Lucene search
F5F5:K16442HistoryApr 15, 2015 - 12:00 a.m.
K16442 : MIT Kerberos 5 vulnerability CVE-2014-9422
2015-04-1500:00:00
my.f5.com
35
Security Advisory Description
The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadmind in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 allows remote authenticated users to bypass a kadmin/* authorization check and obtain administrative access by leveraging access to a two-component principal with an initial “kadmind” substring, as demonstrated by a “ka/x” principal. (CVE-2014-9422)
Impact
An authenticated remote attacker may be able to gain admin privilege escalation to an ARX system configured to perform Kerberos authentication.
Related
veracode
veracode
Privilege Escalation
2019-05-02 05:13:02
Arbitrary Code Execution
2019-05-02 05:13:02
nvd
nvd
CVE-2014-9422
2015-02-19 11:59:06
prion
prion
Authorization
2015-02-19 11:59:00
cvelist
cvelist
CVE-2014-9422
2015-02-19 11:00:00
ubuntucve
ubuntucve
CVE-2014-9422
2015-02-03 00:00:00
cve
cve
CVE-2014-9422
2015-02-19 11:59:06
f5
f5
SOL16442 - MIT Kerberos 5 vulnerability CVE-2014-9422
2015-04-15 00:00:00
debiancve
debiancve
CVE-2014-9422
2015-02-19 11:59:06
freebsd
freebsd
krb5 -- Vulnerabilities in kadmind, libgssrpc, gss_process_context_token VU#540092
2015-02-03 00:00:00
krb5 1.12 -- New release/fix multiple vulnerabilities
2015-02-20 00:00:00
krb5 1.11 -- New release/fix multiple vulnerabilities
2015-02-25 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:0257-1)
2021-06-09 00:00:00
SUSE: Security Advisory for krb5 (SUSE-SU-2015:0257-1)
2015-10-13 00:00:00
Debian Security Advisory DSA 3153-1 (krb5 - security update)
2015-02-03 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package krb5 version 1.13-alt3
2015-02-08 00:00:00
Security fix for the ALT Linux 7 package krb5 version 1.13-alt3
2015-02-08 00:00:00
Security fix for the ALT Linux 9 package krb5 version 1.13-alt3
2015-02-08 00:00:00
debian
debian
[SECURITY] [DSA 3153-1] krb5 security update
2015-02-03 20:50:06
[SECURITY] [DLA 146-1] krb5 security update
2015-02-07 10:52:32
mageia
mageia
Updated krb5 packages fix security vulnerabilities
2015-02-15 18:57:20
securityvulns
securityvulns
MIT Kerberos 5 multiple security vulnerabilities
2015-02-11 00:00:00
nessus
nessus
Debian DLA-146-1 : krb5 security update
2015-03-26 00:00:00
FreeBSD : krb5 -- Vulnerabilities in kadmind, libgssrpc, gss_process_context_token VU#540092 (24ce5597-acab-11e4-a847-206a8a720317)
2015-02-05 00:00:00
SuSE 11.3 Security Update : krb5 (SAT Patch Number 10282)
2015-02-12 00:00:00
osv
osv
krb5 - security update
2015-02-03 00:00:00
krb5 - security update
2015-02-07 00:00:00
suse
suse
Security update for krb5 (important)
2015-02-11 18:08:30
Security update for krb5 (important)
2015-02-16 14:05:49
Security update for krb5 (important)
2015-02-16 15:04:57
ibm
ibm
aix
aix
Multiple Security vulnerabilities in IBM NAS(kerberos)
2015-05-21 05:06:05
redhat
redhat
(RHSA-2015:0794) Moderate: krb5 security update
2015-04-09 00:00:00
(RHSA-2015:0439) Moderate: krb5 security, bug fix and enhancement update
2015-03-05 00:00:00
amazon
amazon
Medium: krb5
2015-05-05 15:44:00
centos
centos
krb5 security update
2015-04-09 11:47:52
krb5 security update
2015-03-17 13:28:30
oraclelinux
oraclelinux
krb5 security update
2015-04-09 00:00:00
krb5 security, bug fix and enhancement update
2015-03-11 00:00:00
archlinux
archlinux
krb5: multiple issues
2015-02-17 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: krb5-1.12.2-14.fc21
2015-03-12 16:33:54
[SECURITY] Fedora 21 Update: krb5-1.12.2-17.fc21
2015-06-21 00:28:50
[SECURITY] Fedora 20 Update: krb5-1.11.5-18.fc20
2015-03-09 08:18:34
ubuntu
ubuntu
Kerberos vulnerabilities
2015-02-10 00:00:00