Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MitKerberos 5

137 matches found

CVE
CVEadded 2010/03/25 10:30 p.m.54 views

CVE-2010-0628

The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid packet that t...

5CVSS6.3AI score0.01037EPSS
CVE
CVEadded 2007/01/10 12:0 a.m.53 views

CVE-2006-6144

The "mechglue" abstraction interface of the GSS-API library for Kerberos 5 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, allows remote attackers to cause a denial of service (crash) via unspecified vectors that cause mechglue to fre...

5CVSS9.1AI score0.26457EPSS
CVE
CVEadded 2007/09/05 10:17 a.m.53 views

CVE-2007-4000

The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify poli...

8.5CVSS9.2AI score0.10426EPSS
CVE
CVEadded 2011/02/10 6:0 p.m.53 views

CVE-2011-0282

The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name.

5CVSS5.3AI score0.10466EPSS
CVE
CVEadded 2000/07/12 4:0 a.m.52 views

CVE-2000-0392

Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges.

7.2CVSS6.8AI score0.00114EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.52 views

CVE-2003-0059

Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys.

7.5CVSS9.4AI score0.03221EPSS
CVE
CVEadded 2007/01/10 12:0 a.m.52 views

CVE-2006-6143

The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possi...

9.3CVSS7.5AI score0.28213EPSS
CVE
CVEadded 2007/12/06 2:46 a.m.52 views

CVE-2007-5902

Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote attackers to have an unknown impact via a large length value for a GSS client name in an RPC request.

10CVSS6.5AI score0.04002EPSS
CVE
CVEadded 2000/01/04 5:0 a.m.51 views

CVE-1999-0713

The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges.

7.2CVSS7AI score0.00038EPSS
CVE
CVEadded 2000/10/13 4:0 a.m.51 views

CVE-2000-0548

Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the e_msg variable in the kerb_err_reply function.

5CVSS7.2AI score0.03418EPSS
CVE
CVEadded 2011/04/15 12:55 a.m.51 views

CVE-2011-0285

The process_chpw_request function in schpw.c in the password-changing functionality in kadmind in MIT Kerberos 5 (aka krb5) 1.7 through 1.9 frees an invalid pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted request that trigge...

10CVSS6AI score0.51658EPSS
CVE
CVEadded 2013/03/05 4:54 a.m.51 views

CVE-2012-1016

The pkinit_server_return_padata function in plugins/preauth/pkinit/pkinit_srv.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 attempts to find an agility KDF identifier in inappropriate circumstances, which allows remote attackers to ca...

5CVSS6.2AI score0.00643EPSS
CVE
CVEadded 2010/04/22 2:30 p.m.50 views

CVE-2010-1320

Double free vulnerability in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x before 1.8.2 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a request associated with (1) renewal or (2) ...

4CVSS6.9AI score0.14121EPSS
CVE
CVEadded 2000/07/12 4:0 a.m.49 views

CVE-2000-0389

Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges.

10CVSS7.3AI score0.11008EPSS
CVE
CVEadded 2000/07/12 4:0 a.m.49 views

CVE-2000-0390

Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.

10CVSS7.6AI score0.08485EPSS
CVE
CVEadded 2003/04/02 5:0 a.m.49 views

CVE-2003-0082

The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap (aka "buffer underrun").

5CVSS9.1AI score0.02512EPSS
CVE
CVEadded 2004/12/31 5:0 a.m.49 views

CVE-2004-1189

The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an array index out-of-bounds error and may allow authen...

7.2CVSS9.6AI score0.00088EPSS
CVE
CVEadded 2007/12/06 2:46 a.m.49 views

CVE-2007-5901

Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code.

6.9CVSS7.7AI score0.0008EPSS
CVE
CVEadded 2008/03/19 12:44 a.m.49 views

CVE-2008-0947

Buffer overflow in the RPC library used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.4 through 1.6.3 allows remote attackers to execute arbitrary code by triggering a large number of open file descriptors.

10CVSS9.8AI score0.35264EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.48 views

CVE-2002-0036

Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value.

5CVSS9.1AI score0.1901EPSS
CVE
CVEadded 2007/12/06 2:46 a.m.48 views

CVE-2007-5972

Double free vulnerability in the krb5_def_store_mkey function in lib/kdb/kdb_default.c in MIT Kerberos 5 (krb5) 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to sto...

9CVSS6.2AI score0.01689EPSS
CVE
CVEadded 2000/10/13 4:0 a.m.47 views

CVE-2000-0514

GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict access to some FTP commands, which allows remote attackers to cause a denial of service, and local users to gain root privileges.

10CVSS7.2AI score0.00928EPSS
CVE
CVEadded 2007/12/06 2:46 a.m.47 views

CVE-2007-5971

Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors.

6.9CVSS7.8AI score0.00051EPSS
CVE
CVEadded 2000/07/12 4:0 a.m.46 views

CVE-2000-0391

Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges.

10CVSS7.6AI score0.08485EPSS
CVE
CVEadded 2002/11/04 5:0 a.m.46 views

CVE-2002-1235

The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, doe...

10CVSS7.7AI score0.32917EPSS
CVE
CVEadded 2007/09/06 10:17 p.m.46 views

CVE-2007-4743

The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and other applications that use krb5, does not correctly check the buffer length in some environments and architec...

10CVSS8.4AI score0.29941EPSS
CVE
CVEadded 2007/12/06 2:46 a.m.46 views

CVE-2007-5894

The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 (krb5) does not initialize the length variable when auth_type has a certain value, which has unknown impact and remote authenticated attack vectors. NOTE: the original disclosure misidentifies the conditions under which the uninitial...

9.3CVSS9.1AI score0.02245EPSS
CVE
CVEadded 2011/03/20 2:0 a.m.46 views

CVE-2011-0284

Double free vulnerability in the prepare_error_as function in do_as_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 through 1.9, when the PKINIT feature is enabled, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via...

7.6CVSS6.3AI score0.24188EPSS
CVE
CVEadded 2012/06/07 7:55 p.m.45 views

CVE-2012-1012

server/server_stubs.c in the kadmin protocol implementation in MIT Kerberos 5 (aka krb5) 1.10 before 1.10.1 does not properly restrict access to (1) SET_STRING and (2) GET_STRINGS operations, which might allow remote authenticated administrators to modify or read string attributes by leveraging the...

5.5CVSS6AI score0.00189EPSS
CVE
CVEadded 2000/10/13 4:0 a.m.44 views

CVE-2000-0550

Kerberos 4 KDC program improperly frees memory twice (aka "double-free"), which allows remote attackers to cause a denial of service.

5CVSS7AI score0.03066EPSS
CVE
CVEadded 2011/02/10 6:0 p.m.44 views

CVE-2010-4022

The do_standalone function in the MIT krb5 KDC database propagation daemon (kpropd) in Kerberos 1.7, 1.8, and 1.9, when running in standalone mode, does not properly handle when a worker child process "exits abnormally," which allows remote attackers to cause a denial of service (listening process ...

5CVSS5AI score0.08652EPSS
CVE
CVEadded 2000/10/13 4:0 a.m.43 views

CVE-2000-0549

Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request.

5CVSS7AI score0.01332EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.43 views

CVE-2003-0058

MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.

5CVSS8.7AI score0.19337EPSS
CVE
CVEadded 2001/06/27 4:0 a.m.42 views

CVE-2001-0417

Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files.

2.1CVSS6.8AI score0.00112EPSS
CVE
CVEadded 2000/07/12 4:0 a.m.40 views

CVE-2000-0547

Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the localrealm variable in the process_v4 function.

5CVSS7.2AI score0.02576EPSS
CVE
CVEadded 2003/02/19 5:0 a.m.38 views

CVE-2003-0060

Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in Kerberos principal names.

7.5CVSS9.9AI score0.09128EPSS
CVE
CVEadded 2001/09/12 4:0 a.m.32 views

CVE-1999-1296

Buffer overflow in Kerberos IV compatibility libraries as used in Kerberos V allows local users to gain root privileges via a long line in a kerberos configuration file, which can be specified via the KRB_CONF environmental variable.

7.2CVSS7.6AI score0.00063EPSS
Total number of security vulnerabilities137