Lucene search
K

46 matches found

OSV
OSV
added 2026/05/28 3:43 p.m.10 views

RLSA-2023:6699 Moderate: krb5 security and bug fix update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

8.8CVSS6.8AI score0.02107EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2026/05/28 3:43 p.m.17 views

krb5 security and bug fix update

An update is available for krb5. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kerberos is a network authentication system, which can improve the security of...

8.8CVSS5.8AI score0.02107EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/13 9:11 a.m.0 views

CVE-2026-35337

Deserialization of Untrusted Data vulnerability in Apache Storm. Versions Affected: before 2.8.6. Description: When processing topology credentials submitted via the Nimbus Thrift API, Storm deserializes the base64-encoded TGT blob using ObjectInputStream.readObject without any class filtering or...

6.4AI score0.01011EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 9 : krb5-1.21.1-1.el9 (AXSA:2023-6633:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6633:07 advisory. krb5: Denial of service through freeing uninitialized pointer CVE-2023-36054 krb5: double-free in KDC TGS processing CVE-2023-39975 Tenable has...

8.8CVSS7.1AI score0.02107EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.3 views

TencentOS Server 3: idm:DL1 (TSSA-2024:0307)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0307 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.8CVSS7.6AI score0.02053EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-26963

Malware in sbrugna...

6.5CVSS6.3AI score0.02025EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-0046

Malware in sbrugna...

3.7CVSS6.1AI score0.00686EPSS
Exploits2References6
RedhatCVE
RedhatCVE
added 2025/08/09 12:23 a.m.7 views

CVE-2025-54882

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. In versions 0.8.0 through 0.9.21 and 1.0.0-beta through 1.1.0, Himmelblau stores the cloud TGT received during logon in the Kerberos credential cache. The created credential cache collection and received credentials...

7.1CVSS6.2AI score0.00196EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 11:59 a.m.4 views

CVE-2025-24034

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Starting in version 0.7.0 and prior to versions 0.7.15 and 0.8.3, Himmelblau is vulnerable to leaking credentials in debug logs. When debug logging is enabled, user access tokens are inadvertently logged, potentially...

3.2CVSS6.9AI score0.00195EPSS
Exploits0References1
Metasploit
Metasploit
added 2025/05/16 6:51 p.m.390 views

Gather Ticket Granting Service (TGS) tickets for User Service Principal Names (SPN)

This module will try to find Service Principal Names that are associated with normal user accounts. Since normal accounts' passwords tend to be shorter than machine accounts, and knowing that a TGS request will encrypt the ticket with the account the SPN is running under, this could be used for a...

5.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2023/11/07 8:49 a.m.27 views

krb5: double-free in KDC TGS processing

A vulnerability was found in MIT krb5, where an authenticated attacker can cause a KDC to free the same pointer twice if it can induce a failure in authorization data handling...

8.8CVSS7.1AI score0.01229EPSS
Exploits0References5
OSV
OSV
added 2023/06/22 5:15 p.m.3 views

DEBIAN-CVE-2023-3326

pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pamkrb5 has no way to validate...

9.8CVSS8.5AI score0.01098EPSS
Exploits0References1
OSV
OSV
added 2023/06/22 5:15 p.m.14 views

UBUNTU-CVE-2023-3326

pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pamkrb5 has no way to validate...

9.8CVSS5.8AI score0.01098EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/06/22 4:37 p.m.21 views

CVE-2023-3326 Network authentication attack via pam_krb5

pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pamkrb5 has no way to validate...

7.1AI score0.01098EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:0 a.m.1 views

SUSE CVE-2010-0283

The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service assertion failure and daemon crash via an invalid 1 AS-REQ or 2 TGS-REQ request...

7.8CVSS6.9AI score0.02429EPSS
Exploits0References5
Metasploit
Metasploit
added 2023/01/27 7:49 p.m.709 views

Active Directory Certificate Services (ADCS) privilege escalation (Certifried)

This module exploits a privilege escalation vulnerability in Active Directory Certificate Services ADCS to generate a valid certificate impersonating the Domain Controller DC computer account. This certificate is then used to authenticate to the target as the DC account using PKINIT...

9CVSS7.4AI score0.83277EPSS
Exploits8
Metasploit
Metasploit
added 2023/01/27 7:49 p.m.340 views

Kerberos TGT/TGS Ticket Requester

This module requests TGT/TGS Kerberos tickets from the KDC Module Options msf use auxiliary/admin/kerberos/getticket msf auxiliarygetticket show actions ...actions... msf auxiliarygetticket set ACTION msf auxiliarygetticket show options ...show and set options... msf auxiliarygetticket run This...

5.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2021/11/23 5:24 p.m.2 views

krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field

A flaw was found in krb5. The Key Distribution Center KDC in MIT Kerberos 5 has a NULL pointer dereference via a FAST inner body that lacks a server field. An authenticated attacker could use this flaw to crash the Kerberos KDC server. The highest threat from this vulnerability is to system...

6.5CVSS6.8AI score0.02166EPSS
Exploits0References4
OSV
OSV
added 2021/11/05 11:3 a.m.2 views

OESA-2021-1417 samba security update

Security Fixes: A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ Ticket Granting Server - Request. An authenticated user could use this flaw to crash the samba server.CVE-2021-3671...

6.5CVSS6.6AI score0.02025EPSS
Exploits0References2
OSV
OSV
added 2021/10/12 6:15 p.m.3 views

ALPINE-CVE-2021-3671

A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ Ticket Granting Server - Request. An authenticated user could use this flaw to crash the samba server...

6.5CVSS6.7AI score0.02025EPSS
Exploits0References1
Rows per page
Query Builder