9 - RHSA-2015:0439

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	krb5 security, bug fix and enhancement update

Informations
Name	RHSA-2015:0439	First vendor Publication	2015-03-05
Vendor	RedHat	Last vendor Modification	2015-03-05
Severity (Vendor)	Moderate	Revision	01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:C/I:C/A:C)
Cvss Base Score	9	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	8	Authentication	Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated krb5 packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Kerberos is a networked authentication system which allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos KDC.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64

3. Description:

A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO acceptor for continuation tokens. A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application. (CVE-2014-4344)

A buffer overflow was found in the KADM5 administration server (kadmind) when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind. (CVE-2014-4345)

A use-after-free flaw was found in the way the MIT Kerberos libgssapi_krb5 library processed valid context deletion tokens. An attacker able to make an application using the GSS-API library (libgssapi) call the gss_process_context_token() function could use this flaw to crash that application. (CVE-2014-5352)

If kadmind were used with an LDAP back end for the KDC database, a remote, authenticated attacker with the permissions to set the password policy could crash kadmind by attempting to use a named ticket policy object as a password policy for a principal. (CVE-2014-5353)

A double-free flaw was found in the way MIT Kerberos handled invalid External Data Representation (XDR) data. An authenticated user could use this flaw to crash the MIT Kerberos administration server (kadmind), or other applications using Kerberos libraries, using specially crafted XDR packets. (CVE-2014-9421)

It was found that the MIT Kerberos administration server (kadmind) incorrectly accepted certain authentication requests for two-component server principal names. A remote attacker able to acquire a key with a particularly named principal (such as "kad/x") could use this flaw to impersonate any user to kadmind, and perform administrative actions as that user. (CVE-2014-9422)

An information disclosure flaw was found in the way MIT Kerberos RPCSEC_GSS implementation (libgssrpc) handled certain requests. An attacker could send a specially crafted request to an application using libgssrpc to disclose a limited portion of uninitialized memory used by that application. (CVE-2014-9423)

Two buffer over-read flaws were found in the way MIT Kerberos handled certain requests. A remote, unauthenticated attacker able to inject packets into a client or server application's GSSAPI session could use either of these flaws to crash the application. (CVE-2014-4341, CVE-2014-4342)

A double-free flaw was found in the MIT Kerberos SPNEGO initiators. An attacker able to spoof packets to appear as though they are from an GSSAPI acceptor could use this flaw to crash a client application that uses MIT Kerberos. (CVE-2014-4343)

Red Hat would like to thank the MIT Kerberos project for reporting the CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, and CVE-2014-9423 issues. MIT Kerberos project acknowledges Nico Williams for helping with the analysis of CVE-2014-5352.

The krb5 packages have been upgraded to upstream version 1.12, which provides a number of bug fixes and enhancements, including:

* Added plug-in interfaces for principal-to-username mapping and verifying authorization to user accounts.

* When communicating with a KDC over a connected TCP or HTTPS socket, the client gives the KDC more time to reply before it transmits the request to another server. (BZ#1049709, BZ#1127995)

This update also fixes multiple bugs, for example:

* The Kerberos client library did not recognize certain exit statuses that the resolver libraries could return when looking up the addresses of servers configured in the /etc/krb5.conf file or locating Kerberos servers using DNS service location. The library could treat non-fatal return codes as fatal errors. Now, the library interprets the specific return codes correctly. (BZ#1084068, BZ#1109102)

In addition, this update adds various enhancements. Among others:

* Added support for contacting KDCs and kpasswd servers through HTTPS proxies implementing the Kerberos KDC Proxy (KKDCP) protocol. (BZ#1109919)

4. Solution:

All krb5 users are advised to upgrade to these updated packages, which correct these issues and add these enhancements.

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1084068 - ipv6 address handling in krb5.conf 1102837 - Please backport improved GSSAPI mech configuration 1109102 - Kerberos does not handle incorrect Active Directory DNS SRV entries correctly 1109919 - Backport https support into libkrb5 1116180 - CVE-2014-4341 krb5: denial of service flaws when handling padding length longer than the plaintext 1118347 - ksu non-functional, gets invalid argument copying cred cache 1120581 - CVE-2014-4342 krb5: denial of service flaws when handling RFC 1964 tokens 1121789 - CVE-2014-4343: use-after-free crash in SPNEGO 1121876 - CVE-2014-4343 krb5: double-free flaw in SPNEGO initiators 1121877 - CVE-2014-4344 krb5: NULL pointer dereference flaw in SPNEGO acceptor for continuation tokens 1127995 - aggressive kinit timeout causes AS_REQ resent and subsequent OTP auth failure 1128157 - CVE-2014-4345 krb5: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001) 1166012 - libkadmclnt SONAME change (8 to 9) in krb5 1.12 update 1174543 - CVE-2014-5353 krb5: NULL pointer dereference when using a ticket policy name as a password policy name 1179856 - CVE-2014-5352 krb5: gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001) 1179857 - CVE-2014-9421 krb5: kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001) 1179861 - CVE-2014-9422 krb5: kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001) 1179863 - CVE-2014-9423 krb5: libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001) 1184629 - kinit loops on principals on unknown error

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2015-0439.html

CWE : Common Weakness Enumeration

%	Id	Name
25 %	CWE-476	NULL Pointer Dereference
12 %	CWE-415	Double Free
12 %	CWE-284	Access Control (Authorization) Issues
12 %	CWE-200	Information Exposure
12 %	CWE-189	Numeric Errors (CWE/SANS Top 25)
12 %	CWE-125	Out-of-bounds Read
12 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:25491

Oval ID:	oval:org.mitre.oval:def:25491
Title:	DSA-3000-1 krb5 - security update
Description:	Several vulnerabilities were discovered in krb5, the MIT implementation of Kerberos.
Family:	unix	Class:	patch
Reference(s):	DSA-3000-1 CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345	Version:	3
Platform(s):	Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0	Product(s):	krb5
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND krb5 DPKG is earlier than 0:1.10.1+dfsg-5+deb7u2

Definition Id: oval:org.mitre.oval:def:25901

Oval ID:	oval:org.mitre.oval:def:25901
Title:	SUSE-SU-2014:1028-1 -- Security update for krb5
Description:	This MIT krb5 update fixes a buffer overrun problem in kadmind.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:1028-1 CVE-2014-4345	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	krb5
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section krb5 RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-client RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-32bit RPM is earlier than 0:1.6.3-133.49.62.1 AND SUSE Linux Enterprise Server 11 release section SUSE Linux Enterprise Server 11.x is installed Packages match section krb5-apps-clients RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-apps-servers RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-plugin-kdb-ldap RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-plugin-preauth-pkinit RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-server RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-doc RPM is earlier than 0:1.6.3-133.49.62.1

Definition Id: oval:org.mitre.oval:def:26458

Oval ID:	oval:org.mitre.oval:def:26458
Title:	USN-2310-1 -- krb5 vulnerabilities
Description:	Several security issues were fixed in Kerberos.
Family:	unix	Class:	patch
Reference(s):	USN-2310-1 CVE-2012-1016 CVE-2013-1415 CVE-2013-1416 CVE-2013-1418 CVE-2013-6800 CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345	Version:	3
Platform(s):	Ubuntu 14.04 Ubuntu 12.04 Ubuntu 10.04	Product(s):	krb5
Definition Synopsis:
Ubuntu 14.04 release section Ubuntu 14.04 is installed Packages match section krb5-admin-server DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND krb5-kdc DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND krb5-kdc-ldap DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND krb5-otp DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND krb5-pkinit DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND krb5-user DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND libgssapi-krb5-2 DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND libgssrpc4 DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND libk5crypto3 DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND libkadm5clnt-mit9 DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND libkadm5srv-mit9 DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND libkdb5-7 DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND libkrad0 DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND libkrb5-3 DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND libkrb5support0 DPKG is earlier than 0:1.12+dfsg-2ubuntu4.2 AND Ubuntu 12.04 release section Ubuntu 12.04 is installed Packages match section krb5-admin-server DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND krb5-kdc DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND krb5-kdc-ldap DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND krb5-pkinit DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND krb5-user DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND libgssapi-krb5-2 DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND libgssrpc4 DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND libk5crypto3 DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND libkadm5clnt-mit8 DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND libkadm5srv-mit8 DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND libkdb5-6 DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND libkrb5-3 DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND libkrb5support0 DPKG is earlier than 0:1.10+dfsg~beta1-2ubuntu0.5 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed Packages match section krb5-admin-server DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND krb5-kdc DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND krb5-kdc-ldap DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND krb5-pkinit DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND krb5-user DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND libgssapi-krb5-2 DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND libgssrpc4 DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND libk5crypto3 DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND libkadm5clnt-mit7 DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND libkadm5srv-mit7 DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND libkdb5-4 DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND libkrb5-3 DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13 AND libkrb5support0 DPKG is earlier than 0:1.8.1+dfsg-2ubuntu0.13

Definition Id: oval:org.mitre.oval:def:26718

Oval ID:	oval:org.mitre.oval:def:26718
Title:	RHSA-2014:1255: krb5 security update (Moderate)
Description:	Kerberos is an authentication system which allows clients and services to authenticate to each other with the help of a trusted third party, a Kerberos Key Distribution Center (KDC). A buffer overflow was found in the KADM5 administration server (kadmind) when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind. (CVE-2014-4345) All krb5 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the krb5kdc and kadmind daemons will be restarted automatically.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1255-00 CVE-2014-4345 CESA-2014:1255	Version:	5
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	krb5
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 AND krb5-debuginfo is earlier than 0:1.6.1-80.el5_11 AND Red Hat Enterprise Linux 5 and CentOS Linux 5 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages match section krb5-devel is earlier than 0:1.6.1-80.el5_11 AND krb5-server is earlier than 0:1.6.1-80.el5_11 AND krb5-server-ldap is earlier than 0:1.6.1-80.el5_11 AND krb5-libs is earlier than 0:1.6.1-80.el5_11 AND krb5-workstation is earlier than 0:1.6.1-80.el5_11

Definition Id: oval:org.mitre.oval:def:26722

Oval ID:	oval:org.mitre.oval:def:26722
Title:	AIX NAS null deref in SPNEGO acceptor
Description:	The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty continuation token at a certain point during a SPNEGO negotiation.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-4344	Version:	4
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
platforms IBM AIX 6.1 is installed AND IBM AIX 7.1 is installed AND filesets krb5.server.rte equals 1.5.0.3 AND krb5.server.rte equals 1.5.0.4 AND krb5.server.rte equals 1.6.0.1 AND krb5.client.rte equals 1.5.0.3 AND krb5.client.rte equals 1.5.0.4 AND krb5.client.rte equals 1.6.0.1

Definition Id: oval:org.mitre.oval:def:26777

Oval ID:	oval:org.mitre.oval:def:26777
Title:	RHSA-2014:1245: krb5 security and bug fix update (Moderate)
Description:	Kerberos is an authentication system which allows clients and services to authenticate to each other with the help of a trusted third party, a Kerberos Key Distribution Center (KDC). It was found that if a KDC served multiple realms, certain requests could cause the setup_server_realm() function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request. (CVE-2013-1418, CVE-2013-6800) A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO acceptor for continuation tokens. A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application. (CVE-2014-4344) A buffer over-read flaw was found in the way MIT Kerberos handled certain requests. A man-in-the-middle attacker with a valid Kerberos ticket who is able to inject packets into a client or server application's GSSAPI session could use this flaw to crash the application. (CVE-2014-4341) This update also fixes the following bugs: * Prior to this update, the libkrb5 library occasionally attempted to free already freed memory when encrypting credentials. As a consequence, the calling process terminated unexpectedly with a segmentation fault. With this update, libkrb5 frees memory correctly, which allows the credentials to be encrypted appropriately and thus prevents the mentioned crash. (BZ#1004632) * Previously, when the krb5 client library was waiting for a response from a server, the timeout variable in certain cases became a negative number. Consequently, the client could enter a loop while checking for responses. With this update, the client logic has been modified and the described error no longer occurs. (BZ#1089732) All krb5 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the krb5kdc daemon will be restarted automatically.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1245-00 CVE-2013-1418 CVE-2013-6800 CVE-2014-4341 CVE-2014-4344 CESA-2014:1245	Version:	5
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	krb5
Definition Synopsis:
Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 AND krb5-debuginfo is earlier than 0:1.6.1-78.el5 AND Red Hat Enterprise Linux 5 and CentOS Linux 5 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages match section krb5-devel is earlier than 0:1.6.1-78.el5 AND krb5-server is earlier than 0:1.6.1-78.el5 AND krb5-server-ldap is earlier than 0:1.6.1-78.el5 AND krb5-libs is earlier than 0:1.6.1-78.el5 AND krb5-workstation is earlier than 0:1.6.1-78.el5

Definition Id: oval:org.mitre.oval:def:26809

Oval ID:	oval:org.mitre.oval:def:26809
Title:	SUSE-SU-2014:0989-1 -- Security update for krb5
Description:	The several security issues have been fixed in kerberos 5.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0989-1 CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	krb5
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section krb5 RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-client RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-32bit RPM is earlier than 0:1.6.3-133.49.60.1 AND SUSE Linux Enterprise Server 11 release section SUSE Linux Enterprise Server 11.x is installed Packages match section krb5-apps-clients RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-apps-servers RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-plugin-kdb-ldap RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-plugin-preauth-pkinit RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-server RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-doc RPM is earlier than 0:1.6.3-133.49.60.1

Definition Id: oval:org.mitre.oval:def:26856

Oval ID:	oval:org.mitre.oval:def:26856
Title:	ELSA-2014-1255 -- krb5 security update (Moderate)
Description:	Kerberos is an authentication system which allows clients and services to authenticate to each other with the help of a trusted third party, a Kerberos Key Distribution Center (KDC). A buffer overflow was found in the KADM5 administration server (kadmind) when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind. (CVE-2014-4345) All krb5 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the krb5kdc and kadmind daemons will be restarted automatically.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-1255 CVE-2014-4345	Version:	3
Platform(s):	Oracle Linux 5	Product(s):	krb5
Definition Synopsis:
Oracle Linux 5.x Packages match section krb5-devel RPM is earlier than 0:1.6.1-80.el5_11 AND krb5-libs RPM is earlier than 0:1.6.1-80.el5_11 AND krb5-server RPM is earlier than 0:1.6.1-80.el5_11 AND krb5-server-ldap RPM is earlier than 0:1.6.1-80.el5_11 AND krb5-workstation RPM is earlier than 0:1.6.1-80.el5_11

Definition Id: oval:org.mitre.oval:def:26907

Oval ID:	oval:org.mitre.oval:def:26907
Title:	DEPRECATED: SUSE-SU-2014:1028-1 -- Security update for krb5
Description:	This MIT krb5 update fixes a buffer overrun problem in kadmind.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:1028-1 CVE-2014-4345	Version:	4
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	krb5
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section krb5 RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-client RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-32bit RPM is earlier than 0:1.6.3-133.49.62.1 AND SUSE Linux Enterprise Server 11 release section SUSE Linux Enterprise Server 11.x is installed Packages match section krb5-apps-clients RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-apps-servers RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-plugin-kdb-ldap RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-plugin-preauth-pkinit RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-server RPM is earlier than 0:1.6.3-133.49.62.1 AND krb5-doc RPM is earlier than 0:1.6.3-133.49.62.1

Definition Id: oval:org.mitre.oval:def:26912

Oval ID:	oval:org.mitre.oval:def:26912
Title:	AIX NAS denial of service vulnerability
Description:	MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-4341	Version:	4
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
platforms IBM AIX 6.1 is installed AND IBM AIX 7.1 is installed AND filesets File Version Exists krb5.server.rte greater than or equal 1.5.0.0 AND krb5.server.rte less than or equal 1.6.0.1 OR File Version Exists krb5.client.rte greater than or equal 1.5.0.0 AND krb5.client.rte less than or equal 1.6.0.1

Definition Id: oval:org.mitre.oval:def:26917

Oval ID:	oval:org.mitre.oval:def:26917
Title:	RHSA-2014:1389: krb5 security and bug fix update (Moderate)
Description:	Kerberos is a networked authentication system which allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos KDC. It was found that if a KDC served multiple realms, certain requests could cause the setup_server_realm() function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request. (CVE-2013-1418, CVE-2013-6800) A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO acceptor for continuation tokens. A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application. (CVE-2014-4344) A buffer overflow was found in the KADM5 administration server (kadmind) when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind. (CVE-2014-4345) Two buffer over-read flaws were found in the way MIT Kerberos handled certain requests. A remote, unauthenticated attacker who is able to inject packets into a client or server application's GSSAPI session could use either of these flaws to crash the application. (CVE-2014-4341, CVE-2014-4342) A double-free flaw was found in the MIT Kerberos SPNEGO initiators. An attacker able to spoof packets to appear as though they are from an GSSAPI acceptor could use this flaw to crash a client application that uses MIT Kerberos. (CVE-2014-4343) These updated krb5 packages also include several bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.6 Technical Notes, linked to in the References section, for information on the most significant of these changes. All krb5 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1389-01 CVE-2013-1418 CVE-2013-6800 CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345 CESA-2014:1389	Version:	5
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	krb5
Definition Synopsis:
Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 AND krb5-debuginfo is earlier than 0:1.10.3-33.el6 AND Red Hat Enterprise Linux 6 and CentOS Linux 6 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages match section krb5-devel is earlier than 0:1.10.3-33.el6 AND krb5-libs is earlier than 0:1.10.3-33.el6 AND krb5-pkinit-openssl is earlier than 0:1.10.3-33.el6 AND krb5-server is earlier than 0:1.10.3-33.el6 AND krb5-server-ldap is earlier than 0:1.10.3-33.el6 AND krb5-workstation is earlier than 0:1.10.3-33.el6

Definition Id: oval:org.mitre.oval:def:26961

Oval ID:	oval:org.mitre.oval:def:26961
Title:	AIX NAS double-free in SPNEGO
Description:	Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via network traffic that appears to come from an intended acceptor, but specifies a security mechanism different from the one proposed by the initiator.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-4343	Version:	4
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
platforms IBM AIX 6.1 is installed AND IBM AIX 7.1 is installed AND filesets krb5.server.rte equals 1.5.0.3 AND krb5.server.rte equals 1.5.0.4 AND krb5.server.rte equals 1.6.0.1 AND krb5.client.rte equals 1.5.0.3 AND krb5.client.rte equals 1.5.0.4 AND krb5.client.rte equals 1.6.0.1

Definition Id: oval:org.mitre.oval:def:27019

Oval ID:	oval:org.mitre.oval:def:27019
Title:	DEPRECATED: SUSE-SU-2014:0989-1 -- Security update for krb5
Description:	The several security issues have been fixed in kerberos 5.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0989-1 CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344	Version:	4
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	krb5
Definition Synopsis:
SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11 release section Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section krb5 RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-client RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-32bit RPM is earlier than 0:1.6.3-133.49.60.1 AND SUSE Linux Enterprise Server 11 release section SUSE Linux Enterprise Server 11.x is installed Packages match section krb5-apps-clients RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-apps-servers RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-plugin-kdb-ldap RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-plugin-preauth-pkinit RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-server RPM is earlier than 0:1.6.3-133.49.60.1 AND krb5-doc RPM is earlier than 0:1.6.3-133.49.60.1

Definition Id: oval:org.mitre.oval:def:27032

Oval ID:	oval:org.mitre.oval:def:27032
Title:	ELSA-2014-1389 -- krb5 security and bug fix update
Description:	[1.10.3-33] - actually apply that last patch [1.10.3-32] - incorporate fix for MITKRB5-SA-2014-001 (CVE-2014-4345, #1128157) [1.10.3-31] - ksu: when evaluating .k5users, don't throw away data from .k5users when we're not passed a command to run, which implicitly means we're attempting to run the target user's shell (#1026721, revised) [1.10.3-30] - ksu: when evaluating .k5users, treat lines with just a principal name as if they contained the principal name followed by '*', and don't throw away data from .k5users when we're not passed a command to run, which implicitly means we're attempting to run the target user's shell (#1026721, revised) [1.10.3-29] - gssapi: pull in upstream fix for a possible NULL dereference in spnego (CVE-2014-4344, #1121510) - gssapi: pull in proposed-and-accepted fix for a double free in initiators (David Woodhouse, CVE-2014-4343, #1121510) [1.10.3-28] - correct a type mistake in the backported fix for CVE-2013-1418/CVE-2013-6800 [1.10.3-27] - pull in backported fix for denial of service by injection of malformed GSSAPI tokens (CVE-2014-4341, CVE-2014-4342, #1121510) - incorporate backported patch for remote crash of KDCs which serve multiple realms simultaneously (RT#7756, CVE-2013-1418/CVE-2013-6800, more of [1.10.3-26] - pull in backport of patch to not subsequently always require that responses come from master KDCs if we get one from a master somewhere along the way while chasing referrals (RT#7650, #1113652) [1.10.3-25] - ksu: if the -e flag isn't used, use the target user's shell when checking for authorization via the target user's .k5users file (#1026721) [1.10.3-24] - define _GNU_SOURCE in files where we use EAI_NODATA, to make sure that it's declared (#1059730) [1.10.3-23] - spnego: pull in patch from master to restore preserving the OID of the mechanism the initiator requested when we have multiple OIDs for the same mechanism, so that we reply using the same mechanism OID and the initiator doesn't get confused (#1087068, RT#7858) [1.10.3-22] - add patch from Jatin Nansi to avoid attempting to clear memory at the NULL address if krb5_encrypt_helper() returns an error when called from encrypt_credencpart() (#1055329, pull #158) [1.10.3-21] - drop patch to add additional access() checks to ksu - they shouldn't be resulting in any benefit [1.10.3-20] - apply patch from Nikolai Kondrashov to pass a default realm set in /etc/sysconfig/krb5kdc to the kdb_check_weak helper, so that it doesn't produce an error if there isn't one set in krb5.conf (#1009389) [1.10.3-19] - packaging: don't Obsoletes: older versions of krb5-pkinit-openssl and virtual Provide: krb5-pkinit-openssl on EL6, where we don't need to bother with any of that (#1001961) [1.10.3-18] - pkinit: backport tweaks to avoid trying to call the prompter callback when one isn't set (part of #965721) - pkinit: backport the ability to use a prompter callback to prompt for a password when reading private keys (the rest of #965721) [1.10.3-17] - backport fix to not spin on a short read when reading the length of a response over TCP (RT#7508, #922884) [1.10.3-16] - backport fix for trying all compatible keys when not being strict about acceptor names while reading AP-REQs (RT#7883, #1070244)
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-1389 CVE-2013-1418 CVE-2013-6800 CVE-2014-4341 CVE-2014-4344 CVE-2014-4345 CVE-2014-4342 CVE-2014-4343	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	krb5 krb5-devel krb5-libs krb5-pkinit-openssl krb5-server krb5-server-ldap krb5-workstation
Definition Synopsis:
Oracle Linux 6.x Packages match section krb5 is earlier than 0:1.10.3-33.el6 AND krb5-devel is earlier than 0:1.10.3-33.el6 AND krb5-libs is earlier than 0:1.10.3-33.el6 AND krb5-pkinit-openssl is earlier than 0:1.10.3-33.el6 AND krb5-server is earlier than 0:1.10.3-33.el6 AND krb5-server-ldap is earlier than 0:1.10.3-33.el6 AND krb5-workstation is earlier than 0:1.10.3-33.el6

Definition Id: oval:org.mitre.oval:def:28572

Oval ID:	oval:org.mitre.oval:def:28572
Title:	AIX NAS Denial of Service via malformed XDR data
Description:	The auth_gssapi_unwrap_data function in lib/rpc/auth_gssapi_misc.c in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly handle partial XDR deserialization, which allows remote authenticated users to cause a denial of service (use-after-free and double free, and daemon crash) or possibly execute arbitrary code via malformed XDR data, as demonstrated by data sent to kadmind.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-9421	Version:	4
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
platforms IBM AIX 6.1 is installed AND IBM AIX 7.1 is installed AND filesets File Version Exists krb5.server.rte greater than or equal 1.4.0.8 AND krb5.server.rte less than or equal 1.6.0.2 OR File Version Exists krb5.client.rte greater than or equal 1.4.0.8 AND krb5.client.rte less than or equal 1.6.0.2

Definition Id: oval:org.mitre.oval:def:28597

Oval ID:	oval:org.mitre.oval:def:28597
Title:	AIX NAS allows remote users to obtain administrative access by leveraging access to a two-component principal
Description:	The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadmind in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 allows remote authenticated users to bypass a kadmin/* authorization check and obtain administrative access by leveraging access to a two-component principal with an initial "kadmind" substring, as demonstrated by a "ka/x" principal.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-9422	Version:	4
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
platforms IBM AIX 6.1 is installed AND IBM AIX 7.1 is installed AND filesets File Version Exists krb5.server.rte greater than or equal 1.4.0.8 AND krb5.server.rte less than or equal 1.6.0.2 OR File Version Exists krb5.client.rte greater than or equal 1.4.0.8 AND krb5.client.rte less than or equal 1.6.0.2

Definition Id: oval:org.mitre.oval:def:29035

Oval ID:	oval:org.mitre.oval:def:29035
Title:	AIX NAS denial of service vulnerability
Description:	The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgssapi_krb5 library in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly maintain security-context handles, which allows remote authenticated users to cause a denial of service (use-after-free and double free, and daemon crash) or possibly execute arbitrary code via crafted GSSAPI traffic, as demonstrated by traffic to kadmind.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-5352	Version:	4
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
platforms IBM AIX 6.1 is installed AND IBM AIX 7.1 is installed AND filesets File Version Exists krb5.server.rte greater than or equal 1.4.0.8 AND krb5.server.rte less than or equal 1.6.0.2 OR File Version Exists krb5.client.rte greater than or equal 1.4.0.8 AND krb5.client.rte less than or equal 1.6.0.2

Definition Id: oval:org.mitre.oval:def:29181

Oval ID:	oval:org.mitre.oval:def:29181
Title:	AIX NAS allows remote users to obtain sensitive information from process heap memory
Description:	The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (aka krb5) 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized interposer data to clients, which allows remote attackers to obtain sensitive information from process heap memory by sniffing the network for data in a handle field.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-9423	Version:	4
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
platforms IBM AIX 6.1 is installed AND IBM AIX 7.1 is installed AND filesets File Version Exists krb5.server.rte greater than or equal 1.4.0.8 AND krb5.server.rte less than or equal 1.6.0.2 OR File Version Exists krb5.client.rte greater than or equal 1.4.0.8 AND krb5.client.rte less than or equal 1.6.0.2

CPE : Common Platform Enumeration

Type	Description	Count
Application	Mit Kerberos cpe:2.3:a:mit:kerberos:5-1.8:alpha1:::::: cpe:2.3:a:mit:kerberos:5-1.10.7:::::::* cpe:2.3:a:mit:kerberos:5-1.10.6:::::::* cpe:2.3:a:mit:kerberos:5-1.10.5:::::::*	4
Application	Mit Kerberos 5 cpe:2.3:a:mit:kerberos_5:1.9.4:::::::* cpe:2.3:a:mit:kerberos_5:1.9.3:::::::* cpe:2.3:a:mit:kerberos_5:1.9.2:::::::* cpe:2.3:a:mit:kerberos_5:1.9.1:::::::* cpe:2.3:a:mit:kerberos_5:1.9:::::::* cpe:2.3:a:mit:kerberos_5:1.8.6:::::::* cpe:2.3:a:mit:kerberos_5:1.8.5:::::::* cpe:2.3:a:mit:kerberos_5:1.8.4:::::::* cpe:2.3:a:mit:kerberos_5:1.8.3:::::::* cpe:2.3:a:mit:kerberos_5:1.8.2:::::::* cpe:2.3:a:mit:kerberos_5:1.8.1:::::::* cpe:2.3:a:mit:kerberos_5:1.8:::::::* cpe:2.3:a:mit:kerberos_5:1.7.1:::::::* cpe:2.3:a:mit:kerberos_5:1.7:::::::* cpe:2.3:a:mit:kerberos_5:1.6.3_kdc:::::::* cpe:2.3:a:mit:kerberos_5:1.6.3:::::::* cpe:2.3:a:mit:kerberos_5:1.6.2:::::::* cpe:2.3:a:mit:kerberos_5:1.6.1:::::::* cpe:2.3:a:mit:kerberos_5:1.6:::::::* cpe:2.3:a:mit:kerberos_5:1.5.3:::::::* cpe:2.3:a:mit:kerberos_5:1.5.2:::::::* cpe:2.3:a:mit:kerberos_5:1.5.1:::::::* cpe:2.3:a:mit:kerberos_5:1.5:::::::* cpe:2.3:a:mit:kerberos_5:1.4.4:::::::* cpe:2.3:a:mit:kerberos_5:1.4.3:::::::* cpe:2.3:a:mit:kerberos_5:1.4.2:::::::* cpe:2.3:a:mit:kerberos_5:1.4.1:::::::* cpe:2.3:a:mit:kerberos_5:1.4:::::::* cpe:2.3:a:mit:kerberos_5:1.3.6:::::::* cpe:2.3:a:mit:kerberos_5:1.3.5:::::::* cpe:2.3:a:mit:kerberos_5:1.3.4:::::::* cpe:2.3:a:mit:kerberos_5:1.3.3:::::::* cpe:2.3:a:mit:kerberos_5:1.3.2:::::::* cpe:2.3:a:mit:kerberos_5:1.3.1:::::::* cpe:2.3:a:mit:kerberos_5:1.3:alpha1:::::: cpe:2.3:a:mit:kerberos_5:1.3:-:::::: cpe:2.3:a:mit:kerberos_5:1.2.8:::::::* cpe:2.3:a:mit:kerberos_5:1.2.7:::::::* cpe:2.3:a:mit:kerberos_5:1.2.6:::::::* cpe:2.3:a:mit:kerberos_5:1.2.5:::::::* cpe:2.3:a:mit:kerberos_5:1.2.4:::::::* cpe:2.3:a:mit:kerberos_5:1.2.3:::::::* cpe:2.3:a:mit:kerberos_5:1.2.2:::::::* cpe:2.3:a:mit:kerberos_5:1.2.1:::::::* cpe:2.3:a:mit:kerberos_5:1.2:beta2:::::: cpe:2.3:a:mit:kerberos_5:1.2:beta1:::::: cpe:2.3:a:mit:kerberos_5:1.2:-:::::: cpe:2.3:a:mit:kerberos_5:1.13:::::::* cpe:2.3:a:mit:kerberos_5:1.12.5:::::::* cpe:2.3:a:mit:kerberos_5:1.12.4:::::::* cpe:2.3:a:mit:kerberos_5:1.12.3:::::::* cpe:2.3:a:mit:kerberos_5:1.12.2:::::::* cpe:2.3:a:mit:kerberos_5:1.12.1:::::::* cpe:2.3:a:mit:kerberos_5:1.12:::::::* cpe:2.3:a:mit:kerberos_5:1.11.5:::::::* cpe:2.3:a:mit:kerberos_5:1.11.4:::::::* cpe:2.3:a:mit:kerberos_5:1.11.3:::::::* cpe:2.3:a:mit:kerberos_5:1.11.2:::::::* cpe:2.3:a:mit:kerberos_5:1.11.1:::::::* cpe:2.3:a:mit:kerberos_5:1.11:::::::* cpe:2.3:a:mit:kerberos_5:1.10.4:::::::* cpe:2.3:a:mit:kerberos_5:1.10.3:::::::* cpe:2.3:a:mit:kerberos_5:1.10.2:::::::* cpe:2.3:a:mit:kerberos_5:1.10.1:::::::* cpe:2.3:a:mit:kerberos_5:1.10:::::::* cpe:2.3:a:mit:kerberos_5:1.1.1:::::::* cpe:2.3:a:mit:kerberos_5:1.1:::::::* cpe:2.3:a:mit:kerberos_5:1.0.6:::::::* cpe:2.3:a:mit:kerberos_5:1.0:-:::::: cpe:2.3:a:mit:kerberos_5:::::::: cpe:2.3:a:mit:kerberos_5:-:::::::*	71
Os	Canonical Ubuntu Linux cpe:2.3:o:canonical:ubuntu_linux:14.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm::: cpe:2.3:o:canonical:ubuntu_linux:12.04::::-::: cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::	4
Os	Debian Debian Linux cpe:2.3:o:debian:debian_linux:7.0:::::::*	1
Os	Fedoraproject Fedora cpe:2.3:o:fedoraproject:fedora:22:::::::* cpe:2.3:o:fedoraproject:fedora:20:::::::*	2
Os	Opensuse cpe:2.3:o:opensuse:opensuse:13.2:::::::* cpe:2.3:o:opensuse:opensuse:13.1:::::::*	2
Os	Oracle Solaris cpe:2.3:o:oracle:solaris:11.2:::::::* cpe:2.3:o:oracle:solaris:10:::::::*	2
Os	Redhat Enterprise Linux Desktop cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*	2
Os	Redhat Enterprise Linux Eus cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:6.6:::::::*	6
Os	Redhat Enterprise Linux Hpc Node cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:::::::*	1
Os	Redhat Enterprise Linux Server cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::* cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*	2
Os	Redhat Enterprise Linux Server Aus cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:::::::*	5
Os	Redhat Enterprise Linux Server Eus cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*	4
Os	Redhat Enterprise Linux Server Tus cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::* cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:::::::*	4
Os	Redhat Enterprise Linux Tus cpe:2.3:o:redhat:enterprise_linux_tus:7.7:::::::* cpe:2.3:o:redhat:enterprise_linux_tus:7.6:::::::* cpe:2.3:o:redhat:enterprise_linux_tus:7.3:::::::*	3
Os	Redhat Enterprise Linux Workstation cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::* cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*	2

Snort® IPS/IDS

Date	Description
2016-03-14	MIT Kerberos 5 IAKERB outbound token detected RuleID : 36816 - Revision : 5 - Type : SERVER-OTHER
2016-03-14	MIT Kerberos 5 SPNEGO incoming token detected RuleID : 36815 - Revision : 5 - Type : SERVER-OTHER
2016-03-14	MIT Kerberos 5 SPNEGO acceptor acc_ctx_cont denial of service attempt RuleID : 36814 - Revision : 5 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date	Description
2018-02-01	Name : The remote Debian host is missing a security update. File : debian_DLA-1265.nasl - Type : ACT_GATHER_INFO
2018-01-11	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15552.nasl - Type : ACT_GATHER_INFO
2016-03-24	Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2016-0039.nasl - Type : ACT_GATHER_INFO
2015-07-24	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1282-1.nasl - Type : ACT_GATHER_INFO
2015-07-22	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1276-1.nasl - Type : ACT_GATHER_INFO
2015-06-22	Name : The remote Fedora host is missing a security update. File : fedora_2015-7878.nasl - Type : ACT_GATHER_INFO
2015-05-28	Name : The remote AIX host has a version of NAS installed that is affected by multip... File : aix_nas_advisory3.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0290-2.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0290-1.nasl - Type : ACT_GATHER_INFO
2015-05-07	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-518.nasl - Type : ACT_GATHER_INFO
2015-04-23	Name : The remote Fedora host is missing a security update. File : fedora_2015-5949.nasl - Type : ACT_GATHER_INFO
2015-04-10	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150409_krb5_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-04-10	Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2015-0054.nasl - Type : ACT_GATHER_INFO
2015-04-10	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0794.nasl - Type : ACT_GATHER_INFO
2015-04-10	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-0794.nasl - Type : ACT_GATHER_INFO
2015-04-09	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0794.nasl - Type : ACT_GATHER_INFO
2015-03-30	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-069.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150305_krb5_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Debian host is missing a security update. File : debian_DLA-37.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Debian host is missing a security update. File : debian_DLA-146.nasl - Type : ACT_GATHER_INFO
2015-03-20	Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-246.nasl - Type : ACT_GATHER_INFO
2015-03-18	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-0439.nasl - Type : ACT_GATHER_INFO
2015-03-13	Name : The remote Fedora host is missing a security update. File : fedora_2015-2347.nasl - Type : ACT_GATHER_INFO
2015-03-13	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0439.nasl - Type : ACT_GATHER_INFO
2015-03-10	Name : The remote Fedora host is missing a security update. File : fedora_2015-2382.nasl - Type : ACT_GATHER_INFO
2015-03-05	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0439.nasl - Type : ACT_GATHER_INFO
2015-02-26	Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_dbf9e66cbd5011e4a7ba206a8a720317.nasl - Type : ACT_GATHER_INFO
2015-02-23	Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_63527d0db9de11e48a48206a8a720317.nasl - Type : ACT_GATHER_INFO
2015-02-13	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_3a888a1eb32111e483b2206a8a720317.nasl - Type : ACT_GATHER_INFO
2015-02-12	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_krb5-20150206-150206.nasl - Type : ACT_GATHER_INFO
2015-02-12	Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-128.nasl - Type : ACT_GATHER_INFO
2015-02-11	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2498-1.nasl - Type : ACT_GATHER_INFO
2015-02-05	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_24ce5597acab11e4a847206a8a720317.nasl - Type : ACT_GATHER_INFO
2015-02-04	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3153.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_kerberos_20141216.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_kerberos_20141120.nasl - Type : ACT_GATHER_INFO
2015-01-09	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-009.nasl - Type : ACT_GATHER_INFO
2015-01-02	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-53.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0034.nasl - Type : ACT_GATHER_INFO
2014-11-18	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-443.nasl - Type : ACT_GATHER_INFO
2014-11-12	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1389.nasl - Type : ACT_GATHER_INFO
2014-11-04	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141014_krb5_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-10-17	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1389.nasl - Type : ACT_GATHER_INFO
2014-10-14	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140916_krb5_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-10-14	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1389.nasl - Type : ACT_GATHER_INFO
2014-10-14	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1255.nasl - Type : ACT_GATHER_INFO
2014-10-10	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15553.nasl - Type : ACT_GATHER_INFO
2014-10-10	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15547.nasl - Type : ACT_GATHER_INFO
2014-10-01	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1245.nasl - Type : ACT_GATHER_INFO
2014-09-18	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1255.nasl - Type : ACT_GATHER_INFO
2014-09-18	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1255.nasl - Type : ACT_GATHER_INFO
2014-09-18	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1245.nasl - Type : ACT_GATHER_INFO
2014-09-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1245.nasl - Type : ACT_GATHER_INFO
2014-09-12	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-165.nasl - Type : ACT_GATHER_INFO
2014-09-04	Name : The remote AIX host has a version of NAS installed that is affected by multip... File : aix_nas_advisory1.nasl - Type : ACT_GATHER_INFO
2014-08-27	Name : The remote Fedora host is missing a security update. File : fedora_2014-9305.nasl - Type : ACT_GATHER_INFO
2014-08-21	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-508.nasl - Type : ACT_GATHER_INFO
2014-08-16	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_krb5-140812.nasl - Type : ACT_GATHER_INFO
2014-08-15	Name : The remote Fedora host is missing a security update. File : fedora_2014-9315.nasl - Type : ACT_GATHER_INFO
2014-08-12	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2310-1.nasl - Type : ACT_GATHER_INFO
2014-08-12	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_krb5-140729.nasl - Type : ACT_GATHER_INFO
2014-08-12	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-486.nasl - Type : ACT_GATHER_INFO
2014-08-10	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3000.nasl - Type : ACT_GATHER_INFO
2014-08-08	Name : The remote Fedora host is missing a security update. File : fedora_2014-8176.nasl - Type : ACT_GATHER_INFO
2014-08-08	Name : The remote Fedora host is missing a security update. File : fedora_2014-8189.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2015-12-05 13:27:51	Multiple Updates
2015-03-19 13:28:28	Multiple Updates
2015-03-06 13:26:05	Multiple Updates
2015-03-05 21:22:37	First insertion

Global Informations

Type	Count
CWE ID(s)	8
Oval ID(s)	18
CPE ID(s)	115
Snort® Rule(s)	3
Nessus® Exploit(s)	65

	Related
9	CVE-2014-9421
9	CVE-2014-5352
8.5	CVE-2014-4345
7.8	CVE-2014-4344
7.6	CVE-2014-4343
6.1	CVE-2014-9422
5	CVE-2014-9423
5	CVE-2014-4342
5	CVE-2014-4341
3.5	CVE-2014-5353
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 10 more Alert(s)