[3.4] Krb5: Multiple vulnerabilities (CVE-2015-8629, CVE-2015-8630, CVE-2015-8631)ID: oval:org.secpod.oval:def:1800763 | Date: (C)2018-03-29 (M)2021-11-09 |
Class: PATCH | Family: unix |
CVE-2015-8629: Verify decoded kadmin C strings. In all versions of MIT krb5, an authenticated attacker can causekadmind to read beyond the end of allocated memory by sending a string without a terminating zero byte. Information leakage may be possible for an attacker with permission to modify the database. Fixed In Version: 1.14.1, 1.13.4
Platform: |
Alpine Linux 3.4 |