MiracleLinux 4 : krb5-1.10.3-10.AXS4.2 (AXSA:2013-413:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-413:02 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending...

EUVD-2017-8603

Malware in sbrugna...

EUVD-2015-2787

Malware in sbrugna...

EUVD-2009-3277

Malware in sbrugna...

EUVD-2018-8647

Malware in sbrugna...

EUVD-2014-5242

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-20217

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryptio...

krb5: integer overflow vulnerabilities in PAC parsing

A vulnerability was found in MIT krb5. This flaw allows an authenticated attacker to cause a KDC or kadmind process to crash by reading beyond the bounds of allocated memory, creating a denial of service. A privileged attacker may similarly be able to cause a Kerberos or GSS application service t...

krb5: integer overflow vulnerabilities in PAC parsing

A vulnerability was found in MIT krb5. This flaw allows an authenticated attacker to cause a KDC or kadmind process to crash by reading beyond the bounds of allocated memory, creating a denial of service. A privileged attacker may similarly be able to cause a Kerberos or GSS application service t...

krb5: integer overflow vulnerabilities in PAC parsing

A vulnerability was found in MIT krb5. This flaw allows an authenticated attacker to cause a KDC or kadmind process to crash by reading beyond the bounds of allocated memory, creating a denial of service. A privileged attacker may similarly be able to cause a Kerberos or GSS application service t...

Fedora 29 : krb5 (2019-dc4e1d0fb6)

Fix KDC crash when logging PKINIT enctypes CVE-2019-14844 This is a purely denial-of-service issue, though it is unauthenticated, and is unlikely to trigger by accident. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website...

Fedora 31 : krb5 (2019-2323661e5f)

Fix KDC crash when logging PKINIT enctypes CVE-2019-14844 This is a purely denial-of-service issue, though it is unauthenticated, and is unlikely to trigger by accident. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website...

CVE-2019-14844

CVE-2019-14844 affects krb5 in Fedora releases (1.16.1 up to 1.17.x) where a Kerberos client could trigger a KDC crash by sending RFC 4556 enctypes. A remote unauthenticated user could crash the KDC. Remediation is available via updated krb5 packages (e.g., Fedora updates FEDORA-2019-320a5a6a68 /...

ALPINE-CVE-2018-16853

Samba from version 4.7.0 has a vulnerability that allows a user in a Samba AD domain to crash the KDC when Samba is built in the non-default MIT Kerberos configuration. With this advisory the Samba Team clarify that the MIT Kerberos build of the Samba AD DC is considered experimental. Therefore t...

CVE-2017-17439

In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to th...

Null pointer dereference

In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to th...

DEBIAN-CVE-2017-17439

In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to th...

Fedora 23 : krb5 (2016-f405b25923)

Bump version to 1.14.3 for the convenience of those needing the SNI fix. ---- Require krb5 to set the 'Host:' header when speaking KKDCPP. This fixes use of TLS with SNI. ---- Fix low-impact CVE-2016-3120 where S4U2Self may cause KDC crash when anon is restricted Note that Tenable Network Securit...

Fedora 24 : krb5 (2016-0674a3c372)

Fix low-impact CVE-2016-3120 where S4U2Self may cause KDC crash when anon is restricted Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

CVE-2015-2697

The buildprincipalva function in lib/krb5/krb/bldprinc.c in MIT Kerberos 5 aka krb5 before 1.14 allows remote authenticated users to cause a denial of service out-of-bounds read and KDC crash via an initial '\0' character in a long realm field within a TGS request...