MiracleLinux 9 : krb5-1.21.1-8.el9_6 (AXSA:2025-10565:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10565:05 advisory. krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions CVE-2025-3576 Tenable has extracted the preceding descriptio...

RHEL 8 : krb5 (RHSA-2025:15004)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:15004 advisory. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending password...

EUVD-2007-1552

Malware in sbrugna...

krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This ma...

RockyLinux 8 : krb5 (RLSA-2025:8411)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:8411 advisory. krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions CVE-2025-3576 Tenable has extracted the preceding description bloc...

RHEL 10 : krb5 (RHSA-2025:9418)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:9418 advisory. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending password...

RHEL 9 : krb5 (RHSA-2025:9430)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:9430 advisory. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords...

Moderate: krb5 security update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

CVE-2025-3576 Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This ma...

July 9, 2024—KB5040434 (OS Build 14393.7159) - EXPIRED

July 9, 2024—KB5040434 OS Build 14393.7159 - EXPIRED EXPIRATION NOTICEIMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. --- 11/19/20 For...

subversion -- several vulnerabilities

Subversion Project reports: Using the Serf RA layer of Subversion for HTTPS uses the aprfnmatch API to handle matching wildcards in certificate Common Names and Subject Alternate Names. However, aprfnmatch is not designed for this purpose. Instead it is designed to behave like common shell...

Fedora 7 : mutt-1.5.14-4.fc7 (2007-0002)

This update fixes two security issues : The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. CVE-2007-1558 Buffer overflow in Mutt 1.4.2 might allow local users to execute...

Ubuntu Update for fetchmail vulnerabilities USN-520-1

Ubuntu Update for Linux kernel vulnerabilities USN-520-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5201.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for fetchmail vulnerabilities USN-520-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Ubuntu 6.06 LTS / 6.10 / 7.04 : fetchmail vulnerabilities (USN-520-1)

Gaetan Leurent discovered a vulnerability in the APOP protocol based on MD5 collisions. As fetchmail supports the APOP protocol, this vulnerability can be used by attackers to discover a portion of the APOP user's authentication credentials. CVE-2007-1558 Earl Chew discovered that fetchmail can b...

USN-520-1: fetchmail vulnerabilities

Gaetan Leurent discovered a vulnerability in the APOP protocol based on MD5 collisions. As fetchmail supports the APOP protocol, this vulnerability can be used by attackers to discover a portion of the APOP user's authentication credentials. CVE-2007-1558 Earl Chew discovered that fetchmail can b...

CVE-2007-1558

CVE-2007-1558 describes a cryptographic weakness in APOP authentication that lowers MITM attack cost to recover passwords. Connected advisories show this affects multiple mail clients (e.g., Thunderbird/Icedove, Iceape, fetchmail) and related POP/ALOP implementations. Debian DSA-1305-1 and CentOS...

claws-mail -- APOP vulnerability

CVE reports: The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions...