Back to search
CVE-2019-3467
Published: Dec 23, 2019
Modified: Aug 4, 2024
PUBLISHED
Description
Debian-edu-config all versions < 2.11.10, a set of configuration files used for Debian Edu, and debian-lan-config < 0.26, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other Kerberos user principals.
| Vendor | Product | Versions |
|---|---|---|
Debian | Debian Edu | affected all versions < 2.11.10 |
References
[debian-lts-announce] 20191218 [SECURITY] [DLA 2041-1] debian-edu-config security update
mailing-list
x_refsource_MLIST
20191218 [SECURITY] [DSA 4589-1] debian-edu-config security update
mailing-list
x_refsource_BUGTRAQ
DSA-4589
vendor-advisory
x_refsource_DEBIAN
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946797
x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2019-3467
x_refsource_CONFIRM
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947459
x_refsource_CONFIRM
DSA-4595
vendor-advisory
x_refsource_DEBIAN
20191229 [SECURITY] [DSA 4595-1] debian-lan-config security update
mailing-list
x_refsource_BUGTRAQ
[debian-lts-announce] 20200115 [SECURITY] [DLA 2063-1] debian-lan-config security update
mailing-list
x_refsource_MLIST
USN-4530-1
vendor-advisory
x_refsource_UBUNTU
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now