Lucene search
Copyright (C) 2020 Greenbone AGOPENVAS:1361412562310892437HistoryNov 08, 2020 - 12:00 a.m.
Debian: Security Advisory (DLA-2437-1)
2020-11-0800:00:00
Copyright (C) 2020 Greenbone AG
plugins.openvas.org
7
debian 9 stretch
krb5
denial of service
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.8
Confidence
High
EPSS
0.006
Percentile
78.1%
The remote host is missing an update for the Debian
# SPDX-FileCopyrightText: 2020 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.892437");
script_cve_id("CVE-2020-28196");
script_tag(name:"creation_date", value:"2020-11-08 04:00:10 +0000 (Sun, 08 Nov 2020)");
script_version("2024-02-02T05:06:07+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:07 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2020-11-16 15:16:49 +0000 (Mon, 16 Nov 2020)");
script_name("Debian: Security Advisory (DLA-2437-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2020 Greenbone AG");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB9");
script_xref(name:"Advisory-ID", value:"DLA-2437-1");
script_xref(name:"URL", value:"https://www.debian.org/lts/security/2020/DLA-2437-1");
script_xref(name:"URL", value:"https://wiki.debian.org/LTS");
script_tag(name:"summary", value:"The remote host is missing an update for the Debian 'krb5' package(s) announced via the DLA-2437-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"It was discovered that there was a denial of service vulnerability in the MIT Kerberos network authentication system, krb5. The lack of a limit in the ASN.1 decoder could lead to infinite recursion and allow an attacker to overrun the stack and cause the process to crash.
CVE-2020-28196
For Debian 9 Stretch, these problems have been fixed in version 1.15-1+deb9u2.
We recommend that you upgrade your krb5 packages.
Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: [link moved to references]");
script_tag(name:"affected", value:"'krb5' package(s) on Debian 9.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "DEB9") {
if(!isnull(res = isdpkgvuln(pkg:"krb5-admin-server", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"krb5-doc", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"krb5-gss-samples", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"krb5-k5tls", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"krb5-kdc", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"krb5-kdc-ldap", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"krb5-kpropd", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"krb5-locales", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"krb5-multidev", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"krb5-otp", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"krb5-pkinit", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"krb5-user", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libgssapi-krb5-2", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libgssrpc4", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libk5crypto3", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libkadm5clnt-mit11", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libkadm5srv-mit11", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libkdb5-8", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libkrad-dev", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libkrad0", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libkrb5-3", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libkrb5-dbg", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libkrb5-dev", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libkrb5support0", ver:"1.15-1+deb9u2", rls:"DEB9"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
oraclelinux
oraclelinux
krb5 security update
2021-06-11 00:00:00
krb5 security update
2021-05-25 00:00:00
ubuntucve
ubuntucve
CVE-2020-28196
2020-11-06 00:00:00
nessus
nessus
EulerOS Virtualization 3.0.2.2 : krb5 (EulerOS-SA-2021-2141)
2021-07-06 00:00:00
Debian DLA-2437-1 : krb5 security update
2020-11-09 00:00:00
RHEL 8 : krb5 (RHSA-2021:1593)
2021-05-19 00:00:00
cve
cve
CVE-2020-28196
2020-11-06 08:15:13
gentoo
gentoo
MIT Kerberos 5: Denial of service
2020-11-16 00:00:00
almalinux
almalinux
Moderate: krb5 security update
2021-05-18 05:36:22
cbl_mariner
cbl_mariner
CVE-2020-28196 affecting package krb5 1.17-4
2021-11-03 19:21:15
openvas
openvas
Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2021-1312)
2021-02-22 00:00:00
Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2021-1605)
2021-03-12 00:00:00
Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2021-1544)
2021-03-05 00:00:00
debian
debian
[SECURITY] [DSA 4795-1] krb5 security update
2020-11-21 18:19:03
[SECURITY] [DLA 2437-1] krb5 security update
2020-11-07 12:38:26
ubuntu
ubuntu
Kerberos vulnerability
2020-11-17 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: krb5-1.17-47.fc31
2020-11-21 01:52:13
[SECURITY] Fedora 32 Update: krb5-1.18.2-29.fc32
2020-11-14 01:23:43
[SECURITY] Fedora 33 Update: krb5-1.18.2-29.fc33
2020-11-09 01:13:38
debiancve
debiancve
CVE-2020-28196
2020-11-06 08:15:13
redhatcve
redhatcve
CVE-2020-28196
2020-11-24 11:22:53
suse
suse
Security update for krb5 (moderate)
2020-11-27 00:00:00
Security update for krb5 (moderate)
2020-11-26 00:00:00
rocky
rocky
krb5 security update
2021-05-18 05:36:22
prion
prion
Code injection
2020-11-06 08:15:00
osv
osv
CVE-2020-28196
2020-11-06 08:15:13
krb5 vulnerability
2020-11-17 13:35:56
krb5 - security update
2020-11-07 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package krb5 version 1.17.2-alt1
2020-11-24 00:00:00
mageia
mageia
Updated krb5 packages fix a security vulnerability
2021-01-14 18:13:25
veracode
veracode
Denial Of Service
2020-11-24 10:12:56
alpinelinux
alpinelinux
CVE-2020-28196
2020-11-06 08:15:13
nvd
nvd
CVE-2020-28196
2020-11-06 08:15:13
cvelist
cvelist
CVE-2020-28196
2020-11-06 07:07:38
ibm
ibm
amazon
amazon
Medium: krb5
2022-09-09 10:48:00
cloudfoundry
cloudfoundry
USN-4635-1: Kerberos vulnerability | Cloud Foundry
2021-01-12 00:00:00
redhat
redhat
(RHSA-2021:1593) Moderate: krb5 security update
2021-05-18 05:36:22
(RHSA-2021:2239) Moderate: Red Hat Virtualization Host security update [ovirt-4.4.6]
2021-06-03 08:43:27
(RHSA-2021:2705) Moderate: Release of OpenShift Serverless 1.16.0
2021-07-13 16:31:04
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2022-3.0-0342
2021-12-12 00:00:00
Important Photon OS Security Update - PHSA-2021-3.0-0342
2021-12-12 00:00:00
Important Photon OS Security Update - PHSA-2021-0455
2021-11-30 00:00:00
freebsd
freebsd
MySQL -- Multiple vulnerabilities
2021-04-20 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2021
2021-07-20 00:00:00
Oracle Critical Patch Update Advisory - April 2021
2021-04-20 00:00:00
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.8
Confidence
High
EPSS
0.006
Percentile
78.1%
Related for OPENVAS:1361412562310892437