Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mit kerberos 4 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-10595
pam-krb5 prior to 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. It may overflow a buffer provided by the underlying Kerberos library by a single '\0' byte if an attacker responds to...
Pam-krb5 Project Pam-krb5
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
668
VMScore
CVE-2005-1689
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and previous versions allows remote malicious users to execute arbitrary code via certain error conditions.
Mit Kerberos 5
Apple Mac Os X Server
Apple Mac Os X
Debian Debian Linux 3.1
Debian Debian Linux 3.0
668
VMScore
CVE-2005-1175
Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and previous versions allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP request.
Mit Kerberos 5 1.3.2
Mit Kerberos 5 1.3.3
Mit Kerberos 5 1.3.4
Mit Kerberos 5 1.4
Mit Kerberos 5 1.4.1
Mit Kerberos 5 1.3
Mit Kerberos 5 1.3.1
Mit Kerberos 5 1.3.5
Mit Kerberos 5 1.3.6
668
VMScore
CVE-2005-0469
Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote malicious users to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.
Ncsa Telnet
668
VMScore
CVE-2004-0772
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and previous versions may allow remote malicious users to execute arbitrary code.
Mit Kerberos 5
Openpkg Openpkg 2.0
Openpkg Openpkg 2.1
Debian Debian Linux 3.0
668
VMScore
CVE-2003-0138
Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an malicious user to impersonate any principal in a realm via a chosen-plaintext attack.
Mit Kerberos 4
668
VMScore
CVE-2003-0139
Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an malicious user to create krb4 tickets for unauthorized principals using a cut-and-paste attack and "ti...
Mit Kerberos 4
625
VMScore
CVE-2009-0360
Russ Allbery pam-krb5 prior to 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching...
Eyrie Pam-krb5 3.8
Eyrie Pam-krb5 3.7
Eyrie Pam-krb5 3.0
Eyrie Pam-krb5 2.6
Eyrie Pam-krb5
Eyrie Pam-krb5 3.11
Eyrie Pam-krb5 3.4
Eyrie Pam-krb5 3.3
Eyrie Pam-krb5 2.3
Eyrie Pam-krb5 2.2
Eyrie Pam-krb5 3.10
Eyrie Pam-krb5 3.9
Eyrie Pam-krb5 3.2
Eyrie Pam-krb5 3.1
Eyrie Pam-krb5 2.1
Eyrie Pam-krb5 2.0
Eyrie Pam-krb5 3.6
Eyrie Pam-krb5 3.5
Eyrie Pam-krb5 2.5
Eyrie Pam-krb5 2.4
1 EDB exploit
605
VMScore
CVE-2017-11103
Heimdal prior to 7.4 allows remote malicious users to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained ...
Heimdal Project Heimdal
Freebsd Freebsd -
Samba Samba
Apple Mac Os X
Apple Iphone Os
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
534
VMScore
CVE-2018-16860
A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and ...
Samba Samba
Heimdal Project Heimdal
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »