MiracleLinux 4 : krb5-1.10.3-10.AXS4.2 (AXSA:2013-413:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-413:02 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending...

EUVD-2011-1531

Malware in sbrugna...

UBUNTU-CVE-2024-3183

A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user...

freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force

A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user...

SUSE CVE-2023-39975

kdc/dotgsreq.c in MIT Kerberos 5 aka krb5 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another...

Debian: Security Advisory (DLA-340-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2010-1322

The mergeauthdata function in kdcauthdata.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.8.x before 1.8.4 does not properly manage an index into an authorization-data list, which allows remote attackers to cause a denial of service daemon crash, or possibly obtain sensitive...

SUSE CVE-2013-1416

The prepreprocessreq function in dotgsreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service NULL pointer dereference and daemon crash via a...

SUSE CVE-2015-2697

The buildprincipalva function in lib/krb5/krb/bldprinc.c in MIT Kerberos 5 aka krb5 before 1.14 allows remote authenticated users to cause a denial of service out-of-bounds read and KDC crash via an initial '\0' character in a long realm field within a TGS request...

SUSE CVE-2021-37750

The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/dotgsreq.c via a FAST inner body that lacks a server field...

AZL-7354 CVE-2021-3671 affecting package samba 4.12.5-7

A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ Ticket Granting Server - Request. An authenticated user could use this flaw to crash the samba server...

AZL-6608 CVE-2021-37750 affecting package krb5 for versions less than 1.19.3-1

The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/dotgsreq.c via a FAST inner body that lacks a server field...

Denial Of Service (DoS)

Kerberos is vulnerable to denial of service. A NULL pointer dereference occurs when certain Ticket-granting Server TGS requests are processed. This allows a remote authenticated attacker to crash process via a malicious TGS request...

MIT krb5 build_principal_va denial of service vulnerability

Kerberos is a widely used, super-strong encryption to authenticate client-side and server-side network protocols. MIT Kerberos 5 krb5 versions prior to 1.14, the function buildprincipalva in lib/krb5/krb/bldprinc.c, which handles the '\0' character at the start of a longer realm field within a TG...

CVE-2015-2697

The buildprincipalva function in lib/krb5/krb/bldprinc.c in MIT Kerberos 5 aka krb5 before 1.14 allows remote authenticated users to cause a denial of service out-of-bounds read and KDC crash via an initial '\0' character in a long realm field within a TGS request...

CVE-2015-2697

The buildprincipalva function in lib/krb5/krb/bldprinc.c in MIT Kerberos 5 aka krb5 before 1.14 allows remote authenticated users to cause a denial of service out-of-bounds read and KDC crash via an initial '\0' character in a long realm field within a TGS request...

CVE-2015-2697

The buildprincipalva function in lib/krb5/krb/bldprinc.c in MIT Kerberos 5 aka krb5 before 1.14 allows remote authenticated users to cause a denial of service out-of-bounds read and KDC crash via an initial '\0' character in a long realm field within a TGS request...

Debian DSA-3395-1 : krb5 - security update

Several vulnerabilities were discovered in krb5, the MIT implementation of Kerberos. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-2695 It was discovered that applications which call gssinquirecontext on a partially-established SPNEGO context can...

Debian DLA-340-1 : krb5 security update

CVE-2015-2695 It was discovered that applications which call gssinquirecontext on a partially-established SPNEGO context can cause the GSS-API library to read from a pointer using the wrong type, leading to a process crash. CVE-2015-2697 It was discovered that the buildprincipalva function...

UBUNTU-CVE-2015-2697

The buildprincipalva function in lib/krb5/krb/bldprinc.c in MIT Kerberos 5 aka krb5 before 1.14 allows remote authenticated users to cause a denial of service out-of-bounds read and KDC crash via an initial '\0' character in a long realm field within a TGS request...