Astra Linux - уязвимость в python-kdcproxy

If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by default, it will query SRV records in the DNS zone matching the requested realm name. This creates a server-side request forgery vulnerability, since an attacker could send a request f...

MiracleLinux 9 : ipa-4.12.2-22.el9_7.3 (AXBA:2026-315:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXBA:2026-315:01 advisory. - If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by default, it will query SRV records in the D...

TencentOS Server 3: idm:DL1 (TSSA-2025:1009)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:1009 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-kdcproxy (UTSA-2026-006154)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006154 advisory. If an attacker causes kdcproxy to connect to an attacker-controlled KDC server e.g. through server-side request forgery, they can exploit the fact that kdcproxy does...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-kdcproxy (UTSA-2026-006138)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006138 advisory. If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by default, it will query SRV records in the DNS zone...

ROS-20260129-73-0027

Vulnerability in python-kdcproxy due to insufficient validation of incoming requests. Exploitation of the vulnerability could allow an attacker acting remotely to launch an ssrf attack...

ROS-20260129-73-0026

Vulnerability in python-kdcproxy related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

MiracleLinux 9 : python-kdcproxy-1.0.0-9.el9_7 (AXSA:2025-11449:02)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-11449:02 advisory. python-kdcproxy: Unauthenticated SSRF via Realm?Controlled DNS SRV CVE-2025-59088 python-kdcproxy: Remote DoS via unbounded TCP upstream buffering...

MiracleLinux 8 : idm:DL1 (AXSA:2025-11169:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11169:01 advisory. python-kdcproxy: Unauthenticated SSRF via Realm?Controlled DNS SRV CVE-2025-59088 python-kdcproxy: Remote DoS via unbounded TCP upstream buffering...

Oracle Linux 7 : python-kdcproxy (ELSA-2025-22982)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-22982 advisory. - Use DNS discovery for declared realms only CVE-2025-59088 Orabug: 38745300 Tenable has extracted the preceding description block directly from the...

python-kdcproxy security update

0.3.2-3.0.1 - Use DNS discovery for declared realms only CVE-2025-59088 Orabug: 38745300 - Fix DoS vulnerability based on unbounded TCP buffering CVE-2025-59089...

RHSA-2025:22982 Red Hat Security Advisory: python-kdcproxy security update

Bulletin has no description...

Important: Red Hat Security Advisory: python-kdcproxy security update

An update for python-kdcproxy is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

python-kdcproxy: Remote DoS via unbounded TCP upstream buffering

If an attacker causes kdcproxy to connect to an attacker-controlled KDC server e.g. through server-side request forgery, they can exploit the fact that kdcproxy does not enforce bounds on TCP response length to conduct a denial-of-service attack. While receiving the KDC's response, kdcproxy copie...

RHEL 7 : python-kdcproxy (RHSA-2025:22982)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:22982 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

Important: python-kdcproxy

Issue Overview: If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by default, it will query SRV records in the DNS zone matching the requested realm name. This creates a server-side request forgery vulnerability, since an attacker could...

Amazon Linux 2 : python-kdcproxy, --advisory ALAS2-2025-3085 (ALAS-2025-3085)

The version of python-kdcproxy installed on the remote host is prior to 0.3.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3085 advisory. If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by...

[SECURITY] Fedora 43 Update: python-kdcproxy-1.1.0-1.fc43

This package contains a Python WSGI module for proxying KDC requests over HTTP by following the MS-KKDCP protocol. It aims to be simple to deploy, with minimal configuration...

Fedora: Security Advisory (FEDORA-2025-3075610004)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 41 : python-kdcproxy (2025-3075610004)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-3075610004 advisory. - New upstream version 1.1.0 - Use DNS discovery for declared realms only CVE-2025-59088 - Fix DoS vulnerability based on unbounded TCP buffering...