漏洞描述
Kerberos中存在拒绝服务漏洞,该漏洞是由process_tgs_req()函数中的一个空指针解引用引起。函数中某些特殊的失败条件会导致helper函数返回成功值。
Kerberos Cross-Realm Referrals KDC空指针解引用拒绝服务漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2016-15041: MainWP Dashboard <= 3.1.2 - Stored Cross-Site Scripting
- POC CVE-2019-12935: Shopware < 5.5.8 - Cross-Site Scripting
- POC CVE-2024-29137: WordPress Tourfic Plugin <= 2.11.7 - Cross-Site Scripting
- POC CVE-2024-29792: Unlimited Elements for Elementor <= 1.5.93 - Cross Site Scripting
- POC CVE-2025-46549: YesWiki <= 4.5.1 - Cross-Site Scripting
- POC CVE-2025-46550: YesWiki < 4.5.4 - Cross-Site Scripting
- POC CVE-2024-29138: WordPress Restrict User Access <= 2.5 - Cross-Site Scripting
- POC CVE-2017-20192: Formidable Forms < 2.05.02 - Cross-Site Scripting
- POC CVE-2021-24213: GiveWP <= 2.9.7 - Cross-Site Scripting
- POC CVE-2021-24657: Limit Login Attempts WordPress - Stored Cross-site Scripting
- POC CVE-2021-24681: Duplicate Page WordPress - Stored Cross-Site Scripting
- POC CVE-2022-0765: WordPress Loco Translate < 2.6.1 - Cross-Site Scripting
- POC CVE-2022-0873: WordPress Gmedia Photo Gallery Plugin < 1.20.0 - Cross-Site Scripting