Kerberos 5 Security Vulnerabilities and Issues — Kerberos 5 CVE List

Lucene search

MitKerberos 5

5 matches found

CVE•added 2005/07/18 4:0 a.m.•131 views

CVE-2005-1174

MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory.

5CVSS9AI score0.40925EPSS

CVE•added 2005/02/09 5:0 a.m.•64 views

CVE-2004-0971

The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

2.1CVSS5.9AI score0.00108EPSS

CVE•added 2005/07/18 4:0 a.m.•62 views

CVE-2005-1175

Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP request.

7.5CVSS9.8AI score0.45397EPSS

CVE•added 2005/07/18 4:0 a.m.•60 views

CVE-2005-1689

Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.

9.8CVSS9.7AI score0.55203EPSS

CVE•added 2005/06/14 4:0 a.m.•57 views

CVE-2005-0488

Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.

5CVSS9.2AI score0.10248EPSS