8.5 - MDVSA-2014:165

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Informations
Name	MDVSA-2014:165	First vendor Publication	2014-09-02
Vendor	Mandriva	Last vendor Modification	2014-09-02
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:S/C:C/I:C/A:C)
Cvss Base Score	8.5	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	6.8	Authentication	Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Updated krb5 package fixes security vulnerabilities:

MIT Kerberos 5 allows attackers to cause a denial of service via a buffer over-read or NULL pointer dereference, by injecting invalid tokens into a GSSAPI application session (CVE-2014-4341, CVE-2014-4342).

MIT Kerberos 5 allows attackers to cause a denial of service via a double-free flaw or NULL pointer dereference, while processing invalid SPNEGO tokens (CVE-2014-4344).

In MIT Kerberos 5, when kadmind is configured to use LDAP for the KDC database, an authenticated remote attacker can cause it to perform an out-of-bounds write (buffer overflow) (CVE-2014-4345).

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2014:165

CWE : Common Weakness Enumeration

%	Id	Name
25 %	CWE-476	NULL Pointer Dereference
25 %	CWE-189	Numeric Errors (CWE/SANS Top 25)
25 %	CWE-125	Out-of-bounds Read
25 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:25491

Oval ID:	oval:org.mitre.oval:def:25491
Title:	DSA-3000-1 krb5 - security update
Description:	Several vulnerabilities were discovered in krb5, the MIT implementation of Kerberos.
Family:	unix	Class:	patch
Reference(s):	DSA-3000-1 CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345	Version:	3
Platform(s):	Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0	Product(s):	krb5
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND krb5 DPKG is earlier than 0:1.10.1+dfsg-5+deb7u2

Definition Id: oval:org.mitre.oval:def:25901

Oval ID:	oval:org.mitre.oval:def:25901
Title:	SUSE-SU-2014:1028-1 -- Security update for krb5
Description:	This MIT krb5 update fixes a buffer overrun problem in kadmind.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:1028-1 CVE-2014-4345	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	krb5
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section krb5 RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-client RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-32bit RPM is earlier than 0:1.6.3-133.49.62.1 AND SUSE Linux Enterprise Server 11 release section SUSE Linux Enterprise Server 11.x is installed Packages match section krb5-apps-clients RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-apps-servers RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-plugin-kdb-ldap RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-plugin-preauth-pkinit RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-server RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-doc RPM is earlier than 0:1.6.3-133.49.62.1

Definition Id: oval:org.mitre.oval:def:26458

Oval ID:	oval:org.mitre.oval:def:26458
Title:	USN-2310-1 -- krb5 vulnerabilities
Description:	Several security issues were fixed in Kerberos.
Family:	unix	Class:	patch
Reference(s):	USN-2310-1 CVE-2012-1016 CVE-2013-1415 CVE-2013-1416 CVE-2013-1418 CVE-2013-6800 CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345	Version:	3
Platform(s):	Ubuntu 14.04 Ubuntu 12.04 Ubuntu 10.04	Product(s):	krb5
Definition Synopsis:
Ubuntu 14.04 release section Ubuntu 14.04 is installed Packages match section krb5-admin-server DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND krb5-kdc DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND krb5-kdc-ldap DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND krb5-otp DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND krb5-pkinit DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND krb5-user DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND libgssapi-krb5-2 DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND libgssrpc4 DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND libk5crypto3 DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND libkadm5clnt-mit9 DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND libkadm5srv-mit9 DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND libkdb5-7 DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND libkrad0 DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND libkrb5-3 DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND libkrb5support0 DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND Ubuntu 12.04 release section Ubuntu 12.04 is installed Packages match section krb5-admin-server DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND krb5-kdc DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND krb5-kdc-ldap DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND krb5-pkinit DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND krb5-user DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND libgssapi-krb5-2 DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND libgssrpc4 DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND libk5crypto3 DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND libkadm5clnt-mit8 DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND libkadm5srv-mit8 DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND libkdb5-6 DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND libkrb5-3 DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND libkrb5support0 DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed Packages match section krb5-admin-server DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND krb5-kdc DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND krb5-kdc-ldap DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND krb5-pkinit DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND krb5-user DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND libgssapi-krb5-2 DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND libgssrpc4 DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND libk5crypto3 DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND libkadm5clnt-mit7 DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND libkadm5srv-mit7 DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND libkdb5-4 DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND libkrb5-3 DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND libkrb5support0 DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13

Definition Id: oval:org.mitre.oval:def:26718

Oval ID:	oval:org.mitre.oval:def:26718
Title:	RHSA-2014:1255: krb5 security update (Moderate)
Description:	Kerberos is an authentication system which allows clients and services to authenticate to each other with the help of a trusted third party, a Kerberos Key Distribution Center (KDC). A buffer overflow was found in the KADM5 administration server (kadmind) when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind. (CVE-2014-4345) All krb5 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the krb5kdc and kadmind daemons will be restarted automatically.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1255-00 CVE-2014-4345 CESA-2014:1255	Version:	5
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	krb5
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 AND krb5-debuginfo is earlier than 0:1.6.1-80.el5_11 AND Red Hat Enterprise Linux 5 and CentOS Linux 5 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages match section krb5-devel is earlier than 0:1.6.1-80.el5_11 AND krb5-server is earlier than 0:1.6.1-80.el5_11 AND krb5-server-ldap is earlier than 0:1.6.1-80.el5_11 AND krb5-libs is earlier than 0:1.6.1-80.el5_11 AND krb5-workstation is earlier than 0:1.6.1-80.el5_11

Definition Id: oval:org.mitre.oval:def:26722

Oval ID:	oval:org.mitre.oval:def:26722
Title:	AIX NAS null deref in SPNEGO acceptor
Description:	The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty continuation token at a certain point during a SPNEGO negotiation.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-4344	Version:	4
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
platforms IBM AIX 6.1 is installed AND IBM AIX 7.1 is installed AND filesets krb5.server.rte equals 1.5.0.3 AND krb5.server.rte equals 1.5.0.4 AND krb5.server.rte equals 1.6.0.1 AND krb5.client.rte equals 1.5.0.3 AND krb5.client.rte equals 1.5.0.4 AND krb5.client.rte equals 1.6.0.1

Definition Id: oval:org.mitre.oval:def:26777

Oval ID:	oval:org.mitre.oval:def:26777
Title:	RHSA-2014:1245: krb5 security and bug fix update (Moderate)
Description:	Kerberos is an authentication system which allows clients and services to authenticate to each other with the help of a trusted third party, a Kerberos Key Distribution Center (KDC). It was found that if a KDC served multiple realms, certain requests could cause the setup_server_realm() function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request. (CVE-2013-1418, CVE-2013-6800) A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO acceptor for continuation tokens. A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application. (CVE-2014-4344) A buffer over-read flaw was found in the way MIT Kerberos handled certain requests. A man-in-the-middle attacker with a valid Kerberos ticket who is able to inject packets into a client or server application's GSSAPI session could use this flaw to crash the application. (CVE-2014-4341) This update also fixes the following bugs: * Prior to this update, the libkrb5 library occasionally attempted to free already freed memory when encrypting credentials. As a consequence, the calling process terminated unexpectedly with a segmentation fault. With this update, libkrb5 frees memory correctly, which allows the credentials to be encrypted appropriately and thus prevents the mentioned crash. (BZ#1004632) * Previously, when the krb5 client library was waiting for a response from a server, the timeout variable in certain cases became a negative number. Consequently, the client could enter a loop while checking for responses. With this update, the client logic has been modified and the described error no longer occurs. (BZ#1089732) All krb5 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the krb5kdc daemon will be restarted automatically.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1245-00 CVE-2013-1418 CVE-2013-6800 CVE-2014-4341 CVE-2014-4344 CESA-2014:1245	Version:	5
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	krb5
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 AND krb5-debuginfo is earlier than 0:1.6.1-78.el5 AND Red Hat Enterprise Linux 5 and CentOS Linux 5 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages match section krb5-devel is earlier than 0:1.6.1-78.el5 AND krb5-server is earlier than 0:1.6.1-78.el5 AND krb5-server-ldap is earlier than 0:1.6.1-78.el5 AND krb5-libs is earlier than 0:1.6.1-78.el5 AND krb5-workstation is earlier than 0:1.6.1-78.el5

Definition Id: oval:org.mitre.oval:def:26809

Oval ID:	oval:org.mitre.oval:def:26809
Title:	SUSE-SU-2014:0989-1 -- Security update for krb5
Description:	The several security issues have been fixed in kerberos 5.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0989-1 CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	krb5
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section krb5 RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-client RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-32bit RPM is earlier than 0:1.6.3-133.49.60.1 AND SUSE Linux Enterprise Server 11 release section SUSE Linux Enterprise Server 11.x is installed Packages match section krb5-apps-clients RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-apps-servers RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-plugin-kdb-ldap RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-plugin-preauth-pkinit RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-server RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-doc RPM is earlier than 0:1.6.3-133.49.60.1

Definition Id: oval:org.mitre.oval:def:26856

Oval ID:	oval:org.mitre.oval:def:26856
Title:	ELSA-2014-1255 -- krb5 security update (Moderate)
Description:	Kerberos is an authentication system which allows clients and services to authenticate to each other with the help of a trusted third party, a Kerberos Key Distribution Center (KDC). A buffer overflow was found in the KADM5 administration server (kadmind) when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind. (CVE-2014-4345) All krb5 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the krb5kdc and kadmind daemons will be restarted automatically.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-1255 CVE-2014-4345	Version:	3
Platform(s):	Oracle Linux 5	Product(s):	krb5
Definition Synopsis:
Oracle Linux 5.x Packages match section krb5-devel RPM is earlier than 0:1.6.1-80.el5_11 AND krb5-libs RPM is earlier than 0:1.6.1-80.el5_11 AND krb5-server RPM is earlier than 0:1.6.1-80.el5_11 AND krb5-server-ldap RPM is earlier than 0:1.6.1-80.el5_11 AND krb5-workstation RPM is earlier than 0:1.6.1-80.el5_11

Definition Id: oval:org.mitre.oval:def:26907

Oval ID:	oval:org.mitre.oval:def:26907
Title:	DEPRECATED: SUSE-SU-2014:1028-1 -- Security update for krb5
Description:	This MIT krb5 update fixes a buffer overrun problem in kadmind.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:1028-1 CVE-2014-4345	Version:	4
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	krb5
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section krb5 RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-client RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-32bit RPM is earlier than 0:1.6.3-133.49.62.1 AND SUSE Linux Enterprise Server 11 release section SUSE Linux Enterprise Server 11.x is installed Packages match section krb5-apps-clients RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-apps-servers RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-plugin-kdb-ldap RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-plugin-preauth-pkinit RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-server RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-doc RPM is earlier than 0:1.6.3-133.49.62.1

Definition Id: oval:org.mitre.oval:def:26912

Oval ID:	oval:org.mitre.oval:def:26912
Title:	AIX NAS denial of service vulnerability
Description:	MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-4341	Version:	4
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
platforms IBM AIX 6.1 is installed AND IBM AIX 7.1 is installed AND filesets File Version Exists krb5.server.rte greater than or equal 1.5.0.0 AND krb5.server.rte less than or equal 1.6.0.1 OR File Version Exists krb5.client.rte greater than or equal 1.5.0.0 AND krb5.client.rte less than or equal 1.6.0.1

Definition Id: oval:org.mitre.oval:def:26917

Oval ID:	oval:org.mitre.oval:def:26917
Title:	RHSA-2014:1389: krb5 security and bug fix update (Moderate)
Description:	Kerberos is a networked authentication system which allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos KDC. It was found that if a KDC served multiple realms, certain requests could cause the setup_server_realm() function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request. (CVE-2013-1418, CVE-2013-6800) A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO acceptor for continuation tokens. A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application. (CVE-2014-4344) A buffer overflow was found in the KADM5 administration server (kadmind) when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind. (CVE-2014-4345) Two buffer over-read flaws were found in the way MIT Kerberos handled certain requests. A remote, unauthenticated attacker who is able to inject packets into a client or server application's GSSAPI session could use either of these flaws to crash the application. (CVE-2014-4341, CVE-2014-4342) A double-free flaw was found in the MIT Kerberos SPNEGO initiators. An attacker able to spoof packets to appear as though they are from an GSSAPI acceptor could use this flaw to crash a client application that uses MIT Kerberos. (CVE-2014-4343) These updated krb5 packages also include several bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.6 Technical Notes, linked to in the References section, for information on the most significant of these changes. All krb5 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1389-01 CVE-2013-1418 CVE-2013-6800 CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345 CESA-2014:1389	Version:	5
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	krb5
Definition Synopsis:
Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 AND krb5-debuginfo is earlier than 0:1.10.3-33.el6 AND Red Hat Enterprise Linux 6 and CentOS Linux 6 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages match section krb5-devel is earlier than 0:1.10.3-33.el6 AND krb5-libs is earlier than 0:1.10.3-33.el6 AND krb5-pkinit-openssl is earlier than 0:1.10.3-33.el6 AND krb5-server is earlier than 0:1.10.3-33.el6 AND krb5-server-ldap is earlier than 0:1.10.3-33.el6 AND krb5-workstation is earlier than 0:1.10.3-33.el6

Definition Id: oval:org.mitre.oval:def:27019

Oval ID:	oval:org.mitre.oval:def:27019
Title:	DEPRECATED: SUSE-SU-2014:0989-1 -- Security update for krb5
Description:	The several security issues have been fixed in kerberos 5.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0989-1 CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344	Version:	4
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	krb5
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section krb5 RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-client RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-32bit RPM is earlier than 0:1.6.3-133.49.60.1 AND SUSE Linux Enterprise Server 11 release section SUSE Linux Enterprise Server 11.x is installed Packages match section krb5-apps-clients RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-apps-servers RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-plugin-kdb-ldap RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-plugin-preauth-pkinit RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-server RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-doc RPM is earlier than 0:1.6.3-133.49.60.1

CPE : Common Platform Enumeration

Type	Description	Count
Application	Mit Kerberos cpe:2.3:a:mit:kerberos:5-1.8:alpha1:::::: cpe:2.3:a:mit:kerberos:5-1.10.7:::::::* cpe:2.3:a:mit:kerberos:5-1.10.6:::::::* cpe:2.3:a:mit:kerberos:5-1.10.5:::::::*	4
Application	Mit Kerberos 5 cpe:2.3:a:mit:kerberos_5:1.9.4:::::::* cpe:2.3:a:mit:kerberos_5:1.9.3:::::::* cpe:2.3:a:mit:kerberos_5:1.9.2:::::::* cpe:2.3:a:mit:kerberos_5:1.9.1:::::::* cpe:2.3:a:mit:kerberos_5:1.9:::::::* cpe:2.3:a:mit:kerberos_5:1.8.6:::::::* cpe:2.3:a:mit:kerberos_5:1.8.5:::::::* cpe:2.3:a:mit:kerberos_5:1.8.4:::::::* cpe:2.3:a:mit:kerberos_5:1.8.3:::::::* cpe:2.3:a:mit:kerberos_5:1.8.2:::::::* cpe:2.3:a:mit:kerberos_5:1.8.1:::::::* cpe:2.3:a:mit:kerberos_5:1.8:::::::* cpe:2.3:a:mit:kerberos_5:1.7.1:::::::* cpe:2.3:a:mit:kerberos_5:1.7:::::::* cpe:2.3:a:mit:kerberos_5:1.6.3_kdc:::::::* cpe:2.3:a:mit:kerberos_5:1.6.3:::::::* cpe:2.3:a:mit:kerberos_5:1.6.2:::::::* cpe:2.3:a:mit:kerberos_5:1.6.1:::::::* cpe:2.3:a:mit:kerberos_5:1.6:::::::* cpe:2.3:a:mit:kerberos_5:1.5.3:::::::* cpe:2.3:a:mit:kerberos_5:1.5.2:::::::* cpe:2.3:a:mit:kerberos_5:1.5.1:::::::* cpe:2.3:a:mit:kerberos_5:1.5:::::::* cpe:2.3:a:mit:kerberos_5:1.4.4:::::::* cpe:2.3:a:mit:kerberos_5:1.4.3:::::::* cpe:2.3:a:mit:kerberos_5:1.4.2:::::::* cpe:2.3:a:mit:kerberos_5:1.4.1:::::::* cpe:2.3:a:mit:kerberos_5:1.4:::::::* cpe:2.3:a:mit:kerberos_5:1.3.6:::::::* cpe:2.3:a:mit:kerberos_5:1.3.5:::::::* cpe:2.3:a:mit:kerberos_5:1.3.4:::::::* cpe:2.3:a:mit:kerberos_5:1.3.3:::::::* cpe:2.3:a:mit:kerberos_5:1.3.2:::::::* cpe:2.3:a:mit:kerberos_5:1.3.1:::::::* cpe:2.3:a:mit:kerberos_5:1.3:alpha1:::::: cpe:2.3:a:mit:kerberos_5:1.3:-:::::: cpe:2.3:a:mit:kerberos_5:1.2.8:::::::* cpe:2.3:a:mit:kerberos_5:1.2.7:::::::* cpe:2.3:a:mit:kerberos_5:1.2.6:::::::* cpe:2.3:a:mit:kerberos_5:1.2.5:::::::* cpe:2.3:a:mit:kerberos_5:1.2.4:::::::* cpe:2.3:a:mit:kerberos_5:1.2.3:::::::* cpe:2.3:a:mit:kerberos_5:1.2.2:::::::* cpe:2.3:a:mit:kerberos_5:1.2.1:::::::* cpe:2.3:a:mit:kerberos_5:1.2:-:::::: cpe:2.3:a:mit:kerberos_5:1.2:beta2:::::: cpe:2.3:a:mit:kerberos_5:1.2:beta1:::::: cpe:2.3:a:mit:kerberos_5:1.12.1:::::::* cpe:2.3:a:mit:kerberos_5:1.12:::::::* cpe:2.3:a:mit:kerberos_5:1.11.5:::::::* cpe:2.3:a:mit:kerberos_5:1.11.4:::::::* cpe:2.3:a:mit:kerberos_5:1.11.3:::::::* cpe:2.3:a:mit:kerberos_5:1.11.2:::::::* cpe:2.3:a:mit:kerberos_5:1.11.1:::::::* cpe:2.3:a:mit:kerberos_5:1.11:::::::* cpe:2.3:a:mit:kerberos_5:1.10.4:::::::* cpe:2.3:a:mit:kerberos_5:1.10.3:::::::* cpe:2.3:a:mit:kerberos_5:1.10.2:::::::* cpe:2.3:a:mit:kerberos_5:1.10.1:::::::* cpe:2.3:a:mit:kerberos_5:1.10:::::::* cpe:2.3:a:mit:kerberos_5:1.1.1:::::::* cpe:2.3:a:mit:kerberos_5:1.1:::::::* cpe:2.3:a:mit:kerberos_5:1.0.6:::::::* cpe:2.3:a:mit:kerberos_5:1.0:-:::::: cpe:2.3:a:mit:kerberos_5:::::::: cpe:2.3:a:mit:kerberos_5:-:::::::*	66
Os	Debian Debian Linux cpe:2.3:o:debian:debian_linux:7.0:::::::*	1
Os	Fedoraproject Fedora cpe:2.3:o:fedoraproject:fedora:20:::::::*	1
Os	Redhat Enterprise Linux Desktop cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*	1
Os	Redhat Enterprise Linux Eus cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*	5
Os	Redhat Enterprise Linux Hpc Node cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:::::::*	1
Os	Redhat Enterprise Linux Server cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*	1
Os	Redhat Enterprise Linux Server Aus cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*	4
Os	Redhat Enterprise Linux Server Eus cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*	4
Os	Redhat Enterprise Linux Tus cpe:2.3:o:redhat:enterprise_linux_tus:7.7:::::::* cpe:2.3:o:redhat:enterprise_linux_tus:7.6:::::::* cpe:2.3:o:redhat:enterprise_linux_tus:7.3:::::::*	3
Os	Redhat Enterprise Linux Workstation cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*	1

Snort® IPS/IDS

Date	Description
2016-03-14	MIT Kerberos 5 IAKERB outbound token detected RuleID : 36816 - Revision : 5 - Type : SERVER-OTHER
2016-03-14	MIT Kerberos 5 SPNEGO incoming token detected RuleID : 36815 - Revision : 5 - Type : SERVER-OTHER
2016-03-14	MIT Kerberos 5 SPNEGO acceptor acc_ctx_cont denial of service attempt RuleID : 36814 - Revision : 5 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date	Description
2018-01-11	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15552.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150305_krb5_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Debian host is missing a security update. File : debian_DLA-37.nasl - Type : ACT_GATHER_INFO
2015-03-18	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-0439.nasl - Type : ACT_GATHER_INFO
2015-03-13	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0439.nasl - Type : ACT_GATHER_INFO
2015-03-05	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0439.nasl - Type : ACT_GATHER_INFO
2015-02-26	Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_dbf9e66cbd5011e4a7ba206a8a720317.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_kerberos_20141120.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_kerberos_20141216.nasl - Type : ACT_GATHER_INFO
2015-01-02	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-53.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0034.nasl - Type : ACT_GATHER_INFO
2014-11-18	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-443.nasl - Type : ACT_GATHER_INFO
2014-11-12	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1389.nasl - Type : ACT_GATHER_INFO
2014-11-04	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141014_krb5_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-10-17	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1389.nasl - Type : ACT_GATHER_INFO
2014-10-14	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1255.nasl - Type : ACT_GATHER_INFO
2014-10-14	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140916_krb5_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-10-14	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1389.nasl - Type : ACT_GATHER_INFO
2014-10-10	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15547.nasl - Type : ACT_GATHER_INFO
2014-10-01	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1245.nasl - Type : ACT_GATHER_INFO
2014-09-18	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1255.nasl - Type : ACT_GATHER_INFO
2014-09-18	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1255.nasl - Type : ACT_GATHER_INFO
2014-09-18	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1245.nasl - Type : ACT_GATHER_INFO
2014-09-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1245.nasl - Type : ACT_GATHER_INFO
2014-09-12	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-165.nasl - Type : ACT_GATHER_INFO
2014-09-04	Name : The remote AIX host has a version of NAS installed that is affected by multip... File : aix_nas_advisory1.nasl - Type : ACT_GATHER_INFO
2014-08-27	Name : The remote Fedora host is missing a security update. File : fedora_2014-9305.nasl - Type : ACT_GATHER_INFO
2014-08-21	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-508.nasl - Type : ACT_GATHER_INFO
2014-08-16	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_krb5-140812.nasl - Type : ACT_GATHER_INFO
2014-08-15	Name : The remote Fedora host is missing a security update. File : fedora_2014-9315.nasl - Type : ACT_GATHER_INFO
2014-08-12	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2310-1.nasl - Type : ACT_GATHER_INFO
2014-08-12	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_krb5-140729.nasl - Type : ACT_GATHER_INFO
2014-08-12	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-486.nasl - Type : ACT_GATHER_INFO
2014-08-10	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3000.nasl - Type : ACT_GATHER_INFO
2014-08-08	Name : The remote Fedora host is missing a security update. File : fedora_2014-8176.nasl - Type : ACT_GATHER_INFO
2014-08-08	Name : The remote Fedora host is missing a security update. File : fedora_2014-8189.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-09-13 13:43:10	Multiple Updates
2014-09-02 17:21:46	First insertion

Global Informations

Type	Count
CWE ID(s)	4
Oval ID(s)	12
CPE ID(s)	92
Snort® Rule(s)	3
Nessus® Exploit(s)	36

	Related
8.5	CVE-2014-4345
7.8	CVE-2014-4344
5	CVE-2014-4342
5	CVE-2014-4341
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 4 more Alert(s)