Astra Linux – Vulnerability in Heimdal

Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial-of-service vulnerability in Heimdal’s PKI certificate validation library. This vulnerability affects the KDC via PKINIT and kinit via PKINIT, as well as any third-party applications...

Astra Linux – Vulnerability in krb5

In kdc/kdcpreauthec.c of the Key Distribution Center KDC in MIT Kerberos 5 also known as krb5, before versions 1.18.4 and 1.19.x, and before version 1.19.2, remote attackers could exploit a vulnerability that led to a NULL pointer dereferencing and a crash of the daemon. This occurs because the...

Siemens RuggedCom Rox Use of Weak Hash (CVE-2025-3576)

A vulnerability in the MIT Kerberos implementation allows GSSAPI- protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This m...

Linux Distros Unpatched Vulnerability : CVE-2026-11850

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer underflow vulnerability was found in MIT krb5 in the berval2tldata function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c. The function performs an...

CVE-2026-11850

An integer underflow vulnerability was found in MIT krb5 in the berval2tldata function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c. The function performs an unsigned subtraction bvlen - 2 without a prior bounds check. When bvlen is 0 or 1, the subtraction wraps to a large value which is then...

CVE-2026-42914

Windows Kerberos Denial of Service Vulnerability...

RHEL 9 : krb5 (RHSA-2026:24683)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:24683 advisory. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending password...

microsoft windows kerberos 缓冲区错误漏洞

Microsoft Windows Kerberos is a software developed by Microsoft for authentication in network clusters. As a network authentication protocol, its primary goal is to provide robust authentication services for client/server applications through a key system. There is a buffer error vulnerability...

RLSA-2026:19145 Important: krb5 security update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

Alibaba Cloud Linux 3 : 0118: krb5 (ALINUX3-SA-2026:0118)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0118 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-40355: A flaw was found in MIT...

Debian dsa-6293 : krb5-admin-server - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6293 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6293-1 [email protected] https://www.debian.org/security/...

Astra Linux - уязвимость в krb5

In MIT Kerberos 5 also known as krb5, before version 1.18.5 and 1.19.x, before version 1.19.3, the Key Distribution Center KDC has a NULL pointer dereference in the kdc/dotgsreq.c file, through a FAST inner body that lacks a server field...

RHEL 9 : krb5 (RHSA-2026:19357)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19357 advisory. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending...

AlmaLinux 8 : krb5 (ALSA-2026:16799)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:16799 advisory. krb5: MIT Kerberos 5 krb5: Denial of Service via integer underflow and out-of-bounds read CVE-2026-40356 krb5: MIT Kerberos 5: Denial of Service via NULL...

CentOS 9 : krb5-1.21.1-10.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the krb5-1.21.1-10.el9 build changelog. - In MIT Kerberos 5 aka krb5 before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls...

SUSE CVE-2026-40356

In MIT Kerberos 5 aka krb5 before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process t...

Linux Distros Unpatched Vulnerability : CVE-2026-40355

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism...

CVE-2026-40356

A flaw was found in MIT Kerberos 5 krb5. An unauthenticated remote attacker can exploit an integer underflow and an out-of-bounds read vulnerability by calling gssacceptseccontext on a system with a NegoEx mechanism registered. This can lead to the process terminating, resulting in a Denial of...

MIT Kerberos 代码问题漏洞

MIT Kerberos is a software used by the Massachusetts Institute of Technology MIT for authentication in network clusters. As a network authentication protocol, its design goal is to provide robust authentication services for client/server applications through a key system. Prior to version 5.1.2.3...

MIT Kerberos 数字错误漏洞

MIT Kerberos is a software used by the Massachusetts Institute of Technology MIT for authentication in network clusters. As a network authentication protocol, its design goal is to provide robust authentication services for client/server applications through a key system. Prior to version 5.1.2.3...