- Home
- CVEs with nessus.description==The following packages have been upgraded to a newer upstream version:
krb5 (1.14.1).
Security Fix(es) :
- A NULL pointer dereference flaw was found in MIT
Kerberos kadmind service. An authenticated attacker with
permission to modify a principal entry could use this
flaw to cause kadmind to dereference a NULL pointer and
crash by supplying an empty DB argument to the
modify_principal command, if kadmind was configured to
use the LDAP KDB module. (CVE-2016-3119)
- A NULL pointer dereference flaw was found in MIT
Kerberos krb5kdc service. An authenticated attacker
could use this flaw to cause krb5kdc to dereference a
NULL pointer and crash by making an S4U2Self request, if
the restrict_anonymous_to_tgt option was set to true.
(CVE-2016-3120)
Additional Changes :
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top