Lucene search
+L

851 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2017-11368

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In MIT Kerberos 5 aka krb5 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests...

6.5CVSS6.8AI score0.02397EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.11 views

Azure Linux 3.0 Security Update: heimdal / samba (CVE-2022-41916)

The version of heimdal / samba installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41916 advisory. - Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerab...

7.5CVSS6.2AI score0.00891EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/11/13 3:58 p.m.15 views

Important: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

9CVSS7.2AI score0.14859EPSS
Exploits2References2
Rockylinux
Rockylinux
added 2024/11/08 3:56 p.m.24 views

krb5 security update

An update is available for krb5. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kerberos is a network authentication system, which can improve the security of...

9CVSS7.5AI score0.14859EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2024/11/08 12:0 a.m.4 views

PT-2024-40628 · Git +1 · Krb5

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of Use-of-uninitialized-value. The crash state involves the k5 hashtab add and insert entry functions in the fuzz...

6.8AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/11/04 1:44 a.m.19 views

Important: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as havi...

9CVSS7.2AI score0.14859EPSS
Exploits2References2
Redos
Redos
added 2024/08/12 12:0 a.m.16 views

ROS-20240812-01

The vulnerability in the Kerberos 5 Heimdal implementation is due to bugs in the Heimdal PKI certificate checks, affecting KDC via PKINIT and kinit via PKINIT, as well as any third-party applications, that utilize libhx509 Heimdal. Exploitation of the vulnerability could allow an attacker acting...

7.5CVSS6.8AI score0.00891EPSS
Exploits0
Redos
Redos
added 2024/07/24 12:0 a.m.23 views

ROS-20240723-01

A vulnerability in the Key Distribution Center KDC component of the Kerberos network authentication protocol is associated with the NULL pointer dereferencing. Exploitation of the vulnerability allows an attacker acting remotely, cause a denial of service...

7.5CVSS6.9AI score0.10276EPSS
Exploits0
Rosalinux
Rosalinux
added 2024/07/15 9:4 a.m.65 views

Advisory ROSA-SA-2024-2451

Software: samba 4.12.3 OS: ROSA Virtualization 2.1 packageevrstring: samba-4.12.3 CVE-ID: CVE-2020-25722 BDU-ID: 2022-00004 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the Active Directory Domain Controller component of the Samba networking software package is caused by a buffer overflow...

9.8CVSS8.1AI score0.7372EPSS
Exploits2
OSV
OSV
added 2024/05/20 6:9 p.m.8 views

SUSE-SU-2024:1702-1 Security update for krb5

This update for krb5 fixes the following issues: Fixed inside previous release v1.16.3-46.3.1: - CVE-2021-37750: Fixed KDC null pointer dereference via a FAST inner body that lacked a server field bsc1189929...

6.5CVSS6.8AI score0.02166EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/28 12:0 a.m.4 views

MIT Kerberos Security Vulnerability

MIT Kerberos is a Massachusetts Institute of Technology MIT software for authentication in network clusters.Kerberos also serves as a network authentication protocol designed to provide strong authentication services to client/server applications through a key system. A security vulnerability...

5.5CVSS8.1AI score0.00437EPSS
Exploits1References4
F5 Networks
F5 Networks
added 2024/02/02 5:49 a.m.37 views

K000138461: MIT Kerberos 5 vulnerability CVE-2023-39975

Security Advisory Description kdc/dotgsreq.c in MIT Kerberos 5 aka krb5 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another. CVE-2023-39975 Impact There is no impact...

8.8CVSS7.2AI score0.01229EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/01/26 12:0 a.m.25 views

RHEL 8 : idm:DL1 (RHSA-2024:0137)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0137 advisory. Red Hat Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and...

9CVSS6.9AI score0.13794EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/01/15 3:53 p.m.53 views

Moderate: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

9CVSS6.7AI score0.13794EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/01/13 12:0 a.m.38 views

Oracle Linux 8 : idm:DL1 (ELSA-2024-0143)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0143 advisory. - Resolves: 2242828 Invalid CSRF protection CVE-2023-5455 ipa-healthcheck opendnssec python-jwcrypto python-kdcproxy Tenable has extracted the precedin...

9CVSS6.8AI score0.13794EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/01/10 12:0 a.m.55 views

RHEL 8 : idm:DL1 (RHSA-2024:0143)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0143 advisory. Red Hat Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and...

9CVSS6.9AI score0.13794EPSS
Exploits0References7
Microsoft KB
Microsoft KB
added 2024/01/09 8:0 a.m.495 views

January 9, 2024—KB5034127 (OS Build 17763.5329) - EXPIRED

None None...

8.8CVSS6.8AI score0.22773EPSS
Exploits6
SUSE CVE
SUSE CVE
added 2023/11/18 1:50 a.m.3 views

SUSE CVE-2023-39975

kdc/dotgsreq.c in MIT Kerberos 5 aka krb5 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another...

8.8CVSS8AI score0.01229EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2023/11/11 12:0 a.m.43 views

krb5 security and bug fix update

1.21.1-1.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.21.1-1 - New upstream version 1.21.1 - Fix double-free in KDC TGS processing CVE-2023-39975 - Add support for 'pacprivsvrenctype' KDB string attribute Resolves: rhbz2060421...

8.8CVSS6.9AI score0.02791EPSS
Exploits0
OSV
OSV
added 2023/11/07 12:0 a.m.28 views

ALSA-2023:6699 Moderate: krb5 security and bug fix update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

8.8CVSS7.2AI score0.02791EPSS
Exploits0References6
Rows per page
Query Builder