CVE-2026-11850 Krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read

An integer underflow vulnerability was found in MIT krb5 in the berval2tldata function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c. The function performs an unsigned subtraction bvlen - 2 without a prior bounds check. When bvlen is 0 or 1, the subtraction wraps to a large value which is then...

CVE-2026-11850

CVE-2026-11850 affects MIT Kerberos 5; the vulnerability is an integer underflow in berval2tl_data() inside ldap_principal2.c, where unsigned bv_len - 2 lacks bounds checking. When bv_len is 0 or 1, the subtraction underflows to 0xFFFE/0xFFFF and is then memcpy’d from a 0–1 byte buffer, causing a...

MiracleLinux 3 : krb5-1.6.1-80.AXS3 (AXSA:2014-537:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-537:02 advisory. Description : Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practi...

EUVD-2016-4172

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-3119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The processdbargs function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 through 1.13.4 and 1.14....

K15566: Kerberos vulnerability CVE-2014-4345

Security Advisory Description Off-by-one error in the krb5encodekrbsecretkey function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to cause...

SUSE CVE-2016-3119

The processdbargs function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service NULL pointer dereferenc...

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2016-1076)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.5.1 : krb5 (EulerOS-SA-2018-1376)

According to the version of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A NULL pointer dereference flaw was found in MIT Kerberos kadmind service. An authenticated attacker with permission to modify a...

EulerOS 2.0 SP1 : krb5 (EulerOS-SA-2016-1076)

According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference flaw was found in MIT Kerberos kadmind service. An authenticated attacker with permission to modify a principal entry...

Amazon Linux AMI : krb5 (ALAS-2017-793)

A NULL pointer dereference flaw was found in MIT Kerberos kadmind service. An authenticated attacker with permission to modify a principal entry could use this flaw to cause kadmind to dereference a NULL pointer and crash by supplying an empty DB argument to the modifyprincipal command, if kadmin...

Scientific Linux Security Update : krb5 on SL7.x x86_64 (20161103)

The following packages have been upgraded to a newer upstream version: krb5 1.14.1. Security Fixes : - A NULL pointer dereference flaw was found in MIT Kerberos kadmind service. An authenticated attacker with permission to modify a principal entry could use this flaw to cause kadmind to dereferen...

SUSE-SU-2016:1088-1 Security update for krb5

This update for krb5 fixes the following security issue: - CVE-2016-3119: An authenticated attacker with permission to modify a principal entry could have caused kadmind to dereference a null pointer by supplying an empty DB argument to the modifyprincipal command, if kadmind is configured to use...

SUSE SLED12 / SLES12 Security Update : krb5 (SUSE-SU-2016:0994-1)

This update for krb5 fixes the following security issue : - CVE-2016-3119: An authenticated attacker with permission to modify a principal entry could have caused kadmind to dereference a NULL pointer by supplying an empty DB argument to the modifyprincipal command, if kadmind is configured to us...

SUSE-SU-2016:0994-1 Security update for krb5

This update for krb5 fixes the following security issue: - CVE-2016-3119: An authenticated attacker with permission to modify a principal entry could have caused kadmind to dereference a null pointer by supplying an empty DB argument to the modifyprincipal command, if kadmind is configured to use...

openSUSE Security Update : krb5 (openSUSE-2016-424)

This update for krb5 fixes the following security issue : - CVE-2016-3119: An authenticated attacker with permission to modify a principal entry could have caused kadmind to dereference a NULL pointer by supplying an empty DB argument to the modifyprincipal command, if kadmind is configured to us...

MIT Kerberos 5 kadmind LDAP KDB Module Denial of Service Vulnerability

MIT Kerberos 5 also known as krb5 is a network authentication protocol developed by the Massachusetts Institute of Technology MIT in the United States, which adopts a client/server structure, and both the client and the server side can authenticate each other i.e., double authentication, which...

CVE-2016-3119

The processdbargs function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service NULL pointer dereferenc...

CVE-2016-3119

The processdbargs function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service NULL pointer dereferenc...

CVE-2016-3119

The processdbargs function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service NULL pointer dereferenc...