Lucene search
+L

18 matches found

Cvelist
Cvelist
added 2025/04/08 5:23 p.m.21 views

CVE-2025-27479 Kerberos Key Distribution Proxy Service Denial of Service Vulnerability

...

7.5CVSS0.02017EPSS
Exploits0References1
OSV
OSV
added 2024/08/13 12:0 a.m.24 views

ALSA-2024:5312 Moderate: krb5 security update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

9.1CVSS8.5AI score0.01863EPSS
Exploits0References6
Microsoft KB
Microsoft KB
added 2024/01/09 8:0 a.m.200 views

January 9, 2024—KB5034129 (OS Build 20348.2227)

None None...

8.8CVSS6.8AI score0.22773EPSS
Exploits9
RedHat Linux
RedHat Linux
added 2023/05/09 10:11 a.m.44 views

Moderate: Red Hat Security Advisory: krb5 security, bug fix, and enhancement update

An update for krb5 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

9CVSS6.8AI score0.13794EPSS
Exploits0References14
Microsoft KB
Microsoft KB
added 2023/01/26 8:0 a.m.332 views

November 8, 2022—KB5019970 (OS Build 10240.19567) - EXPIRED

None None...

8.8CVSS6.8AI score0.24623EPSS
Exploits1
Fedora
Fedora
added 2022/11/30 1:36 a.m.55 views

[SECURITY] Fedora 37 Update: heimdal-7.7.1-3.fc37

Kerberos 5 is a network authentication and single sign-on system. Heimdal is a free Kerberos 5 implementation without export restrictions written from the spec rfc1510 and successors including advanced features like thread safety, IPv6, master-slave replication of Kerberos Key Distribution Center...

9.8CVSS1.7AI score0.06419EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/11/30 12:0 a.m.37 views

Fedora: Security Advisory for heimdal (FEDORA-2022-cbbd105d08)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.9AI score0.02025EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/05/13 12:0 a.m.13 views

The vulnerability of the Kerberos KDC component of the Active Directory service for Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Kerberos KDC component of the Active Directory catalog service on Windows operating systems is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...

9CVSS7.9AI score0.83277EPSS
Exploits8References4
NCSC
NCSC
added 2021/08/23 12:0 a.m.5 views

Vulnerability fixed in Kerberos KDC

MIT has fixed a vulnerability in Kerberos. A malicious could potentially exploit the vulnerability to cause a denial-of-service cause in the KDC. -= Fedora =- Fedora has made updates available for Fedora 34. You can install these updates by using the command 'dnf' or 'yum'. More information about...

6.5CVSS8.8AI score0.02166EPSS
Exploits0
Palo Alto Networks
Palo Alto Networks
added 2020/05/13 4:0 p.m.81 views

PAN-OS: Spoofed Kerberos key distribution center authentication bypass

An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS by failing to verify the integrity of the Kerberos key distribution center KDC before authenticating users. This affects all forms of authentication that use ...

8.1CVSS2AI score0.01297EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2019/09/04 11:7 a.m.4 views

Moderate: Red Hat Bug Fix Advisory: krb5 bug fix update

Updated krb5 packages that fix one bug are now available for Red Hat Enterprise Linux 7. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients an...

5.3CVSS6.5AI score0.01417EPSS
Exploits0
OSV
OSV
added 2016/08/01 2:59 a.m.3 views

UBUNTU-CVE-2016-3120

The validateasrequest function in kdcutil.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.13.6 and 1.4.x before 1.14.3, when restrictanonymoustotgt is enabled, uses an incorrect client data structure, which allows remote authenticated users to cause a denial of service NU...

6.5CVSS6.7AI score0.0462EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2014/09/16 5:28 a.m.5 views

krb5: KDC remote DoS (NULL pointer dereference and daemon crash)

It was found that if a KDC served multiple realms, certain requests could cause the setupserverrealm function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request...

4CVSS7.1AI score0.02608EPSS
Exploits0References4
Snyk
Snyk
added 2011/02/10 6:0 p.m.4 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service NULL pointer dereference or buffer over-read, and...

5.3CVSS7AI score0.03475EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2010/01/19 12:0 a.m.19 views

RedHat Update for krb5 RHSA-2010:0029-01

Check for the Version of krb5 OpenVAS Vulnerability Test RedHat Update for krb5 RHSA-2010:0029-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

10CVSS6.1AI score0.07411EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2010/01/19 12:0 a.m.24 views

CentOS Update for krb5-devel CESA-2010:0029 centos4 i386

Check for the Version of krb5-devel OpenVAS Vulnerability Test CentOS Update for krb5-devel CESA-2010:0029 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

10CVSS6.8AI score0.07411EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2010/01/15 12:0 a.m.31 views

Ubuntu: Security Advisory (USN-879-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.5AI score0.40345EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2010/01/06 4:57 a.m.60 views

USN-879-1: Kerberos vulnerability

Jeff Blaine, Radoslav Bodo, Jakob Haufe, and Jorgen Wahlsten discovered that the Kerberos Key Distribution Center service did not correctly verify certain network traffic. An unauthenticated remote attacker could send a specially crafted request that would cause the KDC to crash, leading to a...

5CVSS7.1AI score0.40345EPSS
Exploits1
Rows per page
Query Builder