gssapi software vulnerabilities
vulnerabilities.aspcode.net
Searching gssapi software vulnerabilities
sshd in OpenSSH before 4.2, when GSSAPIDelegate
GSSAPIDelegateCredentials
|
credentials
|
non-GSSAPI
|
delegated
|
untrusted
|
OpenSSH
|
clients
|
methods
|
exposed
|
enabled
|
before
|
allows
|
GSSAPI
|
cause
|
those
|
users
|
using
|
hosts
|
could
|
which
|
sshd
|
log
|
sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
Signal handler race condition in OpenSSH before
condition
|
attackers
|
OpenSSH
|
service
|
handler
|
remote
|
denial
|
Signal
|
before
|
allows
|
cause
|
race
|
Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.
Unspecified vulnerability in portable OpenSSH b
"authentication
|
vulnerability
|
Unspecified
|
determine
|
attackers
|
involving
|
usernames
|
platforms
|
validity
|
portable
|
vectors
|
unknown
|
OpenSSH
|
running
|
GSSAPI
|
allows
|
remote
|
abort"
|
before
|
some
|
via
|
Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort."
The gssrpc__svcauth_gssapi function in the RPC
gssrpc__svcauth_gssapi
|
Kerberos
|
function
|
library
|
MIT
|
RPC
|
The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup.
Software vulnerabilities results 1 to 5 of 5
Page:
1