EUVD-2002-1210

Malware in sbrugna...

EUVD-2002-1209

Malware in sbrugna...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Cloudera Manager 5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 Template Name field when renaming a template; 2 KDC Server host, 3 Kerberos Security Realm, 4 Kerberos Encryption Types, 5 Advanced...

MIT Kerberos 5 KDC prep_reprocess_req NULL Pointer Dereference (CVE-2013-1416)

A denial-of-service vulnerability exists in MIT Kerberos 5 KDC server...

MIT Kerberos 5 KDC pkinit_check_kdc_pkid NULL Pointer Dereference (CVE-2013-1415)

A denial-of-service vulnerability has been reported in the MIT Kerberos 5 KDC server. The vulnerability is due to a free of a NULL pointer in the pkinitcheckkdcpkid function while processing malformed requests. A remote unauthenticated attacker can exploit this vulnerability by sending specially...

MIT Kerberos KDC LDAP Back Null Pointer Dereference Denial of Service (CVE-2011-1527)

A denial of service vulnerability has been reported in the MIT Kerberos KDC server...

MIT Kerberos KDC Ticket Validation Double Free Memory Corruption (CVE-2010-1320)

Kerberos is a protocol that allows for the negotiation of an authenticated, and optionally encrypted, communication channel between two points on a network. MIT Kerberos V5 is an implementation of this protocol. A memory corruption vulnerability exists in the MIT Kerberos KDC server. The...

Ubuntu 4.10 / 5.04 : krb4, krb5 vulnerabilities (USN-224-1)

Gael Delalleau discovered a buffer overflow in the envoptadd function of the Kerberos 4 and 5 telnet clients. By sending specially crafted replies, a malicious telnet server could exploit this to execute arbitrary code with the privileges of the user running the telnet client. CVE-2005-0468 Gael...

USN-224-1: Kerberos vulnerabilities

Gaël Delalleau discovered a buffer overflow in the envoptadd function of the Kerberos 4 and 5 telnet clients. By sending specially crafted replies, a malicious telnet server could exploit this to execute arbitrary code with the privileges of the user running the telnet client. CVE-2005-0468 Gaël...

MIT Kerberos 5 ASN.1 decoding functions insecurely deallocate memory (double-free)

Overview The MIT Kerberos 5 library does not securely deallocate heap memory when decoding ASN.1 structures, resulting in double-free vulnerabilities. An unauthenticated, remote attacker could execute arbitrary code on a KDC server, which could compromise an entire Kerberos realm. An attacker may...

CVE-2002-1226

Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the 1 kadmind and 2 kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows CVE-2002-1225...

CVE-2002-1226

Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the 1 kadmind and 2 kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows CVE-2002-1225...

DEBIAN-CVE-2002-1225

Multiple buffer overflows in Heimdal before 0.5, possibly in both the 1 kadmind and 2 kdc servers, may allow remote attackers to gain root access...

CVE-2002-1226

Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the 1 kadmind and 2 kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows CVE-2002-1225...

CVE-2002-1226

Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the 1 kadmind and 2 kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows CVE-2002-1225...