5 matches found
CVE-2026-57915
A flaw was found in Apache Kerby. An attacker can bypass the Kerberos pre-authentication check by sending a Pre-Authentication Data PA-DATA packet with an unrecognized or unsupported type. This vulnerability allows an attacker to circumvent the initial authentication step, potentially leading to...
How Trellix Helix detects AS-REP Roasting in Active Directory
How Trellix Helix detects AS-REP Roasting in Active Directory By Adithya Chandra and Maulik Maheta · November 13, 2025 Executive Summary Adversaries use AS-REP Roasting to extract and crack password hashes from Active Directory AD accounts with Kerberos preauthentication disabled, a...
SUSE CVE-2015-2694
The kdcpreauth modules in MIT Kerberos 5 aka krb5 1.12.x and 1.13.x before 1.13.2 do not properly track whether a client's request has been validated, which allows remote attackers to bypass an intended preauthentication requirement by providing 1 zero bytes of data or 2 an arbitrary realm name,...
DEBIAN-CVE-2015-2694
The kdcpreauth modules in MIT Kerberos 5 aka krb5 1.12.x and 1.13.x before 1.13.2 do not properly track whether a client's request has been validated, which allows remote attackers to bypass an intended preauthentication requirement by providing 1 zero bytes of data or 2 an arbitrary realm name,...
UBUNTU-CVE-2015-2694
The kdcpreauth modules in MIT Kerberos 5 aka krb5 1.12.x and 1.13.x before 1.13.2 do not properly track whether a client's request has been validated, which allows remote attackers to bypass an intended preauthentication requirement by providing 1 zero bytes of data or 2 an arbitrary realm name,...