Download
| Alert*
oval:org.secpod.oval:def:102147
Kerberos V5 is a trusted-third-party network authentication system, which can improve your network"s security by eliminating the insecure practice of cleartext passwords. oval:org.secpod.oval:def:400089 The Kerberos implementation from MIT is vulnerable to four different security issues that range from a remote crash to to possible, but very unlikely, remote code execution. - CVE-2009-0844: The SPNEGO GSS-API implementation can read beyond the end of a buffer which leads to a crash. - CVE-2009-084 ... oval:org.secpod.oval:def:700343 Multiple flaws were discovered in the Kerberos GSS-API and ASN.1 routines that did not correctly handle certain requests. An unauthenticated remote attacker could send specially crafted traffic to crash services using the Kerberos library, leading to a denial of service. oval:org.secpod.oval:def:600296 Several vulnerabilities have been found in the MIT reference implementation of Kerberos V5, a system for authenticating users and services on a network. The Common Vulnerabilities and Exposures project identified the following problems: The Apple Product Security team discovered that the SPNEGO GSS- ... oval:org.secpod.oval:def:300824 Multiple vulnerabilities has been found and corrected in krb5: The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 1.5 through 1.6.3 allows remote attackers to cause a denial of service and possibly obtain sensitive information via a crafted length value that triggers a buf ... oval:org.secpod.oval:def:102377 Kerberos V5 is a trusted-third-party network authentication system, which can improve your network"s security by eliminating the insecure practice of cleartext passwords. oval:org.mitre.oval:def:8181 Several vulnerabilities have been found in the MIT reference implementation of Kerberos V5, a system for authenticating users and services on a network. The Common Vulnerabilities and Exposures project identified the following problems: The Apple Product Security team discovered that the SPNEGO GSS- ... oval:org.secpod.oval:def:300832 Multiple vulnerabilities has been found and corrected in krb5: The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 1.5 through 1.6.3 allows remote attackers to cause a denial of service and possibly obtain sensitive information via a crafted length value that triggers a buf ... |