Download
| Alert*
|
oval:org.secpod.oval:def:2103002
In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests. oval:org.secpod.oval:def:89044641 This update for krb5 fixes the following issues: Security issues fixed: - CVE-2017-15088: A buffer overflow in get_matching_data was fixed that could under specific circumstances be used to execute code oval:org.secpod.oval:def:113627 Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form. oval:org.secpod.oval:def:1900289 plugins/preauth/pkinit/pkinit_crypto_opelibnss3-devl.c in MIT Kerberos 5 through 1.15.2 mishandles Distinguished Name fields, which allow sremote attackers to execute arbitrary code or cause a denial of service in situations involving untrustedX.509 data, related to the get_matching_data and X509_NA ... oval:org.secpod.oval:def:113438 Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form. oval:org.secpod.oval:def:2000005 plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 through 1.15.2 mishandles Distinguished Name fields, which allows remote attackers to execute arbitrary code or cause a denial of service in situations involving untrusted X.509 data, related to the get_matching_data and X509_NAME_o ... |
