Filtered by vendor Mit
Subscriptions
Filtered by product Kerberos 5
Subscriptions
Total
137 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0389 | 3 Cygnus, Mit, Redhat | 5 Cygnus Network Security, Kerbnet, Kerberos and 2 more | 2025-04-03 | N/A |
| Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges. | ||||
| CVE-2005-1689 | 4 Apple, Debian, Mit and 1 more | 5 Mac Os X, Mac Os X Server, Debian Linux and 2 more | 2025-04-03 | 9.8 Critical |
| Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions. | ||||
| CVE-2005-1175 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2025-04-03 | N/A |
| Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP request. | ||||
| CVE-2005-1174 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2025-04-03 | N/A |
| MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory. | ||||
| CVE-2004-0971 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2025-04-03 | N/A |
| The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. | ||||
| CVE-2001-0247 | 5 Freebsd, Mit, Netbsd and 2 more | 5 Freebsd, Kerberos 5, Netbsd and 2 more | 2025-04-03 | N/A |
| Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. | ||||
| CVE-2000-0514 | 1 Mit | 1 Kerberos 5 | 2025-04-03 | N/A |
| GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict access to some FTP commands, which allows remote attackers to cause a denial of service, and local users to gain root privileges. | ||||
| CVE-2006-3083 | 3 Heimdal, Mit, Redhat | 3 Heimdal, Kerberos 5, Enterprise Linux | 2025-04-03 | N/A |
| The (1) krshd and (2) v4rcp applications in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x before 1.4.4, when running on Linux and AIX, and (b) Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which allows local users to gain privileges by causing setuid to fail to drop privileges using attacks such as resource exhaustion. | ||||
| CVE-2024-26462 | 3 Mit, Netapp, Redhat | 12 Kerberos 5, Active Iq Unified Manager, Cloud Volumes Ontap Mediator and 9 more | 2025-03-25 | 5.5 Medium |
| Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c. | ||||
| CVE-2024-37370 | 2 Mit, Redhat | 8 Kerberos 5, Enterprise Linux, Rhel Aus and 5 more | 2025-03-13 | 7.5 High |
| In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. | ||||
| CVE-2023-39975 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2024-11-21 | 8.8 High |
| kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another. | ||||
| CVE-2023-36054 | 4 Debian, Mit, Netapp and 1 more | 8 Debian Linux, Kerberos 5, Active Iq Unified Manager and 5 more | 2024-11-21 | 6.5 Medium |
| lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count. | ||||
| CVE-2022-39028 | 4 Debian, Gnu, Mit and 1 more | 4 Debian Linux, Inetutils, Kerberos 5 and 1 more | 2024-11-21 | 7.5 High |
| telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd application has many crashes within a short time interval, the telnet service would become unavailable after inetd logs a "telnet/tcp server failing (looping), service terminated" error. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8. | ||||
| CVE-2021-37750 | 6 Debian, Fedoraproject, Mit and 3 more | 6 Debian Linux, Fedora, Kerberos 5 and 3 more | 2024-11-21 | 6.5 Medium |
| The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field. | ||||
| CVE-2021-36222 | 5 Debian, Mit, Netapp and 2 more | 8 Debian Linux, Kerberos 5, Active Iq Unified Manager and 5 more | 2024-11-21 | 7.5 High |
| ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation. | ||||
| CVE-2019-14844 | 2 Fedoraproject, Mit | 2 Fedora, Kerberos 5 | 2024-11-21 | 7.5 High |
| A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC. | ||||
| CVE-2017-7562 | 2 Mit, Redhat | 5 Kerberos 5, Enterprise Linux, Enterprise Linux Desktop and 2 more | 2024-11-21 | 6.5 Medium |
| An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances. | ||||