Download
| Alert*
|
oval:org.secpod.oval:def:1300196
A vulnerability has been discovered and corrected in krb5: The kpasswd service provided by kadmind was vulnerable to a UDP ping-pong attack . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:1600260 It was found that kadmind"s kpasswd service did not perform any validation on incoming network packets, causing it to reply to all requests. A remote attacker could use this flaw to send spoofed packets to a kpasswd service that appear to come from kadmind on a different server, causing the services ... oval:org.secpod.oval:def:601046 It was discovered that the kpasswd service running on UDP port 464 could respond to response packets, creating a packet loop and a denial of service condition. oval:org.secpod.oval:def:1500190 Updated krb5 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availab ... oval:org.secpod.oval:def:104907 Kerberos V5 is a trusted-third-party network authentication system, which can improve your network"s security by eliminating the insecure practice of sending passwords over the network in unencrypted form. oval:org.secpod.oval:def:1500191 Updated krb5 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availab ... oval:org.secpod.oval:def:702839 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:501069 Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center . It was found that kadmind"s kpasswd service did not perform any validation on incoming network packets, causi ... oval:org.secpod.oval:def:104911 Kerberos V5 is a trusted-third-party network authentication system, which can improve your network"s security by eliminating the insecure practice of sending passwords over the network in unencrypted form. oval:org.secpod.oval:def:202899 Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center . It was found that kadmind"s kpasswd service did not perform any validation on incoming network packets, causi ... oval:org.secpod.oval:def:202898 Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center . It was found that kadmind"s kpasswd service did not perform any validation on incoming network packets, causi ... |
