Kerberos 5 Security Vulnerabilities and Issues — Kerberos 5 CVE List

Lucene search

MitKerberos 5

3 matches found

CVE•added 2017/11/23 5:29 p.m.•151 views

CVE-2017-15088

plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in situations involving untrusted X.509 ...

9.8CVSS9.8AI score0.0399EPSS

CVE•added 2017/08/09 6:29 p.m.•115 views

CVE-2017-11368

In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests.

6.5CVSS6.4AI score0.00307EPSS

CVE•added 2017/09/13 4:29 p.m.•93 views

CVE-2017-11462

Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error.

9.8CVSS6.9AI score0.00642EPSS