EUVD-2000-0547

Malware in sbrugna...

EUVD-2022-35810

Malicious code in bioql PyPI...

Oracle Linux 8 : idm:DL1 (ELSA-2024-0143)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0143 advisory. - Resolves: 2242828 Invalid CSRF protection CVE-2023-5455 ipa-healthcheck opendnssec python-jwcrypto python-kdcproxy Tenable has extracted the precedin...

Important: Red Hat Enhancement Advisory: krb5 bug fix update

An update for krb5 is now available for Red Hat Enterprise Linux 8. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to...

OPENSUSE-SU-2021:3454-1 Security update for krb5

This update for krb5 fixes the following issues: - CVE-2021-37750: Fixed KDC null pointer dereference via a FAST inner body that lacks a server field bsc1189929...

SUSE-SU-2021:3454-1 Security update for krb5

This update for krb5 fixes the following issues: - CVE-2021-37750: Fixed KDC null pointer dereference via a FAST inner body that lacks a server field bsc1189929...

Moderate: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

AZL-10661 CVE-2020-17049 affecting package samba 4.12.5-7

A security feature bypass vulnerability exists in the way Key Distribution Center KDC determines if a service ticket can be used for delegation via Kerberos Constrained Delegation KCD. To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service...

SUSE-SU-2016:2136-1 Security update for krb5

This update for krb5 fixes the following issues: - CVE-2016-3120: KDC NULL Pointer Dereference Denial Of Service Vulnerability bsc991088...

DEBIAN-CVE-2012-1015

The kdchandleprotectednegotiation function in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.8.x, 1.9.x before 1.9.5, and 1.10.x before 1.10.3 attempts to calculate a checksum before verifying that the key type is appropriate for a checksum, which allows remote attackers to execute...

Moderate: Red Hat Security Advisory: krb5 security update

Updated krb5 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2010-4021

The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 does not properly restrict the use of TGT credentials for armoring TGS requests, which might allow remote authenticated users to impersonate a client by rewriting an inner request, aka a "KrbFastReq forgery issue."...

MIT Kerberos V5 KDC vulnerable to denial-of-service via null pointer dereference

Overview A vulnerability exists in MIT Kerberos V5 Key Distribution Center that may allow attackers to crash multiple KDC servers within the same realm. Description The MIT Kerberos V5 Key Distribution Center KDC contains a vulnerability that allows certain protocol requests to crash the KDC by...