Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mit krb5-appl vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-39028
telnetd in GNU Inetutils up to and including 2.3, MIT krb5-appl up to and including 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available ...
Gnu Inetutils
Mit Kerberos 5
Debian Debian Linux 10.0
Netkit-telnet Project Netkit-telnet
5.9
CVSSv3
CVE-2019-25017
An issue exists in rcp in MIT krb5-appl up to and including 1.0.3. Due to the rcp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned (o...
Mit Krb5-appl
7.5
CVSSv3
CVE-2019-25018
In the rcp client in MIT krb5-appl up to and including 1.0.3, malicious servers could bypass intended access restrictions via the filename of . or an empty filename, similar to CVE-2018-20685 and CVE-2019-7282. The impact is modifying the permissions of the target directory on th...
Mit Krb5-appl
NA
CVE-2011-4862
Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 up to and including 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and previous versions, Heimdal 1.5.1 and previous versions, GNU inetutils, and possibly other products allows remote malicious users...
Gnu Inetutils
Heimdal Project Heimdal
Mit Krb5-appl
Freebsd Freebsd
Fedoraproject Fedora 15
Fedoraproject Fedora 16
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Debian Debian Linux 7.0
Opensuse Opensuse 11.3
Opensuse Opensuse 11.4
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 9
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Software Development Kit 11
3 EDB exploits
4 Github repositories
1 Article
NA
CVE-2011-1526
ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and previous versions does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, o...
Mit Krb5-appl
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Fedoraproject Fedora 14
Fedoraproject Fedora 15
Opensuse Opensuse 11.3
Opensuse Opensuse 11.4
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Software Development Kit 11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started