Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mit vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2002-0900
Buffer overflow in pks PGP public key web server prior to 0.9.5 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long search argument to the lookup capability.
Mit Pgp Public Key Server 0.9.2
Mit Pgp Public Key Server 0.9.4
1 EDB exploit
7.5
CVSSv2
CVE-2001-1323
Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and previous versions allows remote malicious users to cause a denial of service and possibly execute arbitrary code via base-64 encoded data, which is not properly handled when the radix_encode function processes file glob output fr...
Mit Kerberos 5
7.5
CVSSv2
CVE-1999-1321
Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could allow remote malicious users to cause a denial of service or execute arbitrary commands via a long DNS hostname that is not properly handled during TGT ticket passing.
Mit Kerberos V
7.2
CVSSv2
CVE-2007-3149
sudo, when linked with MIT Kerberos 5 (krb5), does not properly check whether a user can currently authenticate to Kerberos, which allows local users to gain privileges, in a manner unintended by the sudo security model, via certain KRB5_ environment variable settings. NOTE: anot...
Mit Kerberos 5 -
Todd Miller Sudo 1.6.8 P12
7.2
CVSSv2
CVE-2006-3083
The (1) krshd and (2) v4rcp applications in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x prior to 1.4.4, when running on Linux and AIX, and (b) Heimdal 0.7.2 and previous versions, do not check return codes for setuid calls, which allows local users to gain privileges by causin...
Heimdal Heimdal 0.7.2
Mit Kerberos 5 1.4.2
Mit Kerberos 5 1.4.3
Mit Kerberos 5 1.4
Mit Kerberos 5 1.4.1
Mit Kerberos 5 1.5
7.2
CVSSv2
CVE-2006-3084
The (1) ftpd and (2) ksu programs in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x prior to 1.4.4, and (b) Heimdal 0.7.2 and previous versions, do not check return codes for setuid calls, which might allow local users to gain privileges by causing setuid to fail to drop privileg...
Mit Kerberos 5 1.5
Heimdal Heimdal
Mit Kerberos 5 1.4
Mit Kerberos 5 1.4.1
Mit Kerberos 5 1.4.2
Mit Kerberos 5 1.4.3
7.2
CVSSv2
CVE-2004-0884
The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and previous versions trust the SASL_PATH environment variable to find all available SASL plug-ins, which allows local users to execute arbitrary code by modifying the SASL_PATH to point to malicious programs.
Cyrus Sasl 2.1.10
Cyrus Sasl 2.1.11
Cyrus Sasl 2.1.18
Cyrus Sasl 2.1.18 R1
Cyrus Sasl 2.1.9
Cyrus Sasl 2.1.12
Cyrus Sasl 2.1.13
Conectiva Linux 10.0
Conectiva Linux 9.0
Cyrus Sasl 1.5.24
Cyrus Sasl 2.1.14
Cyrus Sasl 2.1.15
Cyrus Sasl 1.5.27
Cyrus Sasl 1.5.28
Cyrus Sasl 2.1.16
Cyrus Sasl 2.1.17
7.2
CVSSv2
CVE-2004-1189
The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an array index out-of-bounds er...
Mit Kerberos 5
7.2
CVSSv2
CVE-2004-0106
Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084.
Xfree86 Project X11r6 4.3.0
Xfree86 Project X11r6 4.2.1
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 4.2.0
Xfree86 Project X11r6 4.1.0
Xfree86 Project X11r6 4.1.11
Openbsd Openbsd 3.3
Openbsd Openbsd 3.4
7.2
CVSSv2
CVE-2002-1160
The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth file, which is created with the original user's credentials after root uses s...
Redhat Linux 7.1
Redhat Linux 7.2
Redhat Linux 7.3
Redhat Linux 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »