Bugs fixes in "krb5"
Origin | Bug number | Title | Date fixed |
---|---|---|---|
CVE | CVE-2015-5355 | Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.3.6 allow remote attackers to inject arbitrary web script or HTML via t | 2015-11-12 |
CVE | CVE-2014-5355 | MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '\0' charac | 2015-11-12 |
CVE | CVE-2002-2443 | schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, | 2015-11-12 |
CVE | CVE-2015-2698 | memory corruption caused due to original patch for CVE-2015-2696 | 2015-11-12 |
CVE | CVE-2015-2697 | The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a den | 2015-11-12 |
CVE | CVE-2015-2696 | lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a | 2015-11-12 |
CVE | CVE-2015-2695 | lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to | 2015-11-12 |
CVE | CVE-2015-5355 | Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.3.6 allow remote attackers to inject arbitrary web script or HTML via t | 2015-11-12 |
CVE | CVE-2014-5355 | MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '\0' charac | 2015-11-12 |
CVE | CVE-2002-2443 | schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, | 2015-11-12 |
CVE | CVE-2015-2698 | memory corruption caused due to original patch for CVE-2015-2696 | 2015-11-12 |
CVE | CVE-2015-2697 | The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a den | 2015-11-12 |
CVE | CVE-2015-2696 | lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a | 2015-11-12 |
CVE | CVE-2015-2695 | lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to | 2015-11-12 |
CVE | CVE-2015-2694 | The kdcpreauth modules in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.2 do not properly track whether a client's request has been validat | 2015-11-12 |
CVE | CVE-2015-5355 | Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.3.6 allow remote attackers to inject arbitrary web script or HTML via t | 2015-11-12 |
CVE | CVE-2014-5355 | MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '\0' charac | 2015-11-12 |
CVE | CVE-2015-2698 | memory corruption caused due to original patch for CVE-2015-2696 | 2015-11-12 |
CVE | CVE-2015-2697 | The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a den | 2015-11-12 |
CVE | CVE-2015-2696 | lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a | 2015-11-12 |
About
-
Send Feedback to @ubuntu_updates