DSA-3153-1 krb5 -- krb5ID: oval:org.secpod.oval:def:601948 | Date: (C)2015-02-10 (M)2023-12-07 |
Class: PATCH | Family: unix |
Multiples vulnerabilities have been found in krb5, the MIT implementation of Kerberos: CVE-2014-5352 Incorrect memory management in the libgssapi_krb5 library might result in denial of service or the execution of arbitrary code. CVE-2014-9421 Incorrect memory management in kadmind"s processing of XDR data might result in denial of service or the execution of arbitrary code. CVE-2014-9422 Incorrect processing of two-component server principals might result in impersonation attacks. CVE-2014-9423 An information leak in the libgssrpc library.
Product: |
krb5-kdc |
krb5-kdc-ldap |
krb5-admin-server |