Download
| Alert*
|
oval:org.secpod.oval:def:24395
The host is missing a patch containing a security fixes, which affects the following package(s): krb5.client.rte and krb5.server.rte oval:org.secpod.oval:def:25774 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:109199 Kerberos V5 is a trusted-third-party network authentication system, which can improve your network"s security by eliminating the insecure practice of sending passwords over the network in unencrypted form. oval:org.secpod.oval:def:702410 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:108509 Kerberos V5 is a trusted-third-party network authentication system, which can improve your network"s security by eliminating the insecure practice of sending passwords over the network in unencrypted form. oval:org.secpod.oval:def:52405 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:601948 Multiples vulnerabilities have been found in krb5, the MIT implementation of Kerberos: CVE-2014-5352 Incorrect memory management in the libgssapi_krb5 library might result in denial of service or the execution of arbitrary code. CVE-2014-9421 Incorrect memory management in kadmind"s processing of XD ... oval:org.secpod.oval:def:204196 A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO acceptor for continuation tokens. A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application. A buffer overflow was found in the KADM5 administration server when it was used with an LDAP b ... oval:org.secpod.oval:def:501510 A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO acceptor for continuation tokens. A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application. A buffer overflow was found in the KADM5 administration server when it was used with an LDAP b ... oval:org.secpod.oval:def:108480 Kerberos V5 is a trusted-third-party network authentication system, which can improve your network"s security by eliminating the insecure practice of sending passwords over the network in unencrypted form. oval:org.secpod.oval:def:1500932 The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgssapi_krb5 library in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly maintain security-context handles, which allows remote authenticated use ... |
