Filtered by vendor Mit
Subscriptions
Filtered by product Kerberos 5
Subscriptions
Total
138 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0845 | 2 Mit, Redhat | 3 Kerberos, Kerberos 5, Enterprise Linux | 2025-04-09 | N/A |
| The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via invalid ContextFlags data in the reqFlags field in a negTokenInit token. | ||||
| CVE-2007-0957 | 4 Canonical, Debian, Mit and 1 more | 4 Ubuntu Linux, Debian Linux, Kerberos 5 and 1 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Kerberos administration daemon (kadmind) and Key Distribution Center (KDC), in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via crafted arguments, possibly involving certain format string specifiers. | ||||
| CVE-2008-0948 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2025-04-09 | N/A |
| Buffer overflow in the RPC library (lib/rpc/rpc_dtablesize.c) used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.2.2, and probably other versions before 1.3, when running on systems whose unistd.h does not define the FD_SETSIZE macro, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering a large number of open file descriptors. | ||||
| CVE-2007-0956 | 4 Canonical, Debian, Mit and 1 more | 4 Ubuntu Linux, Debian Linux, Kerberos 5 and 1 more | 2025-04-09 | N/A |
| The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass authentication and gain system access via a username beginning with a '-' character, a similar issue to CVE-2007-0882. | ||||
| CVE-2009-3295 | 1 Mit | 1 Kerberos 5 | 2025-04-09 | N/A |
| The prep_reprocess_req function in kdc/do_tgs_req.c in the cross-realm referral implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a ticket request. | ||||
| CVE-2007-5901 | 3 Apple, Mit, Redhat | 4 Mac Os X, Mac Os X Server, Kerberos 5 and 1 more | 2025-04-09 | N/A |
| Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code. | ||||
| CVE-2007-3149 | 2 Mit, Todd Miller | 2 Kerberos 5, Sudo | 2025-04-09 | N/A |
| sudo, when linked with MIT Kerberos 5 (krb5), does not properly check whether a user can currently authenticate to Kerberos, which allows local users to gain privileges, in a manner unintended by the sudo security model, via certain KRB5_ environment variable settings. NOTE: another researcher disputes this vulnerability, stating that the attacker must be "a user, who can already log into your system, and can already use sudo." | ||||
| CVE-2007-2798 | 4 Canonical, Debian, Mit and 1 more | 4 Ubuntu Linux, Debian Linux, Kerberos 5 and 1 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal. | ||||
| CVE-2007-5971 | 3 Apple, Mit, Redhat | 4 Mac Os X, Mac Os X Server, Kerberos 5 and 1 more | 2025-04-09 | N/A |
| Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. | ||||
| CVE-2007-4743 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2025-04-09 | N/A |
| The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and other applications that use krb5, does not correctly check the buffer length in some environments and architectures, which might allow remote attackers to conduct a buffer overflow attack. | ||||
| CVE-2007-3999 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2025-04-09 | N/A |
| Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party applications that use krb5, allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long string in an RPC message. | ||||
| CVE-2000-0390 | 3 Cygnus, Mit, Redhat | 5 Cygnus Network Security, Kerbnet, Kerberos and 2 more | 2025-04-03 | N/A |
| Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges. | ||||
| CVE-2001-0247 | 5 Freebsd, Mit, Netbsd and 2 more | 5 Freebsd, Kerberos 5, Netbsd and 2 more | 2025-04-03 | N/A |
| Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. | ||||
| CVE-2002-0036 | 2 Mit, Redhat | 3 Kerberos 5, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value. | ||||
| CVE-2002-1235 | 4 Debian, Kth, Mit and 1 more | 6 Debian Linux, Kth Kerberos 4, Kth Kerberos 5 and 3 more | 2025-04-03 | N/A |
| The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | ||||
| CVE-2003-0058 | 3 Mit, Redhat, Sun | 6 Kerberos 5, Enterprise Linux, Linux and 3 more | 2025-04-03 | N/A |
| MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference. | ||||
| CVE-2003-0060 | 1 Mit | 1 Kerberos 5 | 2025-04-03 | N/A |
| Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in Kerberos principal names. | ||||
| CVE-2004-0642 | 3 Debian, Mit, Redhat | 6 Debian Linux, Kerberos 5, Enterprise Linux and 3 more | 2025-04-03 | N/A |
| Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code. | ||||
| CVE-2004-0644 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2025-04-03 | N/A |
| The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service (infinite loop) via a certain BER encoding. | ||||
| CVE-2004-1189 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2025-04-03 | N/A |
| The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an array index out-of-bounds error and may allow authenticated users to execute arbitrary code via a heap-based buffer overflow. | ||||