33 matches found
EUVD-2001-0034
Malware in sbrugna...
EUVD-2001-0033
Malware in sbrugna...
EUVD-2001-0036
Malware in sbrugna...
EUVD-2002-0595
Malware in sbrugna...
EUVD-2001-0035
Malware in sbrugna...
KTH Kerberos 4 Arbitrary Proxy Usage Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2090/info Kerberos is a widely used network service authentication system. The version of Kerberos developed and maintained by KTH Swedish Royal Institute of Technology contains a vulnerability that may allow/assist in a...
CVE-2001-1443
CVE-2001-1443 affects KTH Kerberos IV and Kerberos V (Heimdal) used by Telnet clients. The root cause is that the Telnet connection is not encrypted when the server does not support the requested encryption, enabling a man-in-the-middle to read communications. The NVD entry lists a CVSS v2 base s...
CVE-2002-1235
The kadmserin function in 1 the Kerberos v4compatibility administration daemon kadmind4 in the MIT Kerberos 5 krb5 krb5-1.2.6 and earlier, 2 kadmind in KTH Kerberos 4 eBones before 1.2.1, and 3 kadmind in KTH Kerberos 5 Heimdal before 0.5.1 when compiled with Kerberos 4 support, does not properly...
CVE-2002-1235
The kadmserin function in 1 the Kerberos v4compatibility administration daemon kadmind4 in the MIT Kerberos 5 krb5 krb5-1.2.6 and earlier, 2 kadmind in KTH Kerberos 4 eBones before 1.2.1, and 3 kadmind in KTH Kerberos 5 Heimdal before 0.5.1 when compiled with Kerberos 4 support, does not properly...
CVE-2002-1235
CVE-2002-1235 describes a buffer overflow in the kadm_ser_in path of Kerberos tooling across multiple implementations: MIT Kerberos 5 kadmind4 (krb5-1.2.6 and earlier), KTH Kerberos 4 kadmind (ebones) before 1.2.1, and Heimdal kadmind before 0.5.1 when built with Kerberos 4 support. The underlyin...
CVE-2002-1235
The kadmserin function in 1 the Kerberos v4compatibility administration daemon kadmind4 in the MIT Kerberos 5 krb5 krb5-1.2.6 and earlier, 2 kadmind in KTH Kerberos 4 eBones before 1.2.1, and 3 kadmind in KTH Kerberos 5 Heimdal before 0.5.1 when compiled with Kerberos 4 support, does not properly...
CVE-2002-0600
Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote malicious servers to execute arbitrary code on the client via a long response to a passive PASV mode request...
CVE-2002-0600
Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote malicious servers to execute arbitrary code on the client via a long response to a passive PASV mode request...
CVE-2002-0600
The CVE-2002-0600 entry concerns a heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1. An attacker-controlled long response to a PASV (passive) FTP command can cause a heap overflow, enabling remote code execution on the client. Impact per NVD is high (CVSSv2: base score 7.5) with network att...
KTH Kerberos Telnet implementations do not strictly enforce client encryption request
Overview A vulnerability exists in the KTH Kerberos IV and Kerberos V Heimdal Telnet implementations. When a KTH Kerberos Telnet client requests data encryption and the server does not appear to support it, the client will establish the connection using no encryption. A properly located attacker...
CVE-2001-1443
KTH Kerberos IV and Kerberos V Heimdal for Telnet clients do not encrypt connections if the server does not support the requested encryption, which allows remote attackers to read communications via a man-in-the-middle attack...
CVE-2001-0033
CVE-2001-0033 affects KTH Kerberos IV. Local users can alter a Kerberos server’s configuration by supplying an alternate directory via the KRBCONFDIR environmental variable, enabling escalation of privileges. The description identifies the root cause as the ability to specify a custom configurati...
CVE-2001-0034
KTH Kerberos IV is affected by a local privilege issue where the krb4_proxy variable can be used to specify an alternate proxy, enabling a user to generate false proxy responses and potentially gain privileges. The vulnerability is local in scope, with impact described as complete confidentiality...
CVE-2001-0035
Buffer overflow in the kdcreplycipher function in KTH Kerberos IV allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long authentication request...
CVE-2001-0036
KTH Kerberos IV allows local users to overwrite arbitrary files via a symlink attack on a ticket file...