Lucene search
K

10 matches found

OSV
OSV
added 2023/08/07 7:15 p.m.6 views

UBUNTU-CVE-2023-36054

lib/kadm5/kadmrpcxdr.c in MIT Kerberos 5 aka krb5 before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because xdrkadm5principalentrec does not validate the relationship between nkeydata and the keydata array...

6.5CVSS7AI score0.02107EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2016/11/03 8:10 a.m.16 views

krb5: null pointer dereference in kadmin

A NULL pointer dereference flaw was found in MIT Kerberos kadmind service. An authenticated attacker with permission to modify a principal entry could use this flaw to cause kadmind to dereference a null pointer and crash by supplying an empty DB argument to the modifyprincipal command, if kadmin...

5.3CVSS7.2AI score0.39969EPSS
Exploits0References4
CNVD
CNVD
added 2016/02/18 12:0 a.m.3 views

MIT Kerberos 5 kadmind memory leak vulnerability

MIT Kerberos 5 also known as krb5 is the United States Massachusetts Institute of Technology MIT developed a set of network authentication protocols, which uses a client/server structure, and the client and server side can be authenticated to each other i.e., double authentication to prevent...

6.5CVSS7.7AI score0.04643EPSS
Exploits0References1
OSV
OSV
added 2016/02/13 2:59 a.m.1 views

DEBIAN-CVE-2015-8631

Multiple memory leaks in kadmin/server/serverstubs.c in kadmind in MIT Kerberos 5 aka krb5 before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service memory consumption via a request specifying a NULL principal name...

6.5CVSS6.8AI score0.04643EPSS
Exploits0References1
OSV
OSV
added 2016/02/13 2:59 a.m.3 views

ALPINE-CVE-2015-8630

The 1 kadm5createprincipal3 and 2 kadm5modifyprincipal functions in lib/kadm5/srv/svrprincipal.c in kadmind in MIT Kerberos 5 aka krb5 1.12.x and 1.13.x before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service NULL pointer dereference and daemon crash b...

7.5CVSS6.6AI score0.04291EPSS
Exploits0References1
CNVD
CNVD
added 2015/02/05 12:0 a.m.2 views

MIT krb5 kadmind remote code execution vulnerability

MIT krb5 also known as MIT Kerberos 5 is a set of network authentication protocols developed by the Massachusetts Institute of Technology MIT in the U.S. It adopts a client/server structure, and both the client and server side can authenticate each other i.e., double authentication, which prevent...

9CVSS8.4AI score0.06213EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/09/17 10:48 a.m.3 views

krb5: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001)

A buffer overflow was found in the KADM5 administration server kadmind when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind...

8.5CVSS7.2AI score0.08085EPSS
Exploits0References5
Snyk
Snyk
added 2011/04/15 12:55 a.m.2 views

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation. The processchpwrequest function in schpw.c in the password-changing functionality in kadmind in MIT Kerberos 5 aka krb5 1.7 through 1.9 frees an invalid pointer, which allows remote attackers to execute...

10CVSS7.9AI score0.17945EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2010/04/09 12:0 a.m.40 views

Ubuntu Update for krb5 vulnerabilities USN-924-1

Ubuntu Update for Linux kernel vulnerabilities USN-924-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9241.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for krb5 vulnerabilities USN-924-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

10CVSS0.1AI score0.05914EPSS
Exploits3References2
RedHat Linux
RedHat Linux
added 2010/04/06 11:7 p.m.33 views

krb5: kadmind use-after-free remote crash (MITKRB5-SA-2010-003)

Use-after-free vulnerability in kadmin/server/serverstubs.c in kadmind in MIT Kerberos 5 aka krb5 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service daemon crash via a request from a kadmin client that sends an invalid API version number...

6.5CVSS6.5AI score0.05469EPSS
Exploits1References4
Rows per page
Query Builder