Download
| Alert*
oval:org.secpod.oval:def:2103002
In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests. oval:org.secpod.oval:def:89002350 This update for krb5 provides the following fixes: Security issues fixed: - CVE-2018-5730: DN container check bypass by supplying special crafted data . - CVE-2018-5729: Null pointer dereference in kadmind or DN container check bypass by supplying special crafted data . Non-security issues fixed: - ... oval:org.secpod.oval:def:89043831 This update for krb5 fixes several issues. This security issue was fixed: - CVE-2017-11462: Prevent automatic security context deletion to prevent double-free . - CVE-2018-5729: Null pointer dereference in kadmind or DN container check bypass by supplying special crafted data . - CVE-2018-5730: DN c ... oval:org.secpod.oval:def:1601369 MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a linkdn and containerdn database argument, or by supplying a DN string which is a left extension of a container DN string but ... oval:org.secpod.oval:def:205053 Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos ... oval:org.secpod.oval:def:114027 Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form. oval:org.secpod.oval:def:114073 Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form. oval:org.secpod.oval:def:502524 Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos ... oval:org.secpod.oval:def:1700106 MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a quot;linkdnquot; and quot;containerdnquot; database argument, or by supplying a DN string which is a left extension of a cont ... oval:org.secpod.oval:def:2001263 MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string ... oval:org.secpod.oval:def:1502367 The advisory is missing the security advisory description. For more information please visit the reference link |