Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mit vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2004-0971
The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 up to and including 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
Mit Kerberos 5 1.3.4
5
CVSSv2
CVE-2011-0283
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed request packet that does not trigger a response packet.
Mit Kerberos 5 1.9
4.3
CVSSv2
CVE-2020-27428
A DOM-based cross-site scripting (XSS) vulnerability in Scratch-Svg-Renderer v0.2.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted sb3 file.
Mit Scratch-svg-renderer 0.2.0
4.6
CVSSv2
CVE-1999-0143
Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys.
Process Software Multinet 3.4
Mit Kerberos 4.0
Process Software Multinet 3.5
Mit Kerberos 5 -
Sun Sunos 5.3
Sun Sunos 5.4
8.5
CVSSv2
CVE-2007-4000
The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 up to and including 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authentica...
Mit Kerberos 5
Fedoraproject Fedora 7
7.2
CVSSv2
CVE-2007-3149
sudo, when linked with MIT Kerberos 5 (krb5), does not properly check whether a user can currently authenticate to Kerberos, which allows local users to gain privileges, in a manner unintended by the sudo security model, via certain KRB5_ environment variable settings. NOTE: anot...
Mit Kerberos 5 -
Todd Miller Sudo 1.6.8 P12
9.3
CVSSv2
CVE-2007-6429
Multiple integer overflows in X.Org Xserver prior to 1.4.1 allow context-dependent malicious users to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or ...
X.org Xserver
X.org Evi
X.org Mit-shm
7.2
CVSSv2
CVE-1999-0713
The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges.
Mit Kerberos 5 -
Cde Cde
Transarc Afs
Digital Unix
3.5
CVSSv2
CVE-2018-20217
A Reachable Assertion issue exists in the KDC in MIT Kerberos 5 (aka krb5) prior to 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.
Mit Kerberos
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2005-0488
Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.
Microsoft Telnet Client 5.1.2600.2180
Mit Kerberos 5 1.3.4
Sun Sunos 5.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »