Lucene search
K

871 matches found

osv
osv
added 2007/09/06 10:17 p.m.2 views

DEBIAN-CVE-2007-4743

The original patch for CVE-2007-3999 in svcauthgss.c in the RPCSECGSS RPC library in MIT Kerberos 5 krb5 1.4 through 1.6.2, as used by the Kerberos administration daemon kadmind and other applications that use krb5, does not correctly check the buffer length in some environments and architectures...

10CVSS8.9AI score0.04615EPSS
Exploits0References1
osv
osv
added 2007/09/05 10:17 a.m.1 views

DEBIAN-CVE-2007-3999

Stack-based buffer overflow in the svcauthgssvalidate function in lib/rpc/svcauthgss.c in the RPCSECGSS RPC library librpcsecgss in MIT Kerberos 5 krb5 1.4 through 1.6.2, as used by the Kerberos administration daemon kadmind and some third-party applications that use krb5, allows remote attackers...

10CVSS8.9AI score0.10997EPSS
Exploits4References1
redhat
redhat
added 2007/09/04 6:13 p.m.7 views

krb5 RPC library buffer overflow

Stack-based buffer overflow in the svcauthgssvalidate function in lib/rpc/svcauthgss.c in the RPCSECGSS RPC library librpcsecgss in MIT Kerberos 5 krb5 1.4 through 1.6.2, as used by the Kerberos administration daemon kadmind and some third-party applications that use krb5, allows remote attackers...

10CVSS7.8AI score0.10997EPSS
Exploits4References4
nessus
nessus
added 2007/04/10 12:0 a.m.38 views

Debian DSA-1276-1 : krb5 - several vulnerabilities

Several remote vulnerabilities have been discovered in the MIT reference implementation of the Kerberos network authentication protocol suite, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-0956 It...

10CVSS9AI score0.29842EPSS
Exploits2References7
osv
osv
added 2007/04/06 1:19 a.m.1 views

DEBIAN-CVE-2007-1216

Double free vulnerability in the GSS-API library lib/gssapi/krb5/k5unseal.c, as used by the Kerberos administration daemon kadmind in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSECGSS RPC library, allows remote authenticated users to execute arbitrary code...

9CVSS8.4AI score0.09878EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2007/04/06 1:19 a.m.29 views

CVE-2007-1216

Double free vulnerability in the GSS-API library lib/gssapi/krb5/k5unseal.c, as used by the Kerberos administration daemon kadmind in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSECGSS RPC library, allows remote authenticated users to execute arbitrary code...

9CVSS7.5AI score0.09878EPSS
Exploits0References2
nvd
nvd
added 2007/04/06 1:19 a.m.19 views

CVE-2007-1216

Double free vulnerability in the GSS-API library lib/gssapi/krb5/k5unseal.c, as used by the Kerberos administration daemon kadmind in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSECGSS RPC library, allows remote authenticated users to execute arbitrary code...

9CVSS7.3AI score0.09878EPSS
Exploits0References35
prion
prion
added 2007/04/06 1:19 a.m.22 views

Double free

Double free vulnerability in the GSS-API library lib/gssapi/krb5/k5unseal.c, as used by the Kerberos administration daemon kadmind in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSECGSS RPC library, allows remote authenticated users to execute arbitrary code...

9CVSS7.3AI score0.09878EPSS
Exploits0References35Affected Software3
osv
osv
added 2007/04/06 1:19 a.m.14 views

CVE-2007-1216

Double free vulnerability in the GSS-API library lib/gssapi/krb5/k5unseal.c, as used by the Kerberos administration daemon kadmind in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSECGSS RPC library, allows remote authenticated users to execute arbitrary code...

7.2AI score
Exploits0References41
cvelist
cvelist
added 2007/04/06 1:0 a.m.29 views

CVE-2007-1216

Double free vulnerability in the GSS-API library lib/gssapi/krb5/k5unseal.c, as used by the Kerberos administration daemon kadmind in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSECGSS RPC library, allows remote authenticated users to execute arbitrary code...

9.3AI score0.09878EPSS
Exploits0References35
cve
cve
added 2007/04/06 1:0 a.m.102 views

CVE-2007-1216

CVE-2007-1216 is a double-free vulnerability in the MIT Kerberos 5 GSS-API library (libgssapi/krb5/k5unseal.c) used by kadmind, exploitable when the RPCSEC_GSS authentication method is involved. It affects MIT krb5 prior to version 1.6.1, enabling remote authenticated users to execute arbitrary c...

9CVSS9.3AI score0.09878EPSS
Exploits0References35Affected Software1
debiancve
debiancve
added 2007/04/06 1:0 a.m.24 views

CVE-2007-1216

Double free vulnerability in the GSS-API library lib/gssapi/krb5/k5unseal.c, as used by the Kerberos administration daemon kadmind in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSECGSS RPC library, allows remote authenticated users to execute arbitrary code...

9CVSS7.3AI score0.09878EPSS
Exploits0
ubuntu
ubuntu
added 2007/04/04 1:34 a.m.66 views

USN-449-1: krb5 vulnerabilities

The krb5 telnet service did not appropriately verify user names. A remote attacker could log in as the root user by requesting a specially crafted user name. CVE-2007-0956 The krb5 syslog library did not correctly verify the size of log messages. A remote attacker could send a specially crafted...

10CVSS8.6AI score0.29842EPSS
Exploits2
securityvulns
securityvulns
added 2007/04/04 12:0 a.m.58 views

MITKRB5-SA-2007-003: double-free vulnerability in kadmind (via GSS-API library) [CVE-2007-1216]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MIT krb5 Security Advisory 2007-003 Original release: 2007-04-03 Last update: 2007-04-03 Topic: double-free vulnerability in kadmind via GSS-API library Severity: CRITICAL CVE: CVE-2007-1216 CERT: VU419344 SUMMARY ======= The MIT krb5 Kerberos...

8.5CVSS9.6AI score0.09878EPSS
Exploits0
securityvulns
securityvulns
added 2007/04/04 12:0 a.m.50 views

US-CERT Technical Cyber Security Alert TA07-093B -- MIT Kerberos Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-093B MIT Kerberos Vulnerabilities Original release date: April 03, 2007 Last revised: -- Source: US-CERT Systems Affected MIT Kerberos Other products based on the GSS-API or the RPC...

1AI score
Exploits0
cert
cert
added 2007/04/03 12:0 a.m.42 views

MIT Kerberos 5 GSS-API library double-free vulnerability

Overview The GSS-API library provided with MIT krb5 contains a vulnerability that may allow a remote, authenticated attacker to execute arbitrary code or cause a denial of service. Description A vulnerability in the way the GSS-API library provided with MIT krb5 handles messages with an invalid...

9CVSS9.4AI score0.09878EPSS
Exploits0References8
nessus
nessus
added 2007/02/18 12:0 a.m.32 views

SUSE-SA:2007:004: krb5

The remote host is missing the patch for the advisory SUSE-SA:2007:004 krb5. Various bugs in the Kerberos5 libraries and tools were fixed which could be used by remote attackers to crash and potentially execute code in kadmind. - CVE-2006-6144 / MITKRB5-SA-2006-002: the RPC library could call an...

9.3CVSS8.1AI score0.07926EPSS
Exploits0
cve
cve
added 2007/01/10 12:0 a.m.75 views

CVE-2006-6144

CVE-2006-6144 concerns the GSS-API mechglue in MIT Kerberos 5. The vulnerability affects Kerberos 5 implementations using the mechglue abstraction (Kerberos 5 up to 1.5.1, as used by kadmind and other products that rely on the GSS-API library). The issue is that a remote attacker can trigger a de...

5CVSS9.1AI score0.05216EPSS
Exploits0References22Affected Software1
debiancve
debiancve
added 2007/01/10 12:0 a.m.36 views

CVE-2006-6144

The "mechglue" abstraction interface of the GSS-API library for Kerberos 5 1.5 through 1.5.1, as used in Kerberos administration daemon kadmind and other products that use this library, allows remote attackers to cause a denial of service crash via unspecified vectors that cause mechglue to free...

5CVSS6.3AI score0.05216EPSS
Exploits0
securityvulns
securityvulns
added 2007/01/09 12:0 a.m.55 views

GSS-API library / MIT Kerberos kadmind (uninitialized pointer free)

free of unallocated memory pointer in mechglue GSS API layer...

5CVSS3.7AI score0.05216EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder