Important: Red Hat Security Advisory: python-kdcproxy security update

An update for python-kdcproxy is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

PT-2025-46676

Name of the Vulnerable Software and Affected Versions kdcproxy affected versions not specified Description An attacker can cause a denial-of-service condition by forcing kdcproxy to connect to a KDC server under the attacker’s control, potentially through server-side request forgery. kdcproxy doe...

PT-2025-46675

Name of the Vulnerable Software and Affected Versions kdcproxy affected versions not specified Description kdcproxy is susceptible to a server-side request forgery condition. When kdcproxy processes a request for a realm lacking defined server addresses in its configuration, it defaults to queryi...

kdcproxy 安全漏洞

kdcproxy is a Python library open-sourced by latchset. A security vulnerability exists in kdcproxy that stems from a default query of DNS SRV records, which could lead to a server-side request forgery attack...

kdcproxy 安全漏洞

kdcproxy is a Python library open-sourced by latchset A security vulnerability exists in kdcproxy that stems from not enforcing TCP response length bounds, which could lead to a denial of service attack...

RHEL 9 : python-kdcproxy (RHSA-2025:21138)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:21138 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

Linux Distros Unpatched Vulnerability : CVE-2025-59089

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If an attacker causes kdcproxy to connect to an attacker-controlled KDC server e.g. through server-side request forgery, they can exploit the fact that kdcproxy...

Linux Distros Unpatched Vulnerability : CVE-2025-59088

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by default, it will query SRV records in the DNS...

RHEL 9 : python-kdcproxy (RHSA-2025:21139)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:21139 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

Important: idm:DL1 security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: python-kdcproxy: Unauthenticated SSRF via Realm?Controlled DNS SRV CVE-2025-59088 python-kdcproxy: Remot...

Important: python-kdcproxy security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

ALSA-2025:21142 Important: python-kdcproxy security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

ALSA-2025:21140 Important: idm:DL1 security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: python-kdcproxy: Unauthenticated SSRF via Realm?Controlled DNS SRV CVE-2025-59088 python-kdcproxy: Remot...

RHEL 10 : python-kdcproxy (RHSA-2025:21142)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:21142 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

RHEL 8 : idm:DL1 (RHSA-2025:21140)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21140 advisory. Red Hat Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and...

EUVD-2018-0081

Malware in sbrugna...

Oracle Linux 8 : idm:DL1 (ELSA-2025-17129)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-17129 advisory. bind-dyndb-ldap 11.6-6 - Fix rpminspect warnings Resolves: RHEL-22497 custodia ipa 4.9.13-20.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug:...

idm:DL1 security update

An update is available for module.pyusb, module.opendnssec, custodia, module.custodia, pyusb, module.python-kdcproxy, module.slapi-nis, opendnssec, python-yubico, slapi-nis, ipa-healthcheck, softhsm, module.python-qrcode, module.softhsm, module.ipa-healthcheck, python-qrcode, module.python-yubico...

idm:DL1 security update

bind-dyndb-ldap custodia ipa 4.9.13-10.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.9.13-10 - kdb: apply combinatorial logic for ticket flags CVE-2024-3183 Resolves: RHEL-29927 - kdb: fix vulnerability in GCD rules handling CVE-2024-2698 Resolves: RHEL-29692...

Oracle Linux 8 : idm:DL1 / and / idm:client (ELSA-2024-3267)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3267 advisory. bind-dyndb-ldap custodia ipa 4.9.13-9.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 9.4.13-9 - dcerpc: invalidate forest trust...