Lucene search
K

33 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.4 views

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2021-36222)

ecverify in kdc/kdcpreauthec.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation. This...

7.5CVSS6.8AI score0.10276EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2000-0547

Malware in sbrugna...

5CVSS6.4AI score0.02399EPSS
Exploits0References7
OSV
OSV
added 2023/06/22 5:15 p.m.16 views

CVE-2023-3326

pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pamkrb5 has no way to validate...

9.8CVSS6.6AI score
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:55 a.m.4 views

SUSE CVE-2011-0281

The unparse implementation in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service file descriptor exhaustion and daemon hang via a principal name that triggers use of a backslash escape...

5CVSS6.8AI score0.04202EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:55 a.m.4 views

SUSE CVE-2011-0282

The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service NULL pointer dereference or buffer over-read, and daemon crash via a crafted principal name...

5CVSS6.9AI score0.03475EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:55 a.m.2 views

SUSE CVE-2011-0284

Double free vulnerability in the prepareerroras function in doasreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 through 1.9, when the PKINIT feature is enabled, allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via an edat...

7.6CVSS8AI score0.08267EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2021/04/28 1:0 p.m.193 views

F5 BIG-IP Found Vulnerable to Kerberos KDC Spoofing Vulnerability

Cybersecurity researchers on Wednesday disclosed a new bypass vulnerability CVE-2021-23008 in the Kerberos Key Distribution Center KDC security feature impacting F5 Big-IP application delivery services. "The KDC Spoofing vulnerability allows an attacker to bypass the Kerberos authentication to...

9.8CVSS0.6AI score0.02358EPSS
Exploits0
MSRC
MSRC
added 2020/11/19 8:0 a.m.39 views

Kerberos KDC の脆弱性 (CVE-2020-17049) に対応するためのガイダンス

マイクロソフトは、2020 年 11 月 10 日 米国時間 に、Kerberos KDC Key Distribution Center に対する脆弱性情報 CVE-2020-17049 を公...

9CVSS7.6AI score0.13794EPSS
Exploits0
Kaspersky
Kaspersky
added 2020/11/10 12:0 a.m.52 views

KLA12003 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, cause denial of service, spoof user interface, bypass security restrictions. Below is a...

10CVSS9.9AI score0.25285EPSS
Exploits3References59
Kaspersky
Kaspersky
added 2020/11/10 12:0 a.m.109 views

KLA12004 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service, spoof user interface. Below is a complete list of...

10CVSS9.9AI score0.25285EPSS
Exploits4References89
Veracode
Veracode
added 2020/04/10 12:59 a.m.22 views

Denial Of Service (DoS)

krb5 is vulnerable to denial of service DoS. The vulnerability exists as a NULL pointer dereference flaw was found in the way the MIT Kerberos KDC processed principal names that were not null terminated, when the KDC was configured to use an LDAP back end. A remote attacker could use this flaw to...

5CVSS2.6AI score0.03475EPSS
Exploits0References23Affected Software1
Veracode
Veracode
added 2020/04/10 12:59 a.m.23 views

Denial Of Service (DoS)

krb5 is vulnerable to denial of service DoS. The vulnerability exists through the way MIT Kerberos KDC processed certain principal names when the KDC was configured to use an LDAP back end. A remote attacker could use this flaw to cause the KDC to hang via a specially-crafted request...

5CVSS2.2AI score0.04202EPSS
Exploits0References24Affected Software1
Veracode
Veracode
added 2019/05/02 5:28 a.m.29 views

Denial Of Service (DoS)

Kerberos is a networked authentication system which allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos KDC. A memory leak flaw was found in the krb5unparsename function of the MIT Kerberos kadmind service. An authenticated attacker could...

6.5CVSS5.7AI score0.04643EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2017/12/06 3:29 p.m.2 views

ALPINE-CVE-2017-17439

In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to th...

7.5CVSS7.1AI score0.03427EPSS
Exploits0References1
OSV
OSV
added 2016/08/01 2:59 a.m.2 views

ALPINE-CVE-2016-3120

The validateasrequest function in kdcutil.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.13.6 and 1.4.x before 1.14.3, when restrictanonymoustotgt is enabled, uses an incorrect client data structure, which allows remote authenticated users to cause a denial of service NU...

6.5CVSS6.6AI score0.0462EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.28 views

Amazon Linux: Security Advisory (ALAS-2011-28)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.8AI score0.02473EPSS
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2014/11/19 12:0 a.m.10 views

Microsoft Windows Kerberos KDC Elevation of Privilege (MS14-068; CVE-2014-6324)

A remote elevation of privilege vulnerability has been reported in Microsoft Windows Kerberos KDC. The vulnerability is due to improper validation of signatures in the Kerberos ticket. A remote attacker could use these elevated privileges to compromise any computer in the domain, including domain...

9CVSS5.8AI score0.87448EPSS
Exploits8
VulnCheck KEV
VulnCheck KEV
added 2014/11/18 12:0 a.m.6 views

VulnCheck KEV: CVE-2014-6324

The Kerberos Key Distribution Center KDC in Microsoft allows remote authenticated domain users to obtain domain administrator privileges...

9CVSS7.5AI score0.87448EPSS
Exploits8References1
Kaspersky
Kaspersky
added 2014/11/11 12:0 a.m.3770 views

KLA10601 Multiple vulnerabilities in Microsoft products

Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service gain privileges, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1...

10CVSS8.8AI score0.95988EPSS
Exploits172References125
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.33 views

Oracle Linux 6 : krb5 (ELSA-2011-0356)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2011-0356 advisory. - add revised upstream patch to fix double-free in KDC while returning typed-data with errors CVE-2011-0284, 681564 Tenable has extracted the preceding...

7.6CVSS6.2AI score0.08267EPSS
Exploits0References2
Rows per page
Query Builder