7 matches found
TencentOS Server 3: krb5 (TSSA-2025:0454)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0454 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems
A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an...
EUVD-2015-2784
Malware in sbrugna...
krb5: GSS message token handling
A vulnerability was found in the MIT Kerberos 5 GSS krb5 wrap token, where an attacker can modify the plaintext Extra Count field, causing the unwrapped token to appear truncated to the application, occurs when the attacker alters the token data during transmission which can lead to improper...
PT-2022-3274 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the implementation of the Kerberos protocol in Windows operating systems, specifically due to insufficient access restrictions. This allows a remote attacker to...
The vulnerability of the CentOS operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the pamkrb5-2.6.14 package of the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out locally...
DEBIAN-CVE-2011-1530
The processtgsreq function in dotgsreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.9 through 1.9.2 allows remote authenticated users to cause a denial of service NULL pointer dereference and daemon crash via a crafted TGS request that triggers an error other than the...