漏洞描述
Kerberos中存在拒绝服务漏洞,该漏洞是由process_tgs_req()函数中的一个空指针解引用引起。函数中某些特殊的失败条件会导致helper函数返回成功值。
Kerberos Cross-Realm Referrals KDC空指针解引用拒绝服务漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2025-51990: XWiki – Stored Cross-Site Scripting (XSS)
- POC CVE-2024-50857: GestioIP - Reflected Cross-Site Scripting
- POC CVE-2024-28623: RiteCMS 3.0.0 - Cross-site Scripting
- POC CVE-2018-25031: Swagger UI < 3.38.0 - Cross-Site Scripting
- POC CVE-2022-29455-headless: WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting
- POC CVE-2025-24752: Essential Addons for Elementor < 6.0.15 - Cross-Site Scripting
- POC CVE-2025-25062: Backdrop CMS - Cross-Site Scripting
- POC CVE-2025-50738: Memos < 0.25.0 - Stored Cross-Site Scripting
- POC CVE-2025-8191: Swagger UI >=3.14.1 < 3.38.0 - DOM Based Cross-Site Scripting
- POC CVE-2002-1131: SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting
- POC CVE-2004-0519: SquirrelMail 1.4.x - Folder Name Cross-Site Scripting
- POC CVE-2005-4385: Cofax <=2.0RC3 - Cross-Site Scripting
- POC CVE-2006-1681: Cherokee HTTPD <=0.5 - Cross-Site Scripting