Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mit kerberos 4.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2008-0062
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer dereference or double-free.
Mit Kerberos 5
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Fedoraproject Fedora 8
Fedoraproject Fedora 7
9.8
CVSSv3
CVE-2004-0772
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and previous versions may allow remote malicious users to execute arbitrary code.
Mit Kerberos 5
Openpkg Openpkg 2.0
Openpkg Openpkg 2.1
Debian Debian Linux 3.0
7.5
CVSSv3
CVE-2008-0063
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote malicious users to obtain sensitive information, aka "Uninitialized stack values."
Mit Kerberos 5
Apple Mac Os X
Apple Mac Os X Server
Opensuse Opensuse 10.2
Opensuse Opensuse 10.3
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 10
Suse Linux 10.1
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Fedoraproject Fedora 8
Fedoraproject Fedora 7
NA
CVE-2009-0846
The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) prior to 1.6.4 allows remote malicious users to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving...
Mit Kerberos 5
Fedoraproject Fedora 10
Fedoraproject Fedora 9
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Apple Mac Os X
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux Eus 4.7
Redhat Enterprise Linux Server 4.0
Redhat Enterprise Linux Workstation 4.0
Redhat Enterprise Linux Workstation 3.0
Redhat Enterprise Linux Server 3.0
Redhat Enterprise Linux Server 2.0
Redhat Enterprise Linux Workstation 2.0
NA
CVE-2007-2442
The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and previous versions might allow remote malicious users to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup.
Mit Kerberos 5
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
NA
CVE-2007-2443
Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and previous versions might allow remote malicious users to execute arbitrary code via a negative length value.
Mit Kerberos 5
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
NA
CVE-2007-2798
Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.
Mit Kerberos 5
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Debian Debian Linux 3.1
Debian Debian Linux 4.0
NA
CVE-2007-0956
The telnet daemon (telnetd) in MIT krb5 prior to 1.6.1 allows remote malicious users to bypass authentication and gain system access via a username beginning with a '-' character, a similar issue to CVE-2007-0882.
Mit Kerberos 5
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.06
NA
CVE-2007-0957
Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Kerberos administration daemon (kadmind) and Key Distribution Center (KDC), in MIT krb5 prior to 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerb...
Mit Kerberos 5
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.06
NA
CVE-2007-1216
Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 prior to 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to...
Mit Kerberos 5
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.06
Debian Debian Linux 3.1
Debian Debian Linux 4.0
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »