openSUSE Security Update : krb5 (openSUSE-2015-246)
Medium Nessus Plugin ID 81965
SynopsisThe remote openSUSE host is missing a security update.
Descriptionkrb5 was updated to fix three security issues.
Remote authenticated users could cause denial of service.
On openSUSE 13.1 and 13.2 krb5 was updated to fix the following vulnerabilities :
- bnc#910457: CVE-2014-5353: NULL pointer dereference when using a ticket policy name as password name
- bnc#918595: CVE-2014-5355: krb5: denial of service in krb5_read_message On openSUSE 13.1 krb5 was updated to fix the following vulnerability :
- bnc#910458: CVE-2014-5354: NULL pointer dereference when using keyless entries
SolutionUpdate the affected krb5 packages.