Lucene search
K

21 matches found

Rockylinux
Rockylinux
added 2026/05/28 3:43 p.m.19 views

krb5 security and bug fix update

An update is available for krb5. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kerberos is a network authentication system, which can improve the security of...

8.8CVSS5.8AI score0.02107EPSS
Exploits0
OSV
OSV
added 2026/05/28 3:43 p.m.11 views

RLSA-2023:6699 Moderate: krb5 security and bug fix update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

8.8CVSS6.8AI score0.02107EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : krb5-1.21.1-1.el9 (AXSA:2023-6633:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6633:07 advisory. krb5: Denial of service through freeing uninitialized pointer CVE-2023-36054 krb5: double-free in KDC TGS processing CVE-2023-39975 Tenable has...

8.8CVSS7.1AI score0.02107EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.4 views

TencentOS Server 3: idm:DL1 (TSSA-2024:0307)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0307 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.8CVSS7.6AI score0.02053EPSS
Exploits1References3
Metasploit
Metasploit
added 2025/05/16 6:51 p.m.393 views

Gather Ticket Granting Service (TGS) tickets for User Service Principal Names (SPN)

This module will try to find Service Principal Names that are associated with normal user accounts. Since normal accounts' passwords tend to be shorter than machine accounts, and knowing that a TGS request will encrypt the ticket with the account the SPN is running under, this could be used for a...

5.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2023/11/07 8:49 a.m.27 views

krb5: double-free in KDC TGS processing

A vulnerability was found in MIT krb5, where an authenticated attacker can cause a KDC to free the same pointer twice if it can induce a failure in authorization data handling...

8.8CVSS7.1AI score0.01229EPSS
Exploits0References5
Metasploit
Metasploit
added 2023/01/27 7:49 p.m.340 views

Kerberos TGT/TGS Ticket Requester

This module requests TGT/TGS Kerberos tickets from the KDC Module Options msf use auxiliary/admin/kerberos/getticket msf auxiliarygetticket show actions ...actions... msf auxiliarygetticket set ACTION msf auxiliarygetticket show options ...show and set options... msf auxiliarygetticket run This...

5.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2021/11/23 5:24 p.m.3 views

krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field

A flaw was found in krb5. The Key Distribution Center KDC in MIT Kerberos 5 has a NULL pointer dereference via a FAST inner body that lacks a server field. An authenticated attacker could use this flaw to crash the Kerberos KDC server. The highest threat from this vulnerability is to system...

6.5CVSS6.8AI score0.02166EPSS
Exploits0References4
OSV
OSV
added 2021/10/12 6:15 p.m.15 views

AZL-37004 CVE-2021-3671 affecting package samba for versions less than 4.18.3-1

A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ Ticket Granting Server - Request. An authenticated user could use this flaw to crash the samba server...

6.5CVSS6.5AI score0.02025EPSS
Exploits0References1
OSV
OSV
added 2021/10/12 6:15 p.m.4 views

UBUNTU-CVE-2021-3671

A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ Ticket Granting Server - Request. An authenticated user could use this flaw to crash the samba server...

6.5CVSS6.4AI score0.02025EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/12/16 3:21 p.m.3 views

OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

6.8CVSS7.4AI score0.04196EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/01/24 5:54 a.m.3 views

OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

6.8CVSS7.4AI score0.04196EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/01/16 1:39 p.m.2 views

OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

6.8CVSS7.4AI score0.04196EPSS
Exploits0References4
OSV
OSV
added 2015/11/09 3:59 a.m.1 views

DEBIAN-CVE-2015-2697

The buildprincipalva function in lib/krb5/krb/bldprinc.c in MIT Kerberos 5 aka krb5 before 1.14 allows remote authenticated users to cause a denial of service out-of-bounds read and KDC crash via an initial '\0' character in a long realm field within a TGS request...

4CVSS7.8AI score0.04128EPSS
Exploits0References1
exploitpack
exploitpack
added 2015/01/08 11:32 a.m.12 views

Windows-Kerberos-MS14-068

Microsoft Windows Server contains a flaw related to the checksum in the Kerberos Key Distribution Center KDC component. The issue is triggered when the component fails to properly validate signatures. This may allow an authenticated remote attacker to use a forged Kerberos ticket signature to gai...

1AI score
Exploits0
OSV
OSV
added 2014/08/11 1:20 p.m.4 views

USN-2310-1 krb5 vulnerabilities

It was discovered that Kerberos incorrectly handled certain crafted Draft 9 requests. A remote attacker could use this issue to cause the daemon to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. CVE-2012-1016 It was discovered that Kerberos incorrectly handled...

8.5CVSS7AI score0.08085EPSS
Exploits0References11
OSV
OSV
added 2013/04/19 11:44 a.m.2 views

DEBIAN-CVE-2013-1416

The prepreprocessreq function in dotgsreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service NULL pointer dereference and daemon crash via a...

4CVSS6.6AI score0.02921EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2011/12/06 9:18 p.m.4 views

(krb5kdc): NULL pointer dereference in the TGS handling (MITKRB5-SA-2011-007)

The processtgsreq function in dotgsreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.9 through 1.9.2 allows remote authenticated users to cause a denial of service NULL pointer dereference and daemon crash via a crafted TGS request that triggers an error other than the...

6.8CVSS6.9AI score0.02473EPSS
Exploits0References5
OSV
OSV
added 2010/12/02 4:22 p.m.2 views

DEBIAN-CVE-2010-4021

The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 does not properly restrict the use of TGT credentials for armoring TGS requests, which might allow remote authenticated users to impersonate a client by rewriting an inner request, aka a "KrbFastReq forgery issue."...

2.1CVSS6.4AI score0.02089EPSS
Exploits0References1
Snyk
Snyk
added 2010/12/02 4:22 p.m.3 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS. The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 does not properly restrict the use of TGT credentials for armoring TGS requests, which might allow remote authenticated users to impersonate a clie...

3.1CVSS6.5AI score0.02089EPSS
Exploits0References3
Rows per page
Query Builder