Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mit kerberos vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2018-20217
A Reachable Assertion issue exists in the KDC in MIT Kerberos 5 (aka krb5) prior to 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.
Mit Kerberos
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5.9
CVSSv3
CVE-2018-16853
Samba from version 4.7.0 has a vulnerability that allows a user in a Samba AD domain to crash the KDC when Samba is built in the non-default MIT Kerberos configuration. With this advisory the Samba Team clarify that the MIT Kerberos build of the Samba AD DC is considered experime...
Samba Samba
6.5
CVSSv3
CVE-2018-5710
An issue exists in MIT Kerberos 5 (aka krb5) up to and including 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote...
Mit Kerberos
7.5
CVSSv3
CVE-2018-5709
An issue exists in MIT Kerberos 5 (aka krb5) up to and including 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. A...
Mit Kerberos
7.5
CVSSv3
CVE-2017-17439
In Heimdal up to and including 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation...
Debian Debian Linux 9.0
Heimdal Project Heimdal
9.8
CVSSv3
CVE-2017-15088
plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) up to and including 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote malicious users to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in ...
Mit Kerberos 5
9.8
CVSSv3
CVE-2017-11462
Double free vulnerability in MIT Kerberos 5 (aka krb5) allows malicious users to have unspecified impact via vectors involving automatic deletion of security contexts on error.
Mit Kerberos 5 1.14
Mit Kerberos 5 1.14.1
Mit Kerberos 5 1.14.2
Mit Kerberos 5 1.14.3
Mit Kerberos 5 1.14.4
Mit Kerberos 5 1.14.5
Mit Kerberos 5 1.15
Mit Kerberos 5 1.15.1
Fedoraproject Fedora 26
Fedoraproject Fedora 25
8.1
CVSSv3
CVE-2017-11103
Heimdal prior to 7.4 allows remote malicious users to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained ...
Heimdal Project Heimdal
Freebsd Freebsd -
Samba Samba
Apple Mac Os X
Apple Iphone Os
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2016-3120
The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) prior to 1.13.6 and 1.4.x prior to 1.14.3, when restrict_anonymous_to_tgt is enabled, uses an incorrect client data structure, which allows remote authenticated users ...
Mit Kerberos 5 1.13
Mit Kerberos 5 1.13.1
Mit Kerberos 5 1.13.2
Mit Kerberos 5 1.13.3
Mit Kerberos 5 1.13.4
Mit Kerberos 5 1.13.5
Mit Kerberos 5 1.13.6
Mit Kerberos 5 1.14
Mit Kerberos 5 1.14.1
Mit Kerberos 5 1.14.2
NA
CVE-2015-2698
The iakerb_gss_export_sec_context function in lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) 1.14 pre-release 2015-09-14 improperly accesses a certain pointer, which allows remote authenticated users to cause a denial of service (memory corruption) or possibly have unspeci...
Mit Kerberos 5 1.14
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »