Lucene search
K

79 matches found

RedhatCVE
RedhatCVE
added 2025/08/15 5:30 p.m.7 views

CVE-2025-8904

Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A user with access to this directory and another account can potentially decrypt the keys and escalate to higher privileges. Users are advised to upgrade to Amazon EMR versio...

9CVSS7.2AI score0.00308EPSS
Exploits0References1
NVD
NVD
added 2025/08/13 6:15 p.m.7 views

CVE-2025-8904

Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A user with access to this directory and another account can potentially decrypt the keys and escalate to higher privileges. Users are advised to upgrade to Amazon EMR versio...

9CVSS0.00308EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/08/13 5:6 p.m.4 views

CVE-2025-8904 Privilege escalation issue in Amazon EMR Secret Agent component

Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A user with access to this directory and another account can potentially decrypt the keys and escalate to higher privileges. Users are advised to upgrade to Amazon EMR versio...

9CVSS7.1AI score0.00308EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/08/13 5:6 p.m.12 views

CVE-2025-8904 Privilege escalation issue in Amazon EMR Secret Agent component

Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A user with access to this directory and another account can potentially decrypt the keys and escalate to higher privileges. Users are advised to upgrade to Amazon EMR versio...

9CVSS0.00308EPSS
Exploits0References3
CVE
CVE
added 2025/08/13 5:6 p.m.27 views

CVE-2025-8904

The CVE-2025-8904 issue involves Amazon EMR Secret Agent storing Kerberos credentials in a keytab file under /tmp, which could be accessed by other users and lead to privilege escalation. Affected software: Amazon EMR Secret Agent component. Root cause: keytab with Kerberos credentials is written...

9CVSS7.1AI score0.00308EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/13 12:0 a.m.5 views

Amazon EMR 安全漏洞

Amazon EMR is a hosted clustering platform from Amazon.com, USA. A security vulnerability exists in Amazon EMR that stems from a keytab file stored in the /tmp/ directory that could lead to elevation of privilege...

9CVSS6.5AI score0.00308EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/13 12:0 a.m.5 views

PT-2025-33036

Name of the Vulnerable Software and Affected Versions: Amazon EMR versions 6.10 through 7.4 Amazon EMR version 7.5 and higher Description: Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A user with access to this director...

9CVSS6.5AI score0.00308EPSS
Exploits0References14
SUSE Linux
SUSE Linux
added 2025/07/04 4:3 p.m.4 views

Security update for samba

This update for samba fixes the following issues: CVE-2025-0620: smbd doesn't pick up group membership changes when re-authenticating an expired SMB session bsc1244136. Other bugfixes: net ad join fails with "Failed to join domain: failed to create kerberos keytab" bsc1238063. Patch Instructions:...

7.6CVSS7.5AI score0.00595EPSS
Exploits0References6
OSV
OSV
added 2025/07/04 4:3 p.m.9 views

SUSE-SU-2025:02230-1 Security update for samba

This update for samba fixes the following issues: - CVE-2025-0620: smbd doesn't pick up group membership changes when re-authenticating an expired SMB session bsc1244136. Other bugfixes: - net ad join fails with 'Failed to join domain: failed to create kerberos keytab' bsc1238063...

4.9CVSS5.8AI score0.00595EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 10:44 p.m.11 views

CVE-2022-29053

A missing cryptographic steps vulnerability CWE-325 in the functions that encrypt the keytab files in FortiOS version 7.2.0, 7.0.0 through 7.0.5 and below 7.0.0 may allow an attacker in possession of the encrypted file to decipher it...

3.3CVSS6.8AI score0.00255EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2024/02/22 12:0 a.m.416 views

FreeIPA 4.10.1 Denial Of Service / Information Disclosure

Summary: Specially crafted HTTP requests can read files in the DC server. And use keytab files for authorization for different kerberos principals. Tested FreeIPA version: ipa-server-4.10.1 Details The "user" parameter in the HTTP URI "/sip/session/loginpassword" is inserted into the "run" functi...

7.4AI score0.0111EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/08/31 12:0 a.m.17 views

FreeBSD : FreeBSD -- Network authentication attack via pam_krb5 (9b0d9832-47c1-11ee-8e38-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9b0d9832-47c1-11ee-8e38-002590c1f29c advisory. - pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-grantin...

9.8CVSS8.3AI score0.01098EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/08/31 12:0 a.m.22 views

FreeBSD : FreeBSD -- Network authentication attack via pam_krb5 (41af0277-47bf-11ee-8e38-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 41af0277-47bf-11ee-8e38-002590c1f29c advisory. - pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-grantin...

9.8CVSS8.3AI score0.01098EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/06/23 1:45 a.m.2 views

SUSE CVE-2023-3326

pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pamkrb5 has no way to validate...

9.8CVSS7.2AI score0.01098EPSS
Exploits0References3
OSV
OSV
added 2023/06/22 5:15 p.m.3 views

DEBIAN-CVE-2023-3326

pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pamkrb5 has no way to validate...

9.8CVSS8.5AI score0.01098EPSS
Exploits0References1
OSV
OSV
added 2023/06/22 5:15 p.m.17 views

UBUNTU-CVE-2023-3326

pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pamkrb5 has no way to validate...

9.8CVSS5.8AI score0.01098EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/06/22 5:15 p.m.375 views

CVE-2023-3326

pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pamkrb5 has no way to validate...

9.8CVSS7.2AI score0.01098EPSS
Exploits0References3
Prion
Prion
added 2023/06/22 5:15 p.m.16 views

Default credentials

pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pamkrb5 has no way to validate...

7.5CVSS9.6AI score0.01098EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2023/06/22 4:37 p.m.114 views

CVE-2023-3326

CVE-2023-3326 affects pam_krb5 in FreeBSD deployments where a keytab is not provisioned. The module authenticates by requesting a Kerberos TGT from KDC using the user password, but without a keytab there is no way to validate the KDC’s response, allowing an attacker who can control both the passw...

9.8CVSS9.6AI score0.01098EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2023/06/22 4:37 p.m.32 views

CVE-2023-3326

pamkrb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pamkrb5 has no way to validate...

9.8CVSS9.7AI score0.01098EPSS
Exploits0
Rows per page
Query Builder