VMware Security Advisory 2010-0016 - This patch updates the service console kernel to fix multiple security issues. Updates to the likewisekrb5, likewiseopenldap, likewiseopen, and pamkrb5 packages address several security issues.
07d894e6a7a9e88a8d84a552ceb2b2d8a971a3c2b551994cd04d95e15402b1ccMandriva Linux Security Advisory 2009-098 - Multiple vulnerabilities has been found and corrected in krb5. The updated packages have been patched to correct these issues. Packages for 2008.0 are being provided due to extended support for Corporate products.
2bb2bf931d6ac2e4ccaf6f044d6d84fb55c9289bdf7e1e03c8e0a43d4dd4c549Mandriva Linux Security Advisory 2009-098 - The MIT Kerberos 5 package suffers from denial of service and code execution vulnerabilities.
c3d3e4274812b9c2cce624dd05968c9b06064f2095293045b170f7bb2707e171Debian Security Advisory 1766-1 - Several vulnerabilities have been found in the MIT reference implementation of Kerberos V5, a system for authenticating users and services on a network.
62744b0660268ab7130a3287b506316b68daa390f0f7c8054bab6ce99001b83aGentoo Linux Security Advisory GLSA 200904-09 - Multiple vulnerabilites in MIT Kerberos 5 might allow remote unauthenticated users to execute arbitrary code with root privileges. Versions less than 1.6.3-r6 are affected.
7b528ce4b70a3225550954d57e4772d37c008963e25bab1c29d3738f9ed187b1SUSE Security Announcement - The Kerberos implementation from MIT is vulnerable to four different security issues that range from a remote crash to to possible, but very unlikely, remote code execution.
0e007593b67fdfd063439448160fe17d35f352dbb71aa7596e28fe45c721762bUbuntu Security Notice USN-755-1 - Multiple flaws were discovered in the Kerberos GSS-API and ASN.1 routines that did not correctly handle certain requests. An unauthenticated remote attacker could send specially crafted traffic to crash services using the Kerberos library, leading to a denial of service.
00dff75f4b4986be32bfa2795735d00bb490a4d893892bef38d5ae41d370d195MIT krb5 Security Advisory 2009-001 - The MIT krb5 implementation of the SPNEGO GSS-API mechanism can read beyond the end of a network input buffer. This can cause a GSS-API application to crash by reading from invalid address space. The MIT krb5 implementation of the SPNEGO GSS-API mechanism can dereference a null pointer under error conditions. This can cause a GSS-API application to crash. MIT krb5 can perform an incorrect length check inside an ASN.1 decoder. This only presents a problem in the PK-INIT code paths. In the MIT krb5 KDC or kinit program, this could lead to spurious malloc() failures or, under some conditions, program crash.
583a1d16957cdf1f031324b91889dc97c740b74cc3658c16852a8bfb19d26197
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed