New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 3.6
SynopsisThe remote openSUSE host is missing a security update.
Descriptionkrb5 was updated to fix three security issues.
Remote authenticated users could cause denial of service.
On openSUSE 13.1 and 13.2 krb5 was updated to fix the following vulnerabilities :
- bnc#910457: CVE-2014-5353: NULL pointer dereference when using a ticket policy name as password name
- bnc#918595: CVE-2014-5355: krb5: denial of service in krb5_read_message On openSUSE 13.1 krb5 was updated to fix the following vulnerability :
- bnc#910458: CVE-2014-5354: NULL pointer dereference when using keyless entries
SolutionUpdate the affected krb5 packages.