33 matches found
CVE-2001-0554
CVE-2001-0554 affects netkit-telnetd (Telnet daemon) on BSD-based systems, via a buffer overflow in in.telnetd/telrcv handling (triggered by certain Telnet options such as AYT). OpenVAS entries describe a remote attacker potentially causing denial of service or gaining remote code execution; at l...
CVE-2018-20217
CVE-2018-20217 affects MIT Kerberos 5 (krb5) KDC prior to patch level; a reachable assertion can be triggered in the KDC if an attacker obtains a krbtgt ticket with an old encryption type (DES/RC4) and issues an S4U2Self request, potentially crashing the KDC. Public advisories note the vulnerabil...
CVE-2014-4342
CVE-2014-4342 affects MIT Kerberos 5 (krb5) 1.7.x through 1.12.x before 1.12.2. The vulnerability arises in GSSAPI session handling: remote injection of invalid tokens can trigger a buffer over-read or NULL pointer dereference, causing the targeted application to crash (DoS). Affected records in ...
CVE-2017-11368
MIT Kerberos krb5 (krb5kdc) is affected by CVE-2017-11368: an authenticated attacker can cause a KDC assertion failure (denial of service) by sending invalid S4U2Self or S4U2Proxy requests. The issue is documented across multiple advisories (Arch, CentOS/Red Hat, and ALAS) with remediation involv...
CVE-2010-1323
CVE-2010-1323 concerns MIT Kerberos 5 (krb5) with vulnerable checksums in versions 1.3.x–1.8.3. The issue may allow remote attackers to modify user-visible prompt text, alter KDC responses, or forge a KRB-SAFE message when checksums are unkeyed or RC4-based. Connected documents indicate affected ...
CVE-2009-0844
The CVE entry CVE-2009-0844 (and related CVEs 2009-0845, 2009-0846, 2009-0847) concerns MIT Kerberos 5 (krb5) SPNEGO. The get_input_token function in the SPNEGO implementation (krb5 1.5–1.6.3) allows remote attackers to trigger a buffer over-read via a crafted length value, enabling denial of ser...
CVE-2018-5710
MIT Kerberos 5 (krb5) up to 1.16 is affected by CVE-2018-5710 (along with CVE-2018-5729, CVE-2018-5730). The issue is in KDC’s plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c where a NULL string is passed to strlen, enabling a remote authenticated user to cause a denial of service via a modified k...
CVE-2018-5709
Technical details for CVE-2018-5709 are not provided in the connected documents; the available information comes only from the Initial Description.
CVE-2009-0845
Summary of CVE-2009-0845 details from provided sources : The SPNEGO implementation in MIT Kerberos 5 (krb5) up to version 1.6.3 is affected. Specifically, in spnego_mech.c, the spnego_gss_accept_sec_context path can be triggered when SPNEGO is used with invalid ContextFlags data in a negTokenInit...
CVE-2009-4212
CVE-2009-4212 affects MIT Kerberos 5 (krb5) crypto library, impacting the AES and RC4 decryption paths. Versions 1.3–1.6.3 and 1.7 before 1.7.1 are vulnerable to multiple integer underflows when processing ciphertext that is too short to be valid. This can cause a daemon crash (DoS) and, in some ...
CVE-2009-0847
CVE-2009-0847 affects MIT Kerberos 5 (krb5) SPNEGO/GSS-API and the ASN.1 decoder. The OVMSA-2009-0003 advisory documents that 1.5–1.6.3 krb5 releases are vulnerable to crafted DER/length values, enabling remote attackers to crash daemons (and potentially execute code) due to length validation and...
CVE-2013-6800
CVE-2013-6800 affects MIT Kerberos v5 (krb5) 1.10.x when the KDC serves multiple realms. The vulnerability is a NULL pointer dereference in setup_server_realm() that can be triggered by a crafted request, causing a DoS/daemon crash by remote authenticated users. Public notices in Debian (DLA-1265...
CVE-2004-0523
CVE-2004-0523 relates to MIT Kerberos 5 (krb5) 1.3.3 and earlier, where multiple buffer overflows in krb5_aname_to_localname allow a remote attacker to execute arbitrary code as root. Public details describe the vulnerability, its impact, and vendor responses. Affected products include MIT Kerber...
CVE-2003-0139
The connected Debian advisory (DSA-266-1) confirms CVE-2003-0139 concerns MIT Kerberos 4 (krb4) weaknesses in the krb5 distribution. Specifically, when using triple-DES keys to protect krb4 services, an attacker can craft krb4 tickets for unauthorized principals via a cut-and-paste/ticket-splicin...
CVE-1999-0143
Technical details (affected software/versions, root cause, impact) are not publicly provided in the connected documents; monitor for updates.
CVE-2003-0138
CVE-2003-0138 affects Version 4 of the Kerberos protocol (krb4) as used in Heimdal and related packages. The vulnerability enables an attacker to impersonate any principal in a realm via a chosen-plaintext attack, exposing authentication to impersonation within that realm. The provided documents ...
CVE-2010-0283
CVE-2010-0283 affects MIT Kerberos 5 (krb5) in versions: 1.7 prior to 1.7.2 and 1.8 alpha. A remote attacker can trigger an assertion failure by sending invalid AS-REQ or TGS-REQ requests, causing a denial of service (daemon crash). Public sources in the OpenVAS/Gentoo/Ubuntu disclosures corrobor...
CVE-2014-5354
MIT Kerberos 5 (krb5) 1.12.x and 1.13.x before 1.13.1 is vulnerable when the KDC uses LDAP: ldap_principal2.c can NULL-deref if a keyless principal is added (e.g., kadmin -nokey), leading to a denial of service via daemon crash. The vulnerability requires authentication and arises from specific L...
CVE-2003-0072
CVE-2003-0072 describes a remote, authenticated denial-of-service in the Kerberos 5 Key Distribution Center (KDC) for krb5 1.2.7 and earlier. A specific protocol request can trigger an out-of-bounds read of an array, crashing KDCs within the same realm. Connected advisories reference this CVE amo...
CVE-2011-0281
CVE-2011-0281 affects MIT Kerberos 5 (krb5) in the KDC LDAP backend, where the unparse logic can be triggered by a principal name containing a backslash escape sequence (demonstrated by a \n), causing remote denial of service via file descriptor exhaustion and daemon hang. Affected versions span ...
CVE-2011-0282
CVE-2011-0282 affects MIT Kerberos 5 KDC (krb5) when using an LDAP backend, with versions 1.6.x through 1.9. The vulnerability allows remote, unauthenticated attackers to cause a denial of service via a crafted principal name, triggering a NULL pointer dereference or a buffer over-read that can c...
CVE-2000-0546
The CVE-2000-0546 entry concerns the Kerberos 4 KDC. The vulnerability is a buffer overflow in the KDC’s set_tgtkey function triggered by the lastrealm variable, leading to remote denial of service. Affected component: Kerberos 4 KDC (set_tgtkey). Impact is described as denial of service via netw...
CVE-2000-0548
CVE-2000-0548 describes a buffer overflow in the Kerberos 4 KDC program triggered by the e_msg variable in the kerb_err_reply function. This allows remote attackers to cause a Denial of Service over the network. The NVD entry lists network attack vector, low complexity, and no authentication requ...
CVE-2003-0082
The CVE-2003-0082 issue affects the KDC in Kerberos 5 (krb5) 1.2.7 and earlier. A remote, authenticated attacker can trigger a protocol request that causes the KDC to corrupt its heap (buffer underrun), leading to a denial of service (KDC crash) within the same realm. The connected advisories con...
CVE-2000-0390
CVE-2000-0390 describes a buffer overflow in the krb425_conv_principal function of Kerberos 5. The vulnerability allows remote attackers to gain root privileges via the affected Kerberos 5 component. Documents identify the root cause as a buffer overflow in the krb425_conv_principal routine, with...
CVE-2000-0389
CVE-2000-0389 describes a buffer overflow in the krb_rd_req function used by Kerberos 4 and Kerberos 5, enabling remote attackers to gain root privileges. The vulnerability is evidenced across multiple feeds (NVD, CVE List, Nessus plugin) and linked advisories (CERT CA-2000-06, Bugtraq/archives)....
CVE-2000-0392
CVE-2000-0392 : Buffer overflow in the Kerberos 5 ksu utility allows local users to gain root privileges. Documented by NVD/CVE records and CERT advisory CA-2000-06, with historical vendor references (e.g., RHSA-2000-025). Some sources (SNYK) note no fixed version for kerb5; others provide vendor...
CVE-2000-0549
CVE-2000-0549 affects Kerberos 4 KDC by not properly checking for null termination in AUTH_MSG_KDC_REQUEST, enabling remote attackers to cause denial of service via a malformed request. The available sources describe the issue as a null-termination handling flaw in the KDC protocol message proces...
CVE-2000-0391
CVE-2000-0391 describes a buffer overflow in krshd of Kerberos 5, allowing remote attackers to gain root privileges. The vulnerability affects krb5’s krshd component and is described with a high impact (remote code execution with root privileges). Exploitation details are not provided in the docu...
CVE-2000-0547
Technical details (affected software, root cause, patch) are not provided in the supplied documents; monitor for updates.
CVE-2000-0550
CVE-2000-0550 concerns Kerberos 4 KDC memory handling. The vulnerability is a double-free of memory in the Kerberos 4 KDC, enabling a remote attacker to cause a denial of service . The affected component is the Kerberos 4 KDC program; root cause is improper memory deallocation leading to potentia...
CVE-1999-1321
The CVE-1999-1321 entry concerns the SSH 1.2.26 client with Kerberos V enabled. A buffer overflow in handling a long DNS hostname during TGT ticket passing could allow remote attackers to cause a denial of service or execute arbitrary commands. The vulnerability details are drawn from the NVD/CVE...
CVE-2001-0417
The CVE-2001-0417 entry concerns Kerberos 4 (krb4) where local users can overwrite arbitrary files via a symlink attack on new ticket files. The connected records corroborate a local-privilege impact vector with a partial integrity impact, and a low overall CVSS score (2.1/10, AV:L/AC:L/Au:N/I:P/...