Lucene search

K

6 matches found

CVE
CVE
added 2018/12/26 9:29 p.m.308 views

CVE-2018-20217

A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.

5.3CVSS5.3AI score0.00883EPSS
CVE
CVE
added 2018/01/16 9:29 a.m.90 views

CVE-2018-5710

An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of s...

6.5CVSS5.1AI score0.00563EPSS
CVE
CVE
added 2018/01/16 9:29 a.m.87 views

CVE-2018-5709

An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to af...

7.5CVSS7.4AI score0.00463EPSS
CVE
CVE
added 2000/07/12 4:0 a.m.54 views

CVE-2000-0546

Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function.

5CVSS7.2AI score0.02576EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.51 views

CVE-2000-0548

Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the e_msg variable in the kerb_err_reply function.

5CVSS7.2AI score0.03418EPSS
CVE
CVE
added 2000/07/12 4:0 a.m.40 views

CVE-2000-0547

Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the localrealm variable in the process_v4 function.

5CVSS7.2AI score0.02576EPSS