python-kerberos vulnerable to KDC spoofing attacks

The checkPassword function in python-kerberos does not authenticate the KDC it attempts to communicate with, which allows remote attackers to cause a denial of service bad response, or have other unspecified impact by performing a man-in-the-middle attack...

GHSA-MFFC-9GX5-99G3 python-kerberos vulnerable to KDC spoofing attacks

The checkPassword function in python-kerberos does not authenticate the KDC it attempts to communicate with, which allows remote attackers to cause a denial of service bad response, or have other unspecified impact by performing a man-in-the-middle attack...

F5 BIG-IP Found Vulnerable to Kerberos KDC Spoofing Vulnerability

Cybersecurity researchers on Wednesday disclosed a new bypass vulnerability CVE-2021-23008 in the Kerberos Key Distribution Center KDC security feature impacting F5 Big-IP application delivery services. "The KDC Spoofing vulnerability allows an attacker to bypass the Kerberos authentication to...

Security Bulletin: IBM QRadar SIEM is vulnerable to KDC Spoofing (CVE-2019-4545)

Summary IBM QRadar SIEM when configured to use Active Directory Authentication may be susceptible to spoofing attacks. Vulnerability Details CVEID: CVE-2019-4545 DESCRIPTION: IBM QRadar SIEM when configured to use Active Directory Authentication may be susceptible to spoofing attacks. CVSS Base...

Kerberos 4 4.0/5 5.0 - KDC Spoofing

source: https://www.securityfocus.com/bid/1616/info Kerberos is a cryptographic authentication protocol that allows users of a network to access services without transmitting cleartext passwords. A common implementation of the protocol includes a login service which is vulnerable to an attack whi...