exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2015-2697

Status Candidate

Overview

The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request.

Related Files

Gentoo Linux Security Advisory 201611-14
Posted Nov 21, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-14 - Multiple vulnerabilities have been discovered in MIT Kerberos 5, the worst of which may allow remote attackers to cause Denial of Service. Versions less than 1.13.2-r2 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2015-2695, CVE-2015-2696, CVE-2015-2697
SHA-256 | 9cc870d75fec5b3e5e72b5410b010b6e2964e4ac02c65b63650fe6ad75245d4c
Debian Security Advisory 3395-2
Posted Nov 13, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3395-2 - Marc Deslauriers reported that the update for krb5 issued as DSA-3395-1 did not contain the patch to address CVE-2015-2697 for the packages built for the oldstable distribution (wheezy). Updated packages are now available to address this issue.

tags | advisory
systems | linux, debian
advisories | CVE-2015-2697
SHA-256 | 6cbc0c63e8ebd0d23b43b85f63ec54c5b64643fa00f766a03f60b88af61652d5
Ubuntu Security Notice USN-2810-1
Posted Nov 12, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2810-1 - It was discovered that the Kerberos kpasswd service incorrectly handled certain UDP packets. A remote attacker could possibly use this issue to cause resource consumption, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. It was discovered that Kerberos incorrectly handled null bytes in certain data fields. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service, udp
systems | linux, ubuntu
advisories | CVE-2002-2443, CVE-2014-5355, CVE-2015-2694, CVE-2015-2695, CVE-2015-2696, CVE-2015-2697, CVE-2015-2698
SHA-256 | 54cd41e88f3b572fc0172f18b2a69d4bc309121aab39e9d9df3fcb5f00087252
Debian Security Advisory 3395-1
Posted Nov 9, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3395-1 - Several vulnerabilities were discovered in krb5, the MIT implementation of Kerberos.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-2695, CVE-2015-2696, CVE-2015-2697
SHA-256 | e387f1bd9094d0d360de5174cb46c7eb0100eae91f33d72e0cfefe6435c68df0
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    15 Files
  • 28
    Jun 28th
    14 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close