Download
| Alert*
|
oval:org.secpod.oval:def:602999
Jeffrey Altman, Viktor Duchovni and Nico Williams identified a mutual authentication bypass vulnerability in samba, the SMB/CIFS file, print, and login server. Also known as Orpheus" Lyre, this vulnerability is located in Samba Kerberos Key Distribution Center component and could be used by an atta ... oval:org.secpod.oval:def:42227 The host is installed with Apple Mac OS X 10.8 before 10.13 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle a validation issue, that existed in the handling of the KDC-REP service name. Successful exploitation could allow attackers in a privi ... oval:org.secpod.oval:def:112682 Kerberos 5 is a network authentication and single sign-on system. Heimdal is a free Kerberos 5 implementation without export restrictions written from the spec including advanced features like thread safety, IPv6, master-slave replication of Kerberos Key Distribution Center server and support for t ... oval:org.secpod.oval:def:89044999 This update provides Samba 4.6.7, which fixes the following issues: - CVE-2017-11103: Metadata were being taken from the unauthenticated plaintext rather than the authenticated and encrypted KDC response. - Fix cephwrap_chdir. - Fix ctdb logs to /var/log/log.ctdb instead of /var/log/ctdb. - Fix ... oval:org.secpod.oval:def:1800189 A MITM attacker may impersonate a trusted server and thus gain elevated access to the domain by returning malicious replication or authorization data. Affected versions: All versions between Samba 4.0.0 and 4.6.6/4.5.12/4.4.15 oval:org.secpod.oval:def:1800288 Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus" Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket the KDC-REP service name must be obtained from the encrypted version stored i ... oval:org.secpod.oval:def:1000634 The remote host is missing a patch 152079-71 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1800842 A MITM attacker may impersonate a trusted server and thus gain elevated access to the domain by returning malicious replication or authorization data. Affected versions: All versions between Samba 4.0.0 and 4.6.6/4.5.12/4.4.15 oval:org.secpod.oval:def:603000 Jeffrey Altman, Viktor Dukhovni, and Nicolas Williams reported that Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos, trusts metadata taken from the unauthenticated plaintext , rather than the authenticated and encrypted KDC response. A man-in-the-middle attacker ... oval:org.secpod.oval:def:1800889 Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus" Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket the KDC-REP service name must be obtained from the encrypted version stored i ... oval:org.secpod.oval:def:1000659 The remote host is missing a patch 152098-61 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1800507 Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus" Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket the KDC-REP service name must be obtained from the encrypted version stored i ... oval:org.secpod.oval:def:1000693 The remote host is missing a patch 152077-71 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1000674 The remote host is missing a patch 152097-61 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:112635 Kerberos 5 is a network authentication and single sign-on system. Heimdal is a free Kerberos 5 implementation without export restrictions written from the spec including advanced features like thread safety, IPv6, master-slave replication of Kerberos Key Distribution Center server and support for t ... oval:org.secpod.oval:def:1000794 The remote host is missing a patch 152076-71 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:53097 Jeffrey Altman, Viktor Dukhovni, and Nicolas Williams reported that Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos, trusts metadata taken from the unauthenticated plaintext , rather than the authenticated and encrypted KDC response. A man-in-the-middle attacker ... oval:org.secpod.oval:def:53096 Jeffrey Altman, Viktor Duchovni and Nico Williams identified a mutual authentication bypass vulnerability in samba, the SMB/CIFS file, print, and login server. Also known as Orpheus" Lyre, this vulnerability is located in Samba Kerberos Key Distribution Center component and could be used by an atta ... oval:org.secpod.oval:def:1000727 The remote host is missing a patch 152078-71 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:2102700 The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. oval:org.secpod.oval:def:51844 heimdal: Heimdal Kerberos Network Authentication Protocol Heimdal could allow unintended access to network services. oval:org.secpod.oval:def:1800531 A MITM attacker may impersonate a trusted server and thus gain elevated access to the domain by returning malicious replication or authorization data. Affected versions All versions between Samba 4.0.0 and 4.6.6/4.5.12/4.4.15 oval:org.secpod.oval:def:51843 samba: SMB/CIFS file, print, and login server for Unix Samba could allow unintended access to network services. oval:org.secpod.oval:def:703701 samba: SMB/CIFS file, print, and login server for Unix Samba could allow unintended access to network services. oval:org.secpod.oval:def:1800731 Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus" Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket the KDC-REP service name must be obtained from the encrypted version stored i ... oval:org.secpod.oval:def:1000763 The remote host is missing a patch 152096-61 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1000803 The remote host is missing a patch 152099-61 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:703702 heimdal: Heimdal Kerberos Network Authentication Protocol Heimdal could allow unintended access to network services. oval:org.secpod.oval:def:42910 The host is missing a security update according to Apple advisory, APPLE-SA-2017-10-31-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:42214 The host is missing a security update according to Apple advisory, APPLE-SA-2017-09-25-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... |
