Python · Python-Kerberos · CVE-2015-3206
**Name of the Vulnerable Software and Affected Versions**
python-kerberos (affected versions not specified)
**Description**
The issue concerns the `checkPassword` function in python-kerberos, which fails to authenticate the KDC it attempts to communicate with. This allows remote attackers to cause a denial of service or have other unspecified impact by performing a man-in-the-middle attack.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.