31 matches found
krb5: integer overflow vulnerabilities in PAC parsing
A vulnerability was found in MIT krb5. This flaw allows an authenticated attacker to cause a KDC or kadmind process to crash by reading beyond the bounds of allocated memory, creating a denial of service. A privileged attacker may similarly be able to cause a Kerberos or GSS application service t...
USN-4530-1 debian-lan-config vulnerabilities
Wolfgang Schweer discovered that Debian-LAN did not properly handle ACLs for the Kerberos admin server. A local attacker could possibly use this issue to change the passwords of other users, leading to root privilege escalation. CVE-2019-3467...
Debian DLA-2041-1 : debian-edu-config security update
It was discovered that debian-edu-config, the package containing the configuration files and scripts for Debian Edu Skolelinux, contained an insecure configuration for kadmin, the Kerberos administration server. The insecure configuration allowed every user to change other users' passwords, thus...
Privilege Escalation
Kerberos is vulnerable to privilege escalation. The the MIT Kerberos administration server kadmind incorrectly accepted certain authentication requests for two-component server principal names. A remote attacker able to acquire a key with a particularly named principal such as "kad/x" could use...
krb5: kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)
It was found that the MIT Kerberos administration server kadmind incorrectly accepted certain authentication requests for two-component server principal names. A remote attacker able to acquire a key with a particularly named principal such as "kad/x" could use this flaw to impersonate any user t...
Moderate: Red Hat Security Advisory: krb5 security update
Updated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available fo...
krb5: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001)
A buffer overflow was found in the KADM5 administration server kadmind when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind...
RedHat Update for krb5 RHSA-2011:0447-01
Check for the Version of krb5 OpenVAS Vulnerability Test RedHat Update for krb5 RHSA-2011:0447-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
CentOS Update for krb5-devel CESA-2010:0343 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
RHEL 5 : krb5 (RHSA-2010:0343)
Updated krb5 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
openSUSE Security Update : krb5 (krb5-2188)
MITKRB5-SA-2010-002: unauthenticated remote attacker could cause a GSS-API application including the Kerberos administration daemon kadmind to crash. CVE-2010-0628 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
krb5 -- multiple denial of service vulnerabilities
Two vulnerabilities in krb5 can be used by remote attackers in denial of service attacks. The MIT security advisories report this as follows: An unauthenticated remote attacker can send an invalid request to a KDC process that will cause it to crash due to an assertion failure, creating a denial ...
CVE-2007-4000
The kadm5modifypolicyinternal function in lib/kadm5/srv/svrpolicy.c in the Kerberos administration daemon kadmind in MIT Kerberos 5 krb5 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy"...
CVE-2007-4000
The kadm5modifypolicyinternal function in lib/kadm5/srv/svrpolicy.c in the Kerberos administration daemon kadmind in MIT Kerberos 5 krb5 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy"...
CVE-2007-1216
Double free vulnerability in the GSS-API library lib/gssapi/krb5/k5unseal.c, as used by the Kerberos administration daemon kadmind in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSECGSS RPC library, allows remote authenticated users to execute arbitrary code...
CVE-2007-0957
Stack-based buffer overflow in the krb5klogsyslog function in the kadm5 library, as used by the Kerberos administration daemon kadmind and Key Distribution Center KDC, in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via...
CVE-2007-1216
Double free vulnerability in the GSS-API library lib/gssapi/krb5/k5unseal.c, as used by the Kerberos administration daemon kadmind in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSECGSS RPC library, allows remote authenticated users to execute arbitrary code...
DEBIAN-CVE-2007-0957
Stack-based buffer overflow in the krb5klogsyslog function in the kadm5 library, as used by the Kerberos administration daemon kadmind and Key Distribution Center KDC, in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via...
CVE-2007-1216
Double free vulnerability in the GSS-API library lib/gssapi/krb5/k5unseal.c, as used by the Kerberos administration daemon kadmind in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSECGSS RPC library, allows remote authenticated users to execute arbitrary code...
CVE-2007-0957
Stack-based buffer overflow in the krb5klogsyslog function in the kadm5 library, as used by the Kerberos administration daemon kadmind and Key Distribution Center KDC, in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via...