4 matches found
PKINITtools - Tools For Kerberos PKINIT And Relaying To AD CS
This repository contains some utilities for playing with PKINIT and certificates. The tools are built on minikerberos and impacket. Accompanying blogpost with more context: https://dirkjanm.io/ntlm-relaying-to-ad-certificate-services/ Installation These tools are only compatible with Python 3.5+...
CVE-2013-1415
The pkinitcheckkdcpkid function in plugins/preauth/pkinit/pkinitcryptoopenssl.c in the PKINIT implementation in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.10.4 and 1.11.x before 1.11.1 does not properly handle errors during extraction of fields from an X.509 certificate,...
CVE-2011-0284
Double free vulnerability in the prepareerroras function in doasreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 through 1.9, when the PKINIT feature is enabled, allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via an edat...
MITKRB5-SA-2011-003 [CVE-2011-0284] KDC double-free when PKINIT enabled
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MITKRB5-SA-2011-003 MIT krb5 Security Advisory 2011-003 Original release: 2011-03-15 Last update: 2011-03-15 Topic: KDC vulnerable to double-free when PKINIT enabled CVE-2011-0284 CVSSv2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C CVSSv2 Base...