Showing 1 - 7 of 7

CVE-2020-17049

Status Candidate

Overview

A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD). To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service ticket that is not valid for delegation to force the KDC to accept it. The update addresses this vulnerability by changing how the KDC validates service tickets used with KCD.

Related Files

Red Hat Security Advisory 2024-0252-03: Posted Jan 16, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0252-03 - An update for krb5 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include bypass and cross site request forgery vulnerabilities.; tags | advisory, vulnerability, csrf; systems | linux, redhat; advisories | CVE-2020-17049; SHA-256 | d61da2c121b751ae21f9658eb6dd9d4e748b91cf53d65ff7171ed809205f5b3c; Download | Favorite | View

Red Hat Security Advisory 2024-0143-03: Posted Jan 11, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0143-03 - An update for the idm:DL1 module is now available for Red Hat Enterprise Linux 8. Issues addressed include bypass and cross site request forgery vulnerabilities.; tags | advisory, vulnerability, csrf; systems | linux, redhat; advisories | CVE-2020-17049; SHA-256 | ed263fcd00e905feb0d56ab66b6da8c898926128807cd8730d82916278431d2d; Download | Favorite | View

Red Hat Security Advisory 2024-0139-03: Posted Jan 11, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0139-03 - An update for the idm:DL1 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include bypass and cross site request forgery vulnerabilities.; tags | advisory, vulnerability, csrf; systems | linux, redhat; advisories | CVE-2020-17049; SHA-256 | 1c21a180228e33f381c5bb56dd3154778ba4bc784b1c29509eaacb59f1155d64; Download | Favorite | View

Red Hat Security Advisory 2024-0137-03: Posted Jan 11, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0137-03 - An update for the idm:DL1 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include bypass and cross site request forgery vulnerabilities.; tags | advisory, vulnerability, csrf; systems | linux, redhat; advisories | CVE-2020-17049; SHA-256 | 02af0441807d42c48dd626579074780a566e0ebf93b49489088105f90f69b4a5; Download | Favorite | View

Gentoo Linux Security Advisory 202309-06: Posted Sep 18, 2023; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202309-6 - Multiple vulnerabilities have been discovered in Samba, the worst of which could result in root remote code execution. Versions greater than or equal to 4.18.4 are affected.; tags | advisory, remote, root, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2007-4559, CVE-2016-2124, CVE-2020-17049, CVE-2020-25717, CVE-2020-25718, CVE-2020-25719, CVE-2020-25721, CVE-2020-25722, CVE-2021-20251, CVE-2021-20316, CVE-2021-23192, CVE-2021-3670, CVE-2021-3738, CVE-2021-44141; SHA-256 | 6a49581d3fdfb4a2202121f6c5b6544b859edc2a8b279089f9dbccf4ce66b153; Download | Favorite | View

Red Hat Security Advisory 2023-3742-02: Posted Jun 23, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3742-02 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. Issues addressed include bypass, denial of service, and remote SQL injection vulnerabilities.; tags | advisory, remote, denial of service, vulnerability, sql injection; systems | linux, redhat; advisories | CVE-2015-20107, CVE-2018-25032, CVE-2020-10735, CVE-2020-16250, CVE-2020-16251, CVE-2020-17049, CVE-2021-28861, CVE-2021-3765, CVE-2021-3807, CVE-2021-4231, CVE-2021-4235, CVE-2021-4238, CVE-2021-43519, CVE-2021-43998; SHA-256 | 80569651d5cc8033bbdb7f6416fafc8f5509382decbdaab9937ba65ff11a16de; Download | Favorite | View

Red Hat Security Advisory 2023-2570-01: Posted May 9, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-2570-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include bypass and double free vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2020-17049; SHA-256 | d7f905ae4ee440bae464a26e86acadae1d7eba9c076e3793d5eeb8825d328465; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 293 files
Ubuntu 63 files
Debian 33 files
Gentoo 28 files
LiquidWorm 10 files
nu11secur1ty 7 files
Adam Gowdiak 4 files
kai6u 3 files
gabe_k 3 files
liquidsky 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,036)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,495)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,567)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,739)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,489)
UNIX (9,397)
UnixWare (187)
Windows (6,656)
Other

CVE-2020-17049

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems