudson discovered integer overflow flaws in the PAC parsing in krb5, the MIT implementation of Kerberos, which may result in remote code execution , information exposure , or denial of service . oval:org.secpod.oval:def:1506250 [1.19.1-24.0.1] - Fixed race condition in krb5_set_password [Orabug: 33609767] [1.19.1-24] - Fix integer overflows in PAC parsing - Resolves: rhbz#2140970 oval:org.secpod.oval:def:1601620 Integer overflow vulnerabilities in PAC parsing oval:org.secpod.oval:def:1506457 [1.10.3-65.0.1] - Fix integer overflows in PAC parsing [Orabug: 34843511] oval:org.secpod.oval:def:507419 Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos ... oval:org.secpod.oval:def:85678 A vulnerability was found in MIT krb5. This flaw allows an authenticated attacker to cause a KDC or kadmind process to crash by reading beyond the bounds of allocated memory, creating a denial of service. A privileged attacker may similarly be able to cause a Kerberos or GSS application service to c ... oval:org.secpod.oval:def:89396 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:89047922 This update for krb5 fixes the following issues: - CVE-2021-37750: Fixed KDC null pointer dereference via a FAST inner body that lacks a server field . - CVE-2022-42898: Fixed integer overflow in PAC parsing . oval:org.secpod.oval:def:2107808 Oracle Solaris 11 - ( CVE-2022-42898 ) oval:org.secpod.oval:def:89047923 This update for krb5 fixes the following issues: - CVE-2022-42898: Fixed integer overflow in PAC parsing . oval:org.secpod.oval:def:89048018 This update for krb5 fixes the following issues: - CVE-2022-42898: Fixed integer overflow in PAC parsing . oval:org.secpod.oval:def:5800091 Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos ... oval:org.secpod.oval:def:89048193 This update for krb5 fixes the following issues: - CVE-2022-42898: Fixed integer overflow in PAC parsing . oval:org.secpod.oval:def:2600117 Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos ... oval:org.secpod.oval:def:2500900 Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos ... oval:org.secpod.oval:def:124518 Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form. oval:org.secpod.oval:def:87229 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:205990 Security Fix: krb5: integer overflow vulnerabilities in PAC parsing For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:89047926 This update for krb5 fixes the following issues: - CVE-2022-42898: Fixed integer overflow in PAC parsing . oval:org.secpod.oval:def:4500958 Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos ... oval:org.secpod.oval:def:124567 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:89047931 This update for krb5 fixes the following issues: - CVE-2022-42898: Fixed integer overflow in PAC parsing . oval:org.secpod.oval:def:124445 Kerberos V5 is a trusted-third-party network authentication system, which can improve your networks security by eliminating the insecure practice of sending passwords over the network in unencrypted form. oval:org.secpod.oval:def:124443 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:1701110 Integer overflow vulnerabilities in PAC parsing oval:org.secpod.oval:def:124442 Kerberos V5 is a trusted-third-party network authentication system, which can improve your networks security by eliminating the insecure practice of sending passwords over the network in unencrypted form. oval:org.secpod.oval:def:89382 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:707909 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:97697 [CLSA-2022:1670874451] krb5: Fix of CVE-2022-42898 oval:org.secpod.oval:def:89394 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:610281 Several vulnerabilities were discovered in Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos. CVE-2021-3671 Joseph Sutton discovered that the Heimdal KDC does not validate that the server name in the TGS-REQ is present before dereferencing, which may result in den ... oval:org.secpod.oval:def:3300298 SUSE Security Update: Security update for samba oval:org.secpod.oval:def:124696 Kerberos 5 is a network authentication and single sign-on system. Heimdal is a free Kerberos 5 implementation without export restrictions written from the spec including advanced features like thread safety, IPv6, master-slave replication of Kerberos Key Distribution Center server and support for t ... oval:org.secpod.oval:def:88653 heimdal: Heimdal Kerberos Network Authentication Protocol Several security issues were fixed in Heimdal. oval:org.secpod.oval:def:89048127 This update for samba fixes the following issues: - Updated to version 4.15.13: - CVE-2022-38023: Removed weak cryptographic algorithms from the Netlogon RPC implementation . - CVE-2022-42898: Fixed several buffer overflow vulnerabilities on 32-bit systems . - CVE-2022-3437: Fixed a buffer overflow ... oval:org.secpod.oval:def:707907 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:89048164 This update for samba fixes the following issues: - CVE-2021-20251: Fixed an issue where the bad password count would not be properly incremented, which could allow attackers to brute force a user"s password . - Updated to version 4.15.13: - CVE-2022-37966: Fixed an issue where a weak cipher would b ... oval:org.secpod.oval:def:124470 Kerberos 5 is a network authentication and single sign-on system. Heimdal is a free Kerberos 5 implementation without export restrictions written from the spec including advanced features like thread safety, IPv6, master-slave replication of Kerberos Key Distribution Center server and support for ti ... oval:org.secpod.oval:def:89492 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:3000174 Multiple security vulnerabilities were discovered in heimdal, an implementation of the Kerberos 5 authentication protocol, which may result in denial of service, information disclosure, or remote code execution. CVE-2019-14870 Isaac Boukris reported that the Heimdal KDC before 7.7.1 does not apply d ... oval:org.secpod.oval:def:86614 Several vulnerabilities were discovered in Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos. CVE-2021-3671 Joseph Sutton discovered that the Heimdal KDC does not validate that the server name in the TGS-REQ is present before dereferencing, which may result in den ... oval:org.secpod.oval:def:124471 Kerberos 5 is a network authentication and single sign-on system. Heimdal is a free Kerberos 5 implementation without export restrictions written from the spec including advanced features like thread safety, IPv6, master-slave replication of Kerberos Key Distribution Center server and support for ti ... oval:org.secpod.oval:def:87227 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:3300259 SUSE Security Update: Security update for libheimdal oval:org.secpod.oval:def:708015 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:707883 heimdal: Heimdal Kerberos Network Authentication Protocol Several security issues were fixed in Heimdal. oval:org.secpod.oval:def:89048025 This update for samba fixes the following issues: Version update to 4.15.12. Security issues fixed: - CVE-2022-2031: Fixed AD users that could have bypassed certain restrictions associated with changing passwords . - CVE-2022-32742: Fixed SMB1 code that does not correctly verify SMB1write, SMB1write ... oval:org.secpod.oval:def:124488 Samba is the standard Windows interoperability suite of programs for Linux and Unix. |