EulerOS Virtualization 2.10.1 : krb5 (EulerOS-SA-2026-1124)

According to the versions of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesse...

MiracleLinux 8 : krb5-1.18.2-29.el8_10 (AXSA:2024-8657:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8657:03 advisory. krb5: GSS message token handling CVE-2024-37371 krb5: GSS message token handling CVE-2024-37370 Tenable has extracted the preceding description bloc...

MiracleLinux 7 : krb5-1.13.2-10.el7 (AXSA:2015-622:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-622:02 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of...

MiracleLinux 4 : krb5-1.8.2-3.AXS4.4 (AXSA:2011-37:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-37:01 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of...

EUVD-2022-45956

Malicious code in bioql PyPI...

Amazon Linux 2023 : krb5-devel, krb5-libs, krb5-pkinit (ALAS2023-2025-1173)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1173 advisory. krb5: overflow when calculating ulog block size CVE-2025-24528 A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to...

Ubuntu: Security Advisory (USN-7542-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Advisory ROSA-SA-2025-2806

Software: krb5 1.18.2 OS: ROSA Virtualization 3.0 packageevrstring: krb5-1.18.2-31.0.1.rv30 CVE-ID: CVE-2024-37370 BDU-ID: 2024-07016 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the implementation of the Kerberos network authentication protocol is associated with a change to the public Extra Cou...

USN-7314-1: Kerberos vulnerabilities

It was discovered that Kerberos incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause Kerberos to consume memory,leading to a denial of service. CVE-2024-26458, CVE-2024-26461 It was discovered that Kerberos incorrectly handled certain memory...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Kerberos vulnerabilities (USN-7314-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7314-1 advisory. It was discovered that Kerberos incorrectly handled certain memory operations. A remote attacker could possibly use this...

Security Bulletin: Vulnerability in MIT Kerberos 5 (aka krb5) affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary Potential vulnerabilities in MIT Kerberos 5 aka krb5 has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. These vulnerabilities have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-37370 DESCRIPTION: MIT...

RHSA-2013:0942 Red Hat Security Advisory: krb5 security update

Bulletin has no description...

Medium: krb5

Issue Overview: lib/kadm5/kadmrpcxdr.c in MIT Kerberos 5 aka krb5 before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because xdrkadm5principalentrec does not validate the relationship between nkeydata and the...

Debian: Security Advisory (DLA-340-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:0014-1 Security update for samba

This update for samba fixes the following issues: Update to 4.15.13 - CVE-2022-37966 rc4-hmac Kerberos session keys issued to modern servers bsc1205385. - CVE-2022-37967 Kerberos constrained delegation ticket forgery possible against Samba AD DC bsc1205386. - CVE-2022-38023 RC4/HMAC-MD5 NetLogon...

Vulnerabilities fixed in QNAP products

QNAP has fixed several vulnerabilities in QTS, the operating system of QNAP NAS systems. The vulnerabilities are are in the SAMBA and Kerberos software used within QTS. used within. The vulnerabilities allow a remote malicious person to able to bypass security measures and thus gain access gain...

Security Bulletin: IBM DataPower Gateway affected by vulnerabilities in Kerberos

Summary IBM has provided explicit mitigation for the following Kerberos CVEs. DataPower did not previously provide the conditions necessary to exploit these CVEs. The explicit mitigations provided here protect against possible future changes that might have made them exploitable. Vulnerability...

Security Bulletin: IBM Security Access Manager Appliance is affected by Kerberos vulnerabilities (CVE-2017-11368, CVE-2017-7562)

Summary IBM Security Access Manager Appliance has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2017-11368 DESCRIPTION: MIT Kerberos 5 is vulnerable to a denial of service, caused by a KDC assertion failure. By sending a specially-crafted request, a remote authenticate...

Ubuntu 14.04 LTS : Kerberos vulnerabilities (USN-2810-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2810-1 advisory. It was discovered that the Kerberos kpasswd service incorrectly handled certain UDP packets. A remote attacker could possibly use this issue to cause...

USN-2810-1 krb5 vulnerabilities

It was discovered that the Kerberos kpasswd service incorrectly handled certain UDP packets. A remote attacker could possibly use this issue to cause resource consumption, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. CVE-2002-2443 It was discovered that Kerberos...