EIP-2026-103960

PRE-CVE

Kerberos 4 4.0/5 5.0 - KDC Spoofing

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103960. PoCs published by Dug Song.

AI-analyzed exploit summary This is a technical writeup describing a vulnerability in Kerberos authentication where the login service fails to verify the KDC's authenticity if the service is not registered as a principal or lacks a secret key. An attacker can spoof KDC responses to illicitly log into the server.

Description

Kerberos 4 4.0/5 5.0 - KDC Spoofing

Exploits (1)

exploitdb WRITEUP VERIFIED

by Dug Song · textremotemultiple

https://www.exploit-db.com/exploits/20181

View Code ZIP pw:eip

This is a technical writeup describing a vulnerability in Kerberos authentication where the login service fails to verify the KDC's authenticity if the service is not registered as a principal or lacks a secret key. An attacker can spoof KDC responses to illicitly log into the server.

Classification

Writeup 90%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Theoretical

Target: Kerberos (unspecified version)

No auth needed

Prerequisites: Service not registered as a principal with the KDC · Service's secret key not installed on the host · Ability to spoof KDC responses

MITRE ATT&CK

T1556.003 - Pluggable Authentication Modules

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026