Summary
| Detail | |||
|---|---|---|---|
| Vendor | Mit | First view | 2002-11-04 |
| Product | Kerberos 5 | Last view | 2021-08-23 |
| Version | 1.2.3 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:mit:kerberos_5 | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 6.5 | 2021-08-23 | CVE-2021-37750 | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field. |
| 7.5 | 2021-07-22 | CVE-2021-36222 | ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation. |
| 7.5 | 2020-11-06 | CVE-2020-28196 | MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit. |
| 7.5 | 2019-09-26 | CVE-2019-14844 | A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC. |
| 6.5 | 2018-07-26 | CVE-2017-7562 | An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances. |
| 6.5 | 2018-01-16 | CVE-2018-5710 | An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client. |
| 7.5 | 2018-01-16 | CVE-2018-5709 | An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data. |
| 9.8 | 2017-11-23 | CVE-2017-15088 | plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in situations involving untrusted X.509 data, related to the get_matching_data and X509_NAME_oneline_ex functions. NOTE: this has security relevance only in use cases outside of the MIT Kerberos distribution, e.g., the use of get_matching_data in KDC certauth plugin code that is specific to Red Hat. |
| 5.3 | 2016-03-25 | CVE-2016-3119 | The process_db_args function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request to modify a principal. |
| 6.5 | 2016-02-12 | CVE-2015-8631 | Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (memory consumption) via a request specifying a NULL principal name. |
| 5.3 | 2016-02-12 | CVE-2015-8629 | The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string. |
| 4 | 2015-11-08 | CVE-2015-2697 | The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request. |
| 7.1 | 2015-11-08 | CVE-2015-2696 | lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mishandled during a gss_inquire_context call. |
| 5 | 2015-11-08 | CVE-2015-2695 | lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call. |
| 5 | 2015-02-20 | CVE-2014-5355 | MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '\0' character, which allows remote attackers to (1) cause a denial of service (NULL pointer dereference) via a zero-byte version string or (2) cause a denial of service (out-of-bounds read) by omitting the '\0' character, related to appl/user_user/server.c and lib/krb5/krb/recvauth.c. |
| 3.5 | 2014-12-16 | CVE-2014-5353 | The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy. |
| 5 | 2014-07-20 | CVE-2014-4341 | MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session. |
| 4.3 | 2013-11-17 | CVE-2013-1418 | The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request. |
| 5 | 2013-05-29 | CVE-2002-2443 | schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103. |
| 4 | 2013-04-19 | CVE-2013-1416 | The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request. |
| 5 | 2013-03-05 | CVE-2013-1415 | The pkinit_check_kdc_pkid function in plugins/preauth/pkinit/pkinit_crypto_openssl.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 and 1.11.x before 1.11.1 does not properly handle errors during extraction of fields from an X.509 certificate, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed KRB5_PADATA_PK_AS_REQ AS-REQ request. |
| 5 | 2013-03-04 | CVE-2012-1016 | The pkinit_server_return_padata function in plugins/preauth/pkinit/pkinit_srv.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 attempts to find an agility KDF identifier in inappropriate circumstances, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted Draft 9 request. |
| 6.8 | 2010-05-19 | CVE-2010-1321 | The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing. |
| 10 | 2009-04-08 | CVE-2009-0846 | The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer. |
| 4.3 | 2008-03-19 | CVE-2008-0063 | The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values." |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 27% (9) | CWE-476 | NULL Pointer Dereference |
| 9% (3) | CWE-787 | Out-of-bounds Write |
| 9% (3) | CWE-415 | Double Free |
| 9% (3) | CWE-125 | Out-of-bounds Read |
| 9% (3) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 6% (2) | CWE-399 | Resource Management Errors |
| 6% (2) | CWE-20 | Improper Input Validation |
| 3% (1) | CWE-772 | Missing Release of Resource after Effective Lifetime |
| 3% (1) | CWE-763 | Release of Invalid Pointer or Reference |
| 3% (1) | CWE-674 | Uncontrolled Recursion |
| 3% (1) | CWE-306 | Missing Authentication for Critical Function |
| 3% (1) | CWE-287 | Improper Authentication |
| 3% (1) | CWE-190 | Integer Overflow or Wraparound |
| 3% (1) | CWE-189 | Numeric Errors |
| 3% (1) | CWE-18 | Source Code |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-3 | Using Leading 'Ghost' Character Sequences to Bypass Input Filters |
| CAPEC-7 | Blind SQL Injection |
| CAPEC-8 | Buffer Overflow in an API Call |
| CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
| CAPEC-10 | Buffer Overflow via Environment Variables |
| CAPEC-13 | Subverting Environment Variable Values |
| CAPEC-14 | Client-side Injection-induced Buffer Overflow |
| CAPEC-18 | Embedding Scripts in Nonscript Elements |
| CAPEC-22 | Exploiting Trust in Client (aka Make the Client Invisible) |
| CAPEC-24 | Filter Failure through Buffer Overflow |
| CAPEC-26 | Leveraging Race Conditions |
| CAPEC-28 | Fuzzing |
| CAPEC-29 | Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions |
| CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
| CAPEC-32 | Embedding Scripts in HTTP Query Strings |
| CAPEC-42 | MIME Conversion |
| CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
| CAPEC-45 | Buffer Overflow via Symbolic Links |
| CAPEC-46 | Overflow Variables and Tags |
| CAPEC-47 | Buffer Overflow via Parameter Expansion |
| CAPEC-52 | Embedding NULL Bytes |
| CAPEC-53 | Postfix, Null Terminate, and Backslash |
| CAPEC-63 | Simple Script Injection |
| CAPEC-64 | Using Slashes and URL Encoding Combined to Bypass Validation Logic |
| CAPEC-66 | SQL Injection |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 70083 | Oracle Database MIT Kerberos 5 kg_accept_krb5 Remote Denial of Service |
| 64744 | Kerberos GSS-API AP-REQ Authenticator NULL Dereference Remote DoS |
| 53383 | MIT Kerberos 5 (krb5) ASN.1 Decoder asn1_decode_generaltime() Function Remote... |
| 43346 | MIT Kerberos 5 lib/gssapi/mechglue/g_initialize.c gss_indicate_mechs Function... |
| 43345 | MIT Kerberos 5 (krb5) lib/gssapi/krb5/k5sealv3.c gss_krb5int_make_seal_token_... |
| 43342 | MIT Kerberos 5 KDC (krb5kdc) Error Response Information Disclosure |
| 43341 | MIT Kerberos 5 KDC (krb5kdc) Arbitrary Memory Disclosure |
| 36597 | MIT Kerberos 5 RPC Library gssrpc__svcauth_unix Function Remote Code Execution |
| 36596 | MIT Kerberos 5 RPC Library gssrpc__svcauth_gssapi Function Remote Code Execution |
| 36595 | MIT Kerberos kadmind rename_principal_2_svc Function Remote Overflow |
| 34106 | MIT Kerberos telnet Crafted Username Remote Authentication Bypass |
| 34105 | MIT Kerberos 5 kadmind GSS-API Library Remote Key Database Manipulation |
| 34104 | MIT Kerberos 5 KDC krb5_klog_syslog() Function Remote Overflow |
| 31280 | MIT Kerberos GSS-API mechglue Memory Management Code Execution |
| 12533 | MIT Kerberos 5 libkadm5srv Password History Handling Overflow |
| 9409 | MIT Kerberos 5 krb524d Double-free Error Condition Code Execution |
| 9408 | MIT Kerberos 5 krb524d krb5_rd_cred() Arbitrary Code Execution |
| 9407 | MIT Kerberos 5 Double-free Error Condition Code Execution |
| 9406 | MIT Kerberos 5 ASN.1 Decoder DoS |
| 6846 | MIT Kerberos 5 krb5_aname_to_localname() Buffer Overflow |
| 5618 | Heimdal Kerberos kf / kfd Multiple Buffer Overflows |
| 4902 | MIT Kerberos 5 Key Distribution Center Heap Corruption DoS |
| 4901 | MIT Kerberos 5 KDC Array Overrun DoS |
| 4900 | Heimdal Kerberos kadmind Forwarding Daemon Overflow |
| 4896 | MIT Kerberos 5 ASN.1 Decoder Heap Corruption DoS |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-03-16 | Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe... File : nvt/gb_VMSA-2011-0003.nasl |
| 2012-03-15 | Name : VMSA-2010-0016 VMware ESXi and ESX third party updates for Service Console an... File : nvt/gb_VMSA-2010-0016.nasl |
| 2012-03-15 | Name : VMSA-2011-0013.2 VMware third party component updates for VMware vCenter Serv... File : nvt/gb_VMSA-2011-0013.nasl |
| 2012-02-12 | Name : Gentoo Security Advisory GLSA 201201-13 (mit-krb5) File : nvt/glsa_201201_13.nasl |
| 2011-08-09 | Name : CentOS Update for krb5-devel CESA-2009:0408 centos5 i386 File : nvt/gb_CESA-2009_0408_krb5-devel_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for krb5-devel CESA-2009:0409 centos4 i386 File : nvt/gb_CESA-2009_0409_krb5-devel_centos4_i386.nasl |
| 2011-08-09 | Name : CentOS Update for krb5 CESA-2009:0410-01 centos2 i386 File : nvt/gb_CESA-2009_0410-01_krb5_centos2_i386.nasl |
| 2011-08-09 | Name : CentOS Update for krb5-devel CESA-2009:0410 centos3 i386 File : nvt/gb_CESA-2009_0410_krb5-devel_centos3_i386.nasl |
| 2011-05-05 | Name : Fedora Update for krb5 FEDORA-2011-5343 File : nvt/gb_fedora_2011_5343_krb5_fc13.nasl |
| 2011-03-25 | Name : Fedora Update for krb5 FEDORA-2011-3464 File : nvt/gb_fedora_2011_3464_krb5_fc13.nasl |
| 2011-02-18 | Name : Fedora Update for krb5 FEDORA-2011-1210 File : nvt/gb_fedora_2011_1210_krb5_fc13.nasl |
| 2010-12-23 | Name : Fedora Update for krb5 FEDORA-2010-18425 File : nvt/gb_fedora_2010_18425_krb5_fc13.nasl |
| 2010-07-23 | Name : Ubuntu Update for krb5 vulnerability USN-940-2 File : nvt/gb_ubuntu_USN_940_2.nasl |
| 2010-07-12 | Name : Mandriva Update for heimdal MDVSA-2010:130 (heimdal) File : nvt/gb_mandriva_MDVSA_2010_130.nasl |
| 2010-06-03 | Name : Debian Security Advisory DSA 2052-1 (krb5) File : nvt/deb_2052_1.nasl |
| 2010-05-28 | Name : CentOS Update for krb5-devel CESA-2010:0423 centos3 i386 File : nvt/gb_CESA-2010_0423_krb5-devel_centos3_i386.nasl |
| 2010-05-28 | Name : CentOS Update for krb5-devel CESA-2010:0423 centos4 i386 File : nvt/gb_CESA-2010_0423_krb5-devel_centos4_i386.nasl |
| 2010-05-28 | Name : RedHat Update for krb5 RHSA-2010:0423-01 File : nvt/gb_RHSA-2010_0423-01_krb5.nasl |
| 2010-05-28 | Name : Fedora Update for krb5 FEDORA-2010-8796 File : nvt/gb_fedora_2010_8796_krb5_fc11.nasl |
| 2010-05-28 | Name : Fedora Update for krb5 FEDORA-2010-8805 File : nvt/gb_fedora_2010_8805_krb5_fc12.nasl |
| 2010-05-28 | Name : Mandriva Update for krb5 MDVSA-2010:100 (krb5) File : nvt/gb_mandriva_MDVSA_2010_100.nasl |
| 2010-05-28 | Name : Ubuntu Update for krb5 vulnerabilities USN-940-1 File : nvt/gb_ubuntu_USN_940_1.nasl |
| 2010-05-12 | Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl |
| 2010-04-30 | Name : Mandriva Update for netcdf MDVA-2010:129 (netcdf) File : nvt/gb_mandriva_MDVA_2010_129.nasl |
| 2010-04-30 | Name : Mandriva Update for rpm MDVA-2010:130 (rpm) File : nvt/gb_mandriva_MDVA_2010_130.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-B-0069 | Multiple Vulnerabilities in MIT Kerberos 5 Severity: Category I - VMSKEY: V0060811 |
| 2013-B-0130 | MIT Kerberos Denial of Service Vulnerabilities Severity: Category I - VMSKEY: V0042308 |
| 2013-B-0044 | MIT Kerberos Denial of Service Vulnerabilities Severity: Category I - VMSKEY: V0037773 |
| 2011-A-0160 | Multiple Vulnerabilities in VMware vCenter Server 4.0 and vCenter Update Mana... Severity: Category I - VMSKEY: V0030769 |
| 2011-A-0066 | Multiple Vulnerabilities in VMware Products Severity: Category I - VMSKEY: V0027158 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2015-03-27 | MIT Kerberos KDC as-req sname null pointer dereference attempt RuleID : 8888889 - Type : SERVER-OTHER - Revision : 1 |
| 2015-03-27 | MIT Kerberos KDC as-req sname null pointer dereference attempt RuleID : 8888888 - Type : SERVER-OTHER - Revision : 1 |
| 2020-01-07 | MIT Kerberos 5 krb5_read_message ksh protocol bad sendauth version length den... RuleID : 52392 - Type : SERVER-OTHER - Revision : 1 |
| 2020-01-07 | MIT Kerberos 5 krb5_read_message ksh protocol bad sendauth version length den... RuleID : 52391 - Type : SERVER-OTHER - Revision : 1 |
| 2020-01-07 | MIT Kerberos 5 krb5_read_message klogin ksh kprop protocols bad app version s... RuleID : 52390 - Type : SERVER-OTHER - Revision : 1 |
| 2020-01-07 | MIT Kerberos 5 krb5_read_message klogin ksh kprop protocols bad app version s... RuleID : 52389 - Type : SERVER-OTHER - Revision : 1 |
| 2020-01-07 | MIT Kerberos 5 krb5_read_message klogin ksh kprop protocols bad sendauth vers... RuleID : 52388 - Type : SERVER-OTHER - Revision : 1 |
| 2020-01-07 | MIT Kerberos 5 krb5_read_message kprop protocol bad sendauth version length d... RuleID : 52387 - Type : SERVER-OTHER - Revision : 1 |
| 2020-01-07 | MIT Kerberos 5 krb5_read_message klogin ksh kprop protocols bad app version l... RuleID : 52386 - Type : SERVER-OTHER - Revision : 1 |
| 2020-01-07 | MIT Kerberos 5 krb5_read_message klogin protocol bad sendauth or app version ... RuleID : 52385 - Type : SERVER-OTHER - Revision : 1 |
| 2020-01-07 | MIT Kerberos 5 krb5_read_message klogin ksh kprop protocols bad sendauth vers... RuleID : 52384 - Type : SERVER-OTHER - Revision : 1 |
| 2019-09-24 | MIT Kerberos kpasswd UDP denial of service attempt RuleID : 51212 - Type : SERVER-OTHER - Revision : 1 |
| 2015-06-23 | MIT Kerberos KDC as-req sname null pointer dereference attempt RuleID : 34972 - Type : SERVER-OTHER - Revision : 2 |
| 2015-06-23 | MIT Kerberos KDC as-req sname null pointer dereference attempt RuleID : 34971 - Type : SERVER-OTHER - Revision : 2 |
| 2015-07-08 | MIT Kerberos 5 krb5_read_message denial of service attempt RuleID : 34709 - Type : SERVER-OTHER - Revision : 4 |
| 2014-01-10 | MIT Kerberos KDC prep_reprocess_req null pointer dereference attempt RuleID : 27906 - Type : SERVER-OTHER - Revision : 3 |
| 2014-01-10 | kerberos principal name overflow TCP RuleID : 2579-community - Type : SERVER-OTHER - Revision : 8 |
| 2014-01-10 | kerberos principal name overflow TCP RuleID : 2579 - Type : SERVER-OTHER - Revision : 8 |
| 2014-01-10 | kerberos principal name overflow UDP RuleID : 2578-community - Type : SERVER-OTHER - Revision : 10 |
| 2014-01-10 | kerberos principal name overflow UDP RuleID : 2578 - Type : SERVER-OTHER - Revision : 10 |
| 2014-01-10 | portmap proxy integer overflow attempt TCP RuleID : 2093-community - Type : PROTOCOL-RPC - Revision : 13 |
| 2014-01-10 | portmap proxy integer overflow attempt TCP RuleID : 2093 - Type : PROTOCOL-RPC - Revision : 13 |
| 2014-01-10 | portmap proxy integer overflow attempt UDP RuleID : 2092-community - Type : PROTOCOL-RPC - Revision : 14 |
| 2014-01-10 | portmap proxy integer overflow attempt UDP RuleID : 2092 - Type : PROTOCOL-RPC - Revision : 14 |
| 2014-01-10 | successful kadmind buffer overflow attempt RuleID : 1901-community - Type : SERVER-OTHER - Revision : 16 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-12-28 | Name: The remote EulerOS Virtualization host is missing multiple security updates. File: EulerOS_SA-2018-1408.nasl - Type: ACT_GATHER_INFO |
| 2018-12-10 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2018-1398.nasl - Type: ACT_GATHER_INFO |
| 2018-11-21 | Name: The remote EulerOS Virtualization host is missing a security update. File: EulerOS_SA-2018-1376.nasl - Type: ACT_GATHER_INFO |
| 2018-11-07 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2018-1361.nasl - Type: ACT_GATHER_INFO |
| 2018-11-06 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2018-1354.nasl - Type: ACT_GATHER_INFO |
| 2018-09-18 | Name: The remote EulerOS Virtualization host is missing a security update. File: EulerOS_SA-2018-1240.nasl - Type: ACT_GATHER_INFO |
| 2018-09-07 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1010.nasl - Type: ACT_GATHER_INFO |
| 2018-08-17 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2017-0011.nasl - Type: ACT_GATHER_INFO |
| 2018-08-17 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2017-1_0-0093.nasl - Type: ACT_GATHER_INFO |
| 2018-08-17 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2017-2_0-0007.nasl - Type: ACT_GATHER_INFO |
| 2018-05-11 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2018-1010.nasl - Type: ACT_GATHER_INFO |
| 2018-04-27 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-0666.nasl - Type: ACT_GATHER_INFO |
| 2018-02-01 | Name: The remote Debian host is missing a security update. File: debian_DLA-1265.nasl - Type: ACT_GATHER_INFO |
| 2018-01-19 | Name: The remote EulerOS host is missing a security update. File: EulerOS_SA-2018-1007.nasl - Type: ACT_GATHER_INFO |
| 2018-01-19 | Name: The remote EulerOS host is missing a security update. File: EulerOS_SA-2018-1008.nasl - Type: ACT_GATHER_INFO |
| 2018-01-15 | Name: The remote Fedora host is missing a security update. File: fedora_2017-2dd6c320a4.nasl - Type: ACT_GATHER_INFO |
| 2018-01-11 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL15552.nasl - Type: ACT_GATHER_INFO |
| 2017-11-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2017-1266.nasl - Type: ACT_GATHER_INFO |
| 2017-11-09 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2017-2948-1.nasl - Type: ACT_GATHER_INFO |
| 2017-05-01 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2016-1012.nasl - Type: ACT_GATHER_INFO |
| 2017-05-01 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2016-1076.nasl - Type: ACT_GATHER_INFO |
| 2017-02-07 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2017-793.nasl - Type: ACT_GATHER_INFO |
| 2016-12-15 | Name: The remote Scientific Linux host is missing one or more security updates. File: sl_20161103_krb5_on_SL7_x.nasl - Type: ACT_GATHER_INFO |
| 2016-11-28 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2016-2591.nasl - Type: ACT_GATHER_INFO |
| 2016-11-21 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201611-14.nasl - Type: ACT_GATHER_INFO |
