EUVD-2019-3750

Malware in sbrugna...

EUVD-2012-1054

Malware in sbrugna...

EUVD-2005-1984

Malware in sbrugna...

EUVD-2013-1453

Malware in sbrugna...

krb5 security update

1.21.1-8.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.21.1-9 - Do not block HMAC-MD4/5 in FIPS mode Resolves: RHEL-88704 - Don't issue RC4 session keys by default CVE-2025-3576 Resolves: RHEL-88048 - Add PKINIT paChecksum2 from MS-PKCA v20230920 Resolves: RHEL-82647 1.21.1-7 -...

Fedora 41 : krb5 (2025-42a13f896e)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-42a13f896e advisory. Disallowing use of the arcfour-hmac-md5 encryption type for session keys Add support for the PKINIT paChecksum2 sequence, required for Active Directory...

krb5 security update

1.18.2-32.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.18.2-32 - Do not block HMAC-MD4/5 in FIPS mode Resolves: RHEL-86786 - Don't issue RC4 session keys by default CVE-2025-3576 Resolves: RHEL-88049 - Add PKINIT paChecksum2 from MS-PKCA v20230920 Resolves: RHEL-82648...

Fedora 40 : krb5 (2025-61b9344baf)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-61b9344baf advisory. - Prevent overflow when calculating ulog block size CVE-2025-24528 - Support PKCS11 EC client certs in PKINIT - kdb5util: fix DB entry flags on modification ...

Azure Linux 3.0 Security Update: heimdal / samba (CVE-2022-41916)

The version of heimdal / samba installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41916 advisory. - Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerab...

Mageia: Security Advisory (MGASA-2024-0385)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 39 : krb5 (2024-862f5c4156)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-862f5c4156 advisory. Security: CVE-2024-3596: Fix for BlastRADIUS vulnerability in libkrad support for Message-Authenticator attribute Marvin attack: Removal of the RSA method fo...

krb5 security update

1.18.2-30.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.18.2-30 - libkrad: implement support for Message-Authenticator CVE-2024-3596 Resolves: RHEL-50253 - Remove RSA protocol for PKINIT Resolves: RHEL-17616...

krb5 security update

1.15.1-55.0.3 - Length check when parsing GSS token encapsulation Orabug: 36927256 - Add a simple DER support header Orabug: 36927256 - Fix vulnerabilities in GSS message token handling Orabug: 36927256 1.15.1-55.0.1 - Add recursion limit for ASN.1 indefinite lengths Orabug: 32582360 1.15.1-55 -...

Active Directory Certificate Services (ADCS) Privilege Escalation (Certifried)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Active Directory Certificate Services ADCS privilege escalation Certifried', 'Description' = %q This module exploits a privilege escalation...

Mageia: Security Advisory (MGASA-2024-0253)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Advisory ROSA-SA-2024-2419

software: heimdal 7.8.0 WASP: ROSA-CHROME packageevrstring: heimdal-7.8.0-1 CVE-ID: CVE-2021-44758 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: heimdal allowed attackers to cause null pointer dereferencing in the SPNEGO receiver via the preferredmechtype GSSCNOOID and a non-zero initialresponse value f...

Amazon Linux 2023 : krb5-devel, krb5-libs, krb5-pkinit (ALAS2023-2024-586)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-586 advisory. Kerberos 5 aka krb5 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmaprmt.c. CVE-2024-26458 Kerberos 5 aka krb5 1.21.2 contains a memory leak vulnerability in...

krb5 bug fix update

An update is available for krb5. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kerberos is a network authentication system, which can improve the security of...

ShadowSpray - A Tool To Spray Shadow Credentials Across An Entire Domain In Hopes Of Abusing Long Forgotten GenericWrite/GenericAll DACLs Over Other Objects In The Domain

A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain. Why this tool In a lot of engagements I see in BloodHound that the group "Everyone" / "Authenticated Users" / "Domain Users" or some other...

AlmaLinux 9 : krb5 (ALSA-2023:2570)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:2570 advisory. - Kerberos Security Feature Bypass Vulnerability CVE-2020-17049 Note that Nessus has not tested for this issue but has instead relied only on the application's...