Download
| Alert*
oval:org.secpod.oval:def:603778
libkrb5-dev is installed oval:org.secpod.oval:def:605037 libkrb5-dev is installed oval:org.secpod.oval:def:89396 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:89500 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:2000438 An issue was discovered in MIT Kerberos 5 through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other ... oval:org.secpod.oval:def:2001187 An issue was discovered in MIT Kerberos 5 through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center , which allows remote authenticated users to cause a denial of service via a mo ... oval:org.secpod.oval:def:2001116 A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type , the attacker can crash the KDC by making an S4U2Self request. oval:org.secpod.oval:def:89382 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:2000005 plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 through 1.15.2 mishandles Distinguished Name fields, which allows remote attackers to execute arbitrary code or cause a denial of service in situations involving untrusted X.509 data, related to the get_matching_data and X509_NAME_o ... oval:org.secpod.oval:def:708574 krb5: MIT Kerberos Network Authentication Protocol Details: USN-6467-1 fixed a vulnerability in Kerberos. This update provides the corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04. Original advisory Kerberos could be made to crash if it received specially crafted network ... oval:org.secpod.oval:def:96432 krb5: MIT Kerberos Network Authentication Protocol Details: USN-6467-1 fixed a vulnerability in Kerberos. This update provides the corresponding update for Linux Mint 20.x LTS, Linux Mint 21.x LTS and Ubuntu 23.04. Original advisory Kerberos could be made to crash if it received specially crafted ne ... oval:org.secpod.oval:def:2001263 MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string ... oval:org.secpod.oval:def:2000226 MIT libkrb5-dev 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service or bypass a DN container check by supplying tagged data that is internal to the database module. |