GHSA-7J6W-VVW2-5F9C OpenBao's Kerberos Auth Method Accumulates Unaccessible Tokens

Impact In OpenBao's Kerberos auth method on the GET handler, or when an Authorization: Negotiate header is supplied, the response is includes a logical.Auth object in addition to an error message. This results in tokens being created with only the default policy, default TTL, and no entity...

Important: krb5 security update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

nimrm 1.2.0

nimrm is a native WinRM interactive shell client written in Nim. It's designed to be a compact and fast tool for system administration and authorized security testing. Key features include NTLM and Kerberos authentication, in-memory operations, file transfers, OPSEC awareness, and cross platform...

EulerOS 2.0 SP12 : sssd (EulerOS-SA-2026-1382)

According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, th...

CVE-2026-2303

The mongo-go-driver repository contains CGo bindings for GSSAPI Kerberos authentication on Linux and macOS. The C wrapper implementation contains a heap out-of-bounds read vulnerability due to incorrect assumptions about string termination in the GSSAPI standard. Since GSSAPI buffers are not...

AZL-77559 CVE-2026-2303 affecting package telegraf 1.31.0-12

The mongo-go-driver repository contains CGo bindings for GSSAPI Kerberos authentication on Linux and macOS. The C wrapper implementation contains a heap out-of-bounds read vulnerability due to incorrect assumptions about string termination in the GSSAPI standard. Since GSSAPI buffers are not...

CVE-2026-2303

The CVE-2026-2303 entry affects the mongo-go-driver CGo bindings for GSSAPI (Kerberos) authentication on Linux/macOS. The disclosed root cause is a heap out-of-bounds read in the C wrapper implementation caused by incorrect assumptions about string termination in GSSAPI: GSSAPI buffers are not gu...

K000159874: SSSD vulnerability CVE-2025-11561

Security Advisory Description A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is...

Azure Linux 3.0 Security Update: samba (CVE-2020-25719)

The version of samba installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-25719 advisory. - A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name- based...

MiracleLinux 4 : sssd-1.12.4-47.AXS4.4 (AXSA:2015-557:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-557:03 advisory. Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a...

MiracleLinux 7 : sssd-1.13.0-40.el7 (AXSA:2015-829:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-829:03 advisory. Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a...

SUSE-SU-2025:21144-1 Security update for mysql-connector-java

This update for mysql-connector-java fixes the following issues: - Upgrade to Version 9.3.0 - CVE-2025-30706: Fixed Connector/J vulnerability bsc1241693 - Updatable ResultSet fails with 'Parameter index out of range'. - Fixed Resultset UPDATE methods not checking validity of ResultSet. -...

Alibaba Cloud Linux 3 : 0167: sssd (ALINUX3-SA-2025:0167)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0167 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-11561: A flaw was found in the integration...

Red Hat System Security Services Daemon 安全漏洞

Red Hat System Security Services Daemon is a daemon component in Linux from Red Hat USA. A security vulnerability exists in Red Hat System Security Services Daemon, which stems from a misconfiguration of the Kerberos native authentication plugin that could lead to unauthorized access or elevation...

CVE-2025-36244

IBM AIX 7.2, 7.3, IBM VIOS 3.1, and 4.1, when configured to use Kerberos network authentication, could allow a local user to write to files on the system with root privileges due to improper initialization of critical variables...

Microsoft Still Uses RC4

Senator Ron Wyden has asked the Federal Trade Commission to investigate Microsoft over its continued use of the RC4 encryption algorithm. The letter talks about a hacker technique called Kerberoasting, that exploits the Kerberos authentication system...

PT-2025-37994

Name of the Vulnerable Software and Affected Versions: IBM AIX versions 7.2 through 7.3 IBM VIOS versions 3.1 through 4.1 Description: IBM AIX and VIOS, when configured to use Kerberos network authentication, may allow a local user to gain root privileges by writing to files on the system due to...

SUSE CVE-2025-38562

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference error in generateencryptionkey If client send two session setups with krb5 authenticate to ksmbd, null pointer dereference error in generateencryptionkey could happen. sess-PreauthHashValue is...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from ksmbd not properly handling sess-user references in Kerberos authentication, which could lead to reuse after...

Microsoft Windows Kerberos 安全漏洞

Microsoft Windows Kerberos is a software for authentication in network clusters from Microsoft Corporation USA.Kerberos also serves as a network authentication protocol designed to provide strong authentication services to client/server applications through a key system. A security vulnerability...