48 matches found
CVE-1999-0143
Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys...
EUVD-2001-0414
Malware in sbrugna...
EUVD-1999-1080
Malware in sbrugna...
EUVD-2000-0543
Malware in sbrugna...
EUVD-2000-0545
Malware in sbrugna...
EUVD-2000-0544
Malware in sbrugna...
EUVD-1999-1079
Malware in sbrugna...
EUVD-1999-0143
Malware in sbrugna...
KTH Kerberos 4 Arbitrary Proxy Usage Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2090/info Kerberos is a widely used network service authentication system. The version of Kerberos developed and maintained by KTH Swedish Royal Institute of Technology contains a vulnerability that may allow/assist in a...
OpenSSH 2.x/3.x Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4560/info A buffer overflow condition exists in the OpenSSH server. The condition is exploitable by attackers with valid user credentials in versions 2.9.9 and higher. Exploitation does not require valid user credentials ...
Cygnus Network Security 4.0/KerbNet 5.0,MIT Kerberos 4/5,RedHat 6.2 Compatibility krb_rd_req() Buffer Overflow (1)
No description provided by source. source: http://www.securityfocus.com/bid/1220/info Several buffer overflow vulnerabilities exist in Kerberos 5 implmenetations due to buffer overflows in the Kerberos 4 compatability code. These include MIT Kerberos 5 releases 1.0.x, 1.1 and 1.1.1, MIT Kerberos ...
Cygnus Network Security 4.0/KerbNet 5.0,MIT Kerberos 4/5,RedHat 6.2 Compatibility krb_rd_req() Buffer Overflow (2)
No description provided by source. source: http://www.securityfocus.com/bid/1220/info Several buffer overflow vulnerabilities exist in Kerberos 5 implmenetations due to buffer overflows in the Kerberos 4 compatability code. These include MIT Kerberos 5 releases 1.0.x, 1.1 and 1.1.1, MIT Kerberos ...
FreeBSD : heimdal kadmind remote heap buffer overflow (446dbecb-9edc-11d8-9366-0020ed76ef5a)
An input validation error was discovered in the kadmind code that handles the framing of Kerberos 4 compatibility administration requests. The code assumed that the length given in the framing was always two or more bytes. Smaller lengths will cause kadmind to read an arbitrary amount of data int...
CVE-2008-0063
The Kerberos 4 support in KDC in MIT Kerberos 5 krb5kdc does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."...
CVE-2008-0063
The Kerberos 4 support in KDC in MIT Kerberos 5 krb5kdc does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."...
CVE-2008-0063
The Kerberos 4 support in KDC in MIT Kerberos 5 krb5kdc does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."...
CVE-2008-0063
CVE-2008-0063 affects MIT Kerberos 5 (krb5kdc) where Kerberos v4 support leaves an unused buffer uncleared when generating error messages. This can allow remote attackers to read sensitive information from memory. Public advisories across multiple vendors (e.g., MiracleLinux AXSA-2008-345/AXSA-20...
OpenLDAP服务器Kerberos 4 Bind请求远程栈溢出漏洞
OpenLDAP是一款开放源代码的轻量级目录访问协议LDAP实现。 OpenLDAP在处理Kerberos Bind请求时存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞在服务器上执行任意指令。 OpenLDAP代码的servers/slapd/kerberos.c文件中的krbv4ldapauth函数存在缓冲区溢出漏洞,该函数处理指定了LDAPAUTHKRBV41认证方式的LDAP...
GLSA-200405-23 : Heimdal: Kerberos 4 buffer overflow in kadmin
The remote host is affected by the vulnerability described in GLSA-200405-23 Heimdal: Kerberos 4 buffer overflow in kadmin A buffer overflow was discovered in kadmind, a server for administrative access to the Kerberos database. Impact : By sending a specially formatted message to kadmind, a remo...
CVE-2004-0434
k5admind kadmind for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow...