Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kth kth kerberos 4 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2001-1444
The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Kerberos V (Heimdal), does not encrypt authentication and encryption options sent from the server, which allows remote malicious users to downgrade authentication and encryption mechanisms via a man-in-the-middle...
Kth Kth Kerberos 4
Kth Kth Kerberos 5
445
VMScore
CVE-2001-1443
KTH Kerberos IV and Kerberos V (Heimdal) for Telnet clients do not encrypt connections if the server does not support the requested encryption, which allows remote malicious users to read communications via a man-in-the-middle attack.
Kth Kth Kerberos 4
Kth Kth Kerberos 5
890
VMScore
CVE-2002-1235
The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and previous versions, (2) kadmind in KTH Kerberos 4 (eBones) prior to 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) prior to 0.5.1 when comp...
Kth Kth Kerberos 4
Kth Kth Kerberos 5
Mit Kerberos 5
Debian Debian Linux 3.0
445
VMScore
CVE-1999-1099
Kerberos 4 allows remote malicious users to obtain sensitive information via a malformed UDP packet that generates an error string that inadvertently includes the realm name and the last user.
Kth Kth Kerberos 4
641
VMScore
CVE-2001-0035
Buffer overflow in the kdc_reply_cipher function in KTH Kerberos IV allows remote malicious users to cause a denial of service and possibly execute arbitrary commands via a long authentication request.
Kth Kth Kerberos 4
108
VMScore
CVE-2001-0036
KTH Kerberos IV allows local users to overwrite arbitrary files via a symlink attack on a ticket file.
Kth Kth Kerberos 4
668
VMScore
CVE-2002-0600
Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote malicious servers to execute arbitrary code on the client via a long response to a passive (PASV) mode request.
Kth Kth Kerberos 4 1.0.2
Kth Kth Kerberos 4 1.0.3
Kth Kth Kerberos 4 1.0.4
Kth Kth Kerberos 4 1.1.1
Luke Mewburn Lukemftp 1.5
641
VMScore
CVE-2001-0033
KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying an alternate directory using with the KRBCONFDIR environmental variable, which allows the user to gain additional privileges.
Kth Kth Kerberos 4
Netbsd Netbsd 1.5
725
VMScore
CVE-2001-0034
KTH Kerberos IV allows local users to specify an alternate proxy using the krb4_proxy variable, which allows the user to generate false proxy responses and possibly gain privileges.
Kth Kth Kerberos
1 EDB exploit
445
VMScore
CVE-2002-1146
The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and previous versions, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual bo...
Gnu Glibc
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started