vulnerability

FreeBSD: VID-2acdf364-9f8d-4aaf-8d1b-867fdfd771c6 (CVE-2015-3206): py-kerberos -- DoS and MitM vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	Apr 10, 2023	Apr 14, 2023	Dec 10, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Apr 10, 2023

Added

Apr 14, 2023

Modified

Dec 10, 2025

Description

macosforgebot reports: The checkPassword function in python-kerberos does not authenticate the KDC it attempts to communicate with, which allows remote attackers to cause a denial of service (bad response), or have other unspecified impact by performing a man-in-the-middle attack.

Solutions

freebsd-upgrade-package-py37-kerberosfreebsd-upgrade-package-py38-kerberosfreebsd-upgrade-package-py39-kerberosfreebsd-upgrade-package-py310-kerberosfreebsd-upgrade-package-py311-kerberos

References

CVE-2015-3206
https://attackerkb.com/topics/CVE-2015-3206
CWE-287

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today