Summary
Detail | |||
---|---|---|---|
Vendor | Mit | First view | 1996-02-21 |
Product | Kerberos 5 | Last view | 2020-11-06 |
Version | Type | Application | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.5 | 2020-11-06 | CVE-2020-28196 | MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit. |
7.5 | 2019-09-26 | CVE-2019-14844 | A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC. |
6.5 | 2018-07-26 | CVE-2017-7562 | An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances. |
3.8 | 2018-03-06 | CVE-2018-5730 | MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN. |
4.7 | 2018-03-06 | CVE-2018-5729 | MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module. |
6.5 | 2018-01-16 | CVE-2018-5710 | An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client. |
7.5 | 2018-01-16 | CVE-2018-5709 | An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data. |
9.8 | 2017-11-23 | CVE-2017-15088 | plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in situations involving untrusted X.509 data, related to the get_matching_data and X509_NAME_oneline_ex functions. NOTE: this has security relevance only in use cases outside of the MIT Kerberos distribution, e.g., the use of get_matching_data in KDC certauth plugin code that is specific to Red Hat. |
9.8 | 2017-09-13 | CVE-2017-11462 | Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error. |
6.5 | 2017-08-09 | CVE-2017-11368 | In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests. |
6.5 | 2016-07-31 | CVE-2016-3120 | The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.6 and 1.4.x before 1.14.3, when restrict_anonymous_to_tgt is enabled, uses an incorrect client data structure, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an S4U2Self request. |
5.3 | 2016-03-25 | CVE-2016-3119 | The process_db_args function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request to modify a principal. |
6.5 | 2016-02-12 | CVE-2015-8631 | Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (memory consumption) via a request specifying a NULL principal name. |
7.5 | 2016-02-12 | CVE-2015-8630 | The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal functions in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by specifying KADM5_POLICY with a NULL policy name. |
5.3 | 2016-02-12 | CVE-2015-8629 | The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string. |
8.5 | 2015-11-12 | CVE-2015-2698 | The iakerb_gss_export_sec_context function in lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) 1.14 pre-release 2015-09-14 improperly accesses a certain pointer, which allows remote authenticated users to cause a denial of service (memory corruption) or possibly have unspecified other impact by interacting with an application that calls the gss_export_sec_context function. NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-2696. |
4 | 2015-11-08 | CVE-2015-2697 | The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request. |
7.1 | 2015-11-08 | CVE-2015-2696 | lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mishandled during a gss_inquire_context call. |
5 | 2015-11-08 | CVE-2015-2695 | lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call. |
5.8 | 2015-05-25 | CVE-2015-2694 | The kdcpreauth modules in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.2 do not properly track whether a client's request has been validated, which allows remote attackers to bypass an intended preauthentication requirement by providing (1) zero bytes of data or (2) an arbitrary realm name, related to plugins/preauth/otp/main.c and plugins/preauth/pkinit/pkinit_srv.c. |
5 | 2015-02-20 | CVE-2014-5355 | MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '\0' character, which allows remote attackers to (1) cause a denial of service (NULL pointer dereference) via a zero-byte version string or (2) cause a denial of service (out-of-bounds read) by omitting the '\0' character, related to appl/user_user/server.c and lib/krb5/krb/recvauth.c. |
5 | 2015-02-19 | CVE-2014-9423 | The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (aka krb5) 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized interposer data to clients, which allows remote attackers to obtain sensitive information from process heap memory by sniffing the network for data in a handle field. |
6.1 | 2015-02-19 | CVE-2014-9422 | The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadmind in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 allows remote authenticated users to bypass a kadmin/* authorization check and obtain administrative access by leveraging access to a two-component principal with an initial "kadmind" substring, as demonstrated by a "ka/x" principal. |
9 | 2015-02-19 | CVE-2014-9421 | The auth_gssapi_unwrap_data function in lib/rpc/auth_gssapi_misc.c in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly handle partial XDR deserialization, which allows remote authenticated users to cause a denial of service (use-after-free and double free, and daemon crash) or possibly execute arbitrary code via malformed XDR data, as demonstrated by data sent to kadmind. |
9 | 2015-02-19 | CVE-2014-5352 | The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgssapi_krb5 library in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly maintain security-context handles, which allows remote authenticated users to cause a denial of service (use-after-free and double free, and daemon crash) or possibly execute arbitrary code via crafted GSSAPI traffic, as demonstrated by traffic to kadmind. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
15% (13) | CWE-20 | Improper Input Validation |
14% (12) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
12% (10) | CWE-476 | NULL Pointer Dereference |
7% (6) | CWE-399 | Resource Management Errors |
6% (5) | CWE-415 | Double Free |
6% (5) | CWE-264 | Permissions, Privileges, and Access Controls |
4% (4) | CWE-310 | Cryptographic Issues |
4% (4) | CWE-189 | Numeric Errors |
4% (4) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
3% (3) | CWE-787 | Out-of-bounds Write |
3% (3) | CWE-125 | Out-of-bounds Read |
1% (1) | CWE-772 | Missing Release of Resource after Effective Lifetime |
1% (1) | CWE-763 | Release of Invalid Pointer or Reference |
1% (1) | CWE-674 | Uncontrolled Recursion |
1% (1) | CWE-617 | Reachable Assertion |
1% (1) | CWE-306 | Missing Authentication for Critical Function |
1% (1) | CWE-287 | Improper Authentication |
1% (1) | CWE-284 | Access Control (Authorization) Issues |
1% (1) | CWE-255 | Credentials Management |
1% (1) | CWE-200 | Information Exposure |
1% (1) | CWE-190 | Integer Overflow or Wraparound |
1% (1) | CWE-90 | Failure to Sanitize Data into LDAP Queries ('LDAP Injection') |
1% (1) | CWE-18 | Source Code |
1% (1) | CWE-16 | Configuration |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-3 | Using Leading 'Ghost' Character Sequences to Bypass Input Filters |
CAPEC-7 | Blind SQL Injection |
CAPEC-8 | Buffer Overflow in an API Call |
CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
CAPEC-10 | Buffer Overflow via Environment Variables |
CAPEC-13 | Subverting Environment Variable Values |
CAPEC-14 | Client-side Injection-induced Buffer Overflow |
CAPEC-18 | Embedding Scripts in Nonscript Elements |
CAPEC-22 | Exploiting Trust in Client (aka Make the Client Invisible) |
CAPEC-24 | Filter Failure through Buffer Overflow |
CAPEC-26 | Leveraging Race Conditions |
CAPEC-28 | Fuzzing |
CAPEC-29 | Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions |
CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
CAPEC-32 | Embedding Scripts in HTTP Query Strings |
CAPEC-42 | MIME Conversion |
CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
CAPEC-45 | Buffer Overflow via Symbolic Links |
CAPEC-46 | Overflow Variables and Tags |
CAPEC-47 | Buffer Overflow via Parameter Expansion |
CAPEC-52 | Embedding NULL Bytes |
CAPEC-53 | Postfix, Null Terminate, and Backslash |
CAPEC-63 | Simple Script Injection |
CAPEC-64 | Using Slashes and URL Encoding Combined to Bypass Validation Logic |
CAPEC-66 | SQL Injection |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:1828 | Buffer Overflow in "in.telnetd"or "telnetd"Process |
oval:org.mitre.oval:def:230 | xdrmem_bytes() Integer Overflow Vulnerability |
oval:org.mitre.oval:def:1110 | Kerberos V5 Null Pointer DoS Vulnerability |
oval:org.mitre.oval:def:4430 | Kerberos 5 KDC Buffer Underrun in Principle Name Handling |
oval:org.mitre.oval:def:2536 | Kerberos 5 KDC Heap Corruption Vulnerability |
oval:org.mitre.oval:def:244 | Kerberos KDC Heap Corruption Denial of Service |
oval:org.mitre.oval:def:991 | Multiple BO Vulnerabilities in MIT Kerberos 5 |
oval:org.mitre.oval:def:724 | MIT Kerberos 5 KRB5_AName_To_Localname Multiple Principal Name Buffer Overrun... |
oval:org.mitre.oval:def:2002 | Multiple Buffer Overflows in Kerberos 5 (krb5_aname_to_localname) |
oval:org.mitre.oval:def:10295 | Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5... |
oval:org.mitre.oval:def:4936 | Kerberos 5 KDC ASN.1 Error Handling Double-free Vulnerabilities |
oval:org.mitre.oval:def:10709 | Double free vulnerabilities in the error handling code for ASN.1 decoders in ... |
oval:org.mitre.oval:def:3322 | Kerberos 5 Double-free Vulnerability in krb5_rd_cred Function |
oval:org.mitre.oval:def:10267 | Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (kr... |
oval:org.mitre.oval:def:2139 | Kerberos 5 ASN.1 Library DoS |
oval:org.mitre.oval:def:10014 | The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5... |
oval:org.mitre.oval:def:4661 | MIT Kerberos 5 Multiple Double-Free Vulnerabilities |
oval:org.mitre.oval:def:10497 | The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Lin... |
oval:org.mitre.oval:def:11911 | The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerbero... |
oval:org.mitre.oval:def:1139 | Telnet Client Information Disclosure Vulnerability |
oval:org.mitre.oval:def:11373 | Certain BSD-based Telnet clients, including those used on Solaris and SuSE Li... |
oval:org.mitre.oval:def:397 | MIT Kerberos 5 Key Distribution Center Remote Denial of Service Vulnerability |
oval:org.mitre.oval:def:10229 | MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows ... |
oval:org.mitre.oval:def:9902 | Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerber... |
oval:org.mitre.oval:def:736 | MIT Kerberos 5 Key Distribution Center Remote Denial of Service Vulnerability |
SAINT Exploits
Description | Link |
---|---|
MIT Kerberos 5 RPC library RPCSEC_GSS buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
76661 | Kerberos KDC lookup_lockout_policy() Function NULL Pointer Dereference Remote... |
76660 | Kerberos KDC krb5_ldap_get_principal() Function NULL Pointer Dereference Remo... |
76659 | Kerberos KDC Multiple Function Assertation Weakness Remote DoS |
71972 | Oracle Solaris Kerberos Checksum Acceptability Weakness KDC / KRB-SAFE Messag... |
71789 | Kerberos kadmind Unspecified Packet Handling Remote DoS |
71183 | Kerberos KDC src/kdc/do_as_req.c prepare_error_as() Function AS-REQ Request D... |
70910 | Kerberos KDC Unspecified DoS |
70909 | Kerberos KDC LDAP Backend Principal Name Handling DoS |
70908 | Kerberos KDC LDAP Backend Unparse Implementation DoS |
70907 | Kerberos kpropd do_standalone() Function Unspecified DoS |
70083 | Oracle Database MIT Kerberos 5 kg_accept_krb5 Remote Denial of Service |
69610 | MIT Kerberos 5 (krb5) Checksum Acceptability Weakness KDC / KRB-SAFE Message ... |
69609 | MIT Kerberos 5 (krb5) Checksum Acceptability Weakness RC4 Key GSS Token Forge... |
69608 | MIT Kerberos 5 (krb5) RC4 Key-derivation Checksums One-byte Stream-cipher Ope... |
69607 | MIT Kerberos 5 (krb5) KDC TGS Request TGT Credentials Inner Request KrbFastRe... |
68525 | MIT Kerberos 5 (krb5) Key Distribution Center kdc_authdata.c merge_authdata F... |
64744 | Kerberos GSS-API AP-REQ Authenticator NULL Dereference Remote DoS |
63975 | Kerberos KDC kdc/do_tgs_req.c process_tgs_req() Function Ticket Validation Do... |
63569 | Kerberos src/kadmin/server/server_stubs.c init_2_svc() Function API Version N... |
63162 | MIT Kerberos 5 (krb5) SPNEGO GSS-API Mechanism lib/gssapi/spnego/spnego_mech.... |
62391 | Kerberos KDC Authorization Data Request Remote DoS |
61795 | MIT Kerberos 5 (krb5) Crypto Library AES / RC4 Decryption Functionality Malfo... |
61423 | Kerberos KDC Cross-Realm Referral kdc/do_tgs_req.c prep_reprocess_req Functio... |
53384 | MIT Kerberos 5 (krb5) SPNEGO GSS-API Mechanism Network Input Buffer Handling ... |
53383 | MIT Kerberos 5 (krb5) ASN.1 Decoder asn1_decode_generaltime() Function Remote... |
OpenVAS Exploits
id | Description |
---|---|
2012-08-30 | Name : Fedora Update for krb5 FEDORA-2012-11388 File : nvt/gb_fedora_2012_11388_krb5_fc17.nasl |
2012-08-30 | Name : Fedora Update for krb5 FEDORA-2012-2187 File : nvt/gb_fedora_2012_2187_krb5_fc17.nasl |
2012-08-30 | Name : Fedora Update for krb5 FEDORA-2012-8784 File : nvt/gb_fedora_2012_8784_krb5_fc17.nasl |
2012-08-14 | Name : Fedora Update for krb5 FEDORA-2012-11370 File : nvt/gb_fedora_2012_11370_krb5_fc16.nasl |
2012-08-10 | Name : Debian Security Advisory DSA 2518-1 (krb5) File : nvt/deb_2518_1.nasl |
2012-08-03 | Name : CentOS Update for krb5-devel CESA-2012:1131 centos6 File : nvt/gb_CESA-2012_1131_krb5-devel_centos6.nasl |
2012-08-03 | Name : RedHat Update for krb5 RHSA-2012:1131-01 File : nvt/gb_RHSA-2012_1131-01_krb5.nasl |
2012-08-03 | Name : Mandriva Update for krb5 MDVSA-2012:120 (krb5) File : nvt/gb_mandriva_MDVSA_2012_120.nasl |
2012-08-03 | Name : Ubuntu Update for krb5 USN-1520-1 File : nvt/gb_ubuntu_USN_1520_1.nasl |
2012-07-30 | Name : CentOS Update for krb5-devel CESA-2011:0199 centos5 x86_64 File : nvt/gb_CESA-2011_0199_krb5-devel_centos5_x86_64.nasl |
2012-07-10 | Name : Mandriva Update for krb5 MDVSA-2012:102 (krb5) File : nvt/gb_mandriva_MDVSA_2012_102.nasl |
2012-07-09 | Name : RedHat Update for krb5 RHSA-2011:1379-01 File : nvt/gb_RHSA-2011_1379-01_krb5.nasl |
2012-06-15 | Name : Fedora Update for krb5 FEDORA-2012-8803 File : nvt/gb_fedora_2012_8803_krb5_fc16.nasl |
2012-06-15 | Name : Fedora Update for krb5 FEDORA-2012-8805 File : nvt/gb_fedora_2012_8805_krb5_fc15.nasl |
2012-06-06 | Name : RedHat Update for krb5 RHSA-2011:0356-01 File : nvt/gb_RHSA-2011_0356-01_krb5.nasl |
2012-06-06 | Name : RedHat Update for krb5 RHSA-2011:0447-01 File : nvt/gb_RHSA-2011_0447-01_krb5.nasl |
2012-06-05 | Name : RedHat Update for krb5 RHSA-2011:0200-01 File : nvt/gb_RHSA-2011_0200-01_krb5.nasl |
2012-04-16 | Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates File : nvt/gb_VMSA-2010-0009.nasl |
2012-03-16 | Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe... File : nvt/gb_VMSA-2011-0003.nasl |
2012-03-16 | Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX... File : nvt/gb_VMSA-2011-0012.nasl |
2012-03-15 | Name : VMSA-2010-0016 VMware ESXi and ESX third party updates for Service Console an... File : nvt/gb_VMSA-2010-0016.nasl |
2012-03-15 | Name : VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates ... File : nvt/gb_VMSA-2011-0007.nasl |
2012-03-15 | Name : VMSA-2011-0013.2 VMware third party component updates for VMware vCenter Serv... File : nvt/gb_VMSA-2011-0013.nasl |
2012-02-12 | Name : Gentoo Security Advisory GLSA 201201-13 (mit-krb5) File : nvt/glsa_201201_13.nasl |
2012-02-11 | Name : Debian Security Advisory DSA 2379-1 (krb5) File : nvt/deb_2379_1.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2015-A-0160 | Multiple Vulnerabilities in Oracle Linux and Virtualization Severity: Category I - VMSKEY: V0061123 |
2015-B-0069 | Multiple Vulnerabilities in MIT Kerberos 5 Severity: Category I - VMSKEY: V0060811 |
2013-B-0130 | MIT Kerberos Denial of Service Vulnerabilities Severity: Category I - VMSKEY: V0042308 |
2013-B-0044 | MIT Kerberos Denial of Service Vulnerabilities Severity: Category I - VMSKEY: V0037773 |
2011-A-0160 | Multiple Vulnerabilities in VMware vCenter Server 4.0 and vCenter Update Mana... Severity: Category I - VMSKEY: V0030769 |
2011-A-0147 | Multiple Vulnerabilities in VMware ESX and ESXi Severity: Category I - VMSKEY: V0030545 |
2011-A-0066 | Multiple Vulnerabilities in VMware Products Severity: Category I - VMSKEY: V0027158 |
Snort® IPS/IDS
Date | Description |
---|---|
2015-03-27 | MIT Kerberos KDC as-req sname null pointer dereference attempt RuleID : 8888889 - Type : SERVER-OTHER - Revision : 1 |
2015-03-27 | MIT Kerberos KDC as-req sname null pointer dereference attempt RuleID : 8888888 - Type : SERVER-OTHER - Revision : 1 |
2020-01-07 | MIT Kerberos 5 krb5_read_message ksh protocol bad sendauth version length den... RuleID : 52392 - Type : SERVER-OTHER - Revision : 1 |
2020-01-07 | MIT Kerberos 5 krb5_read_message ksh protocol bad sendauth version length den... RuleID : 52391 - Type : SERVER-OTHER - Revision : 1 |
2020-01-07 | MIT Kerberos 5 krb5_read_message klogin ksh kprop protocols bad app version s... RuleID : 52390 - Type : SERVER-OTHER - Revision : 1 |
2020-01-07 | MIT Kerberos 5 krb5_read_message klogin ksh kprop protocols bad app version s... RuleID : 52389 - Type : SERVER-OTHER - Revision : 1 |
2020-01-07 | MIT Kerberos 5 krb5_read_message klogin ksh kprop protocols bad sendauth vers... RuleID : 52388 - Type : SERVER-OTHER - Revision : 1 |
2020-01-07 | MIT Kerberos 5 krb5_read_message kprop protocol bad sendauth version length d... RuleID : 52387 - Type : SERVER-OTHER - Revision : 1 |
2020-01-07 | MIT Kerberos 5 krb5_read_message klogin ksh kprop protocols bad app version l... RuleID : 52386 - Type : SERVER-OTHER - Revision : 1 |
2020-01-07 | MIT Kerberos 5 krb5_read_message klogin protocol bad sendauth or app version ... RuleID : 52385 - Type : SERVER-OTHER - Revision : 1 |
2020-01-07 | MIT Kerberos 5 krb5_read_message klogin ksh kprop protocols bad sendauth vers... RuleID : 52384 - Type : SERVER-OTHER - Revision : 1 |
2019-09-24 | MIT Kerberos kpasswd UDP denial of service attempt RuleID : 51212 - Type : SERVER-OTHER - Revision : 1 |
2016-03-14 | MIT Kerberos 5 IAKERB outbound token detected RuleID : 36816 - Type : SERVER-OTHER - Revision : 5 |
2016-03-14 | MIT Kerberos 5 SPNEGO incoming token detected RuleID : 36815 - Type : SERVER-OTHER - Revision : 5 |
2016-03-14 | MIT Kerberos 5 SPNEGO acceptor acc_ctx_cont denial of service attempt RuleID : 36814 - Type : SERVER-OTHER - Revision : 5 |
2015-06-23 | MIT Kerberos KDC as-req sname null pointer dereference attempt RuleID : 34972 - Type : SERVER-OTHER - Revision : 2 |
2015-06-23 | MIT Kerberos KDC as-req sname null pointer dereference attempt RuleID : 34971 - Type : SERVER-OTHER - Revision : 2 |
2015-07-08 | MIT Kerberos 5 krb5_read_message denial of service attempt RuleID : 34709 - Type : SERVER-OTHER - Revision : 4 |
2014-11-16 | MIT Kerberos KDC TGS request cross-realm referral null pointer dereference de... RuleID : 31765 - Type : SERVER-OTHER - Revision : 4 |
2014-11-16 | MIT Kerberos KDC TGS request cross-realm referral null pointer dereference de... RuleID : 31764 - Type : SERVER-OTHER - Revision : 4 |
2014-01-10 | MIT Kerberos KDC prep_reprocess_req null pointer dereference attempt RuleID : 27906 - Type : SERVER-OTHER - Revision : 3 |
2014-01-10 | Kerberos KDC null pointer dereference denial of service attempt RuleID : 27195 - Type : SERVER-OTHER - Revision : 5 |
2014-01-10 | Kerberos KDC null pointer dereference denial of service attempt RuleID : 27194 - Type : SERVER-OTHER - Revision : 5 |
2014-01-10 | Kerberos KDC null pointer dereference denial of service attempt RuleID : 27193 - Type : SERVER-OTHER - Revision : 5 |
2014-01-10 | MIT Kerberos kpasswd process_chpw_request denial of service attempt RuleID : 26769 - Type : SERVER-OTHER - Revision : 8 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2018-12-28 | Name: The remote EulerOS Virtualization host is missing multiple security updates. File: EulerOS_SA-2018-1408.nasl - Type: ACT_GATHER_INFO |
2018-12-28 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2018-1425.nasl - Type: ACT_GATHER_INFO |
2018-12-20 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2018-1129.nasl - Type: ACT_GATHER_INFO |
2018-12-10 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2018-1398.nasl - Type: ACT_GATHER_INFO |
2018-11-21 | Name: The remote EulerOS Virtualization host is missing a security update. File: EulerOS_SA-2018-1376.nasl - Type: ACT_GATHER_INFO |
2018-11-16 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-3071.nasl - Type: ACT_GATHER_INFO |
2018-11-07 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2018-1361.nasl - Type: ACT_GATHER_INFO |
2018-11-06 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2018-1354.nasl - Type: ACT_GATHER_INFO |
2018-09-18 | Name: The remote EulerOS Virtualization host is missing a security update. File: EulerOS_SA-2018-1240.nasl - Type: ACT_GATHER_INFO |
2018-09-07 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1010.nasl - Type: ACT_GATHER_INFO |
2018-08-31 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2018-2_0-0087.nasl - Type: ACT_GATHER_INFO |
2018-08-21 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2018-1_0-0177.nasl - Type: ACT_GATHER_INFO |
2018-08-17 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2017-0011.nasl - Type: ACT_GATHER_INFO |
2018-08-17 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2017-0021.nasl - Type: ACT_GATHER_INFO |
2018-08-17 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2017-0038.nasl - Type: ACT_GATHER_INFO |
2018-08-17 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2017-1_0-0093.nasl - Type: ACT_GATHER_INFO |
2018-08-17 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2017-2_0-0007.nasl - Type: ACT_GATHER_INFO |
2018-05-11 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2018-1010.nasl - Type: ACT_GATHER_INFO |
2018-04-27 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-0666.nasl - Type: ACT_GATHER_INFO |
2018-03-02 | Name: The remote Fedora host is missing a security update. File: fedora_2018-f97cb1c9b0.nasl - Type: ACT_GATHER_INFO |
2018-02-21 | Name: The remote Fedora host is missing a security update. File: fedora_2018-391a1f3e61.nasl - Type: ACT_GATHER_INFO |
2018-02-01 | Name: The remote Debian host is missing a security update. File: debian_DLA-1265.nasl - Type: ACT_GATHER_INFO |
2018-01-19 | Name: The remote EulerOS host is missing a security update. File: EulerOS_SA-2018-1007.nasl - Type: ACT_GATHER_INFO |
2018-01-19 | Name: The remote EulerOS host is missing a security update. File: EulerOS_SA-2018-1008.nasl - Type: ACT_GATHER_INFO |
2018-01-15 | Name: The remote Fedora host is missing a security update. File: fedora_2017-2dd6c320a4.nasl - Type: ACT_GATHER_INFO |