16 matches found
CVE-2025-24528
In MIT Kerberos 5 aka krb5 before 1.22 with incremental propagation, there is an integer overflow for a large update size to resize in kdblog.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash...
CVE-2025-24528
CVE-2025-24528 affects MIT Kerberos 5 (krb5) up to but not including 1.22; the issue is an integer overflow in kdb_log.c during a large update resize, which can cause an out-of-bounds write and crash the kadmind daemon after authentication. Public references consistently describe the vulnerabilit...
EUVD-2009-0920
Malware in sbrugna...
EulerOS 2.0 SP13 : krb5 (EulerOS-SA-2025-1619)
According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in krb5. With incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped...
Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2025-1522)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP12 : krb5 (EulerOS-SA-2025-1423)
According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in krb5. With incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped...
EulerOS 2.0 SP11 : krb5 (EulerOS-SA-2025-1361)
According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in krb5. With incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped...
EulerOS 2.0 SP11 : krb5 (EulerOS-SA-2025-1362)
According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in krb5. With incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped...
krb5: overflow when calculating ulog block size
A flaw was found in krb5. With incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file. This issue can trigger a process crash and lead to a denial of service...
OESA-2025-1135 krb5 security update
Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. Security Fixes: In MIT krb5 release 1.7 and later with incremental propagation enabled, an authenticated attacker can cause kadmind to...
UBUNTU-CVE-2025-24528
In MIT Kerberos 5 aka krb5 before 1.22 with incremental propagation, there is an integer overflow for a large update size to resize in kdblog.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash...
FreeBSD : krb5 -- MITKRB5-SA-2011-001, kpropd denial of service (64f24a1e-66cf-11e0-9deb-f345f3aa24f0)
An advisory published by the MIT Kerberos team says : The MIT krb5 KDC database propagation daemon kpropd is vulnerable to a denial-of-service attack triggered by invalid network input. If a kpropd worker process receives invalid input that causes it to exit with an abnormal status, it can cause...
Code injection
Unspecified vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris snv01 through snv110 allows remote attackers to cause a denial of service loss of incremental propagation requests to slave KDC servers via unknown vectors related to the master Key Distribution Center KDC...
CVE-2009-0923
Unspecified vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris snv01 through snv110 allows remote attackers to cause a denial of service loss of incremental propagation requests to slave KDC servers via unknown vectors related to the master Key Distribution Center KDC...
CVE-2009-0923
The CVE-2009-0923 entry affects Solaris 10 and OpenSolaris (SNV builds 01–110) in Kerberos Incremental Propagation. It describes a remote DoS against slave KDC servers caused by issues in the master KDC, with unknown vectors. No remediation details are provided in the supplied documents; CVSSv2 b...
CVE-2009-0923
Unspecified vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris snv01 through snv110 allows remote attackers to cause a denial of service loss of incremental propagation requests to slave KDC servers via unknown vectors related to the master Key Distribution Center KDC...