Oracle Linux 7 : krb5 (ELSA-2024-5076)
Newest Nessus Plugins from Tenable / 49d
Nessus Plugin ID 207970 with Critical Severity Synopsis The remote Oracle Linux host is missing one or more security updates. Description The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5076 advisory. - Fix integer overflows in PAC parsing (CVE-2022-42898) - Fix KDC null deref on TGS inner body null server (CVE-2021-37750) - Fix flaws in LDAP DN checking (CVE-2018-5729, CVE-2018-5730) - Fix CVE-2017-7562 (certauth eku bypass) - Fix CVE-2017-11368 (s4u2 request assertion failures) - Fix CVE-2016-3120 - Fix CVE-2016-3119 (LDAP NULL dereference) - Fix CVE-2015-8631, CVE-2015-8630, and CVE-2015-8629 - the rebase to krb5 1.13.1 in vers 1.13.1-0 also fixed: - Bug 1144498 ('Fix the race condition in the libkrb5 replay cache') - Bug 1163402 ('kdb5_ldap_util view_policy does not shows ticket flags on s390x and ppc64') - Bug 1185770 ('Missing upstream test in krb5-1.12.2: src/tests/gssapi/t_invalid.c') - Bug 1204211 ('CVE-2014-5355 krb5: unauthenticated denial of service in recvauth_common() and other') - fix for CVE-2015-2694 (#1218020) 'requires_preauth bypass in PKINIT-enabled KDC'. In MIT krb5 1.12 and later, when the KDC is configured with PKINIT support, an unauthenticated remote attacker can bypass the requires_preauth flag on a client principal and obtain a ciphertext encrypted in the principal's long-term key. This ciphertext could be used to conduct an off-line dictionary attack against the user's password. - fix for CVE-2014-5352 (#1179856) 'gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)' - fix for CVE-2014-9421 (#1179857) 'kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)' - fix for CVE-2014-9422 (#1179861) 'kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)' - fix for CVE-2014-9423 (#1179863) 'libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)' - fix for CVE-2014-5354 (#1174546) 'krb5: NULL pointer dereference when using keyless entries' - fix for CVE-2014-5353 (#1174543) 'Fix LDAP misused policy name crash' - update to 1.12.2 - drop patch for RT#7820, fixed in 1.12.2 - drop patch for #231147, fixed as RT#3277 in 1.12.2 - drop patch for RT#7818, fixed in 1.12.2 - drop patch for RT#7836, fixed in 1.12.2 - drop patch for RT#7858, fixed in 1.12.2 - drop patch for RT#7924, fixed in 1.12.2 - drop patch for RT#7926, fixed in 1.12.2 - drop patches for CVE-2014-4341/CVE-2014-4342, included in 1.12.2 - drop patch for CVE-2014-4343, included in 1.12.2 - drop patch for CVE-2014-4344, included in 1.12.2 - drop patch for CVE-2014-4345, included in 1.12.2 - incorporate fix for MITKRB5-SA-2014-001 (CVE-2014-4345) - gssapi: