Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mit kerberos vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-5709
An issue exists in MIT Kerberos 5 (aka krb5) up to and including 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. A...
Mit Kerberos
7.5
CVSSv3
CVE-2017-17439
In Heimdal up to and including 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation...
Debian Debian Linux 9.0
Heimdal Project Heimdal
7.5
CVSSv3
CVE-2008-0063
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote malicious users to obtain sensitive information, aka "Uninitialized stack values."
Mit Kerberos 5
Apple Mac Os X
Apple Mac Os X Server
Opensuse Opensuse 10.2
Opensuse Opensuse 10.3
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 10
Suse Linux 10.1
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Fedoraproject Fedora 8
Fedoraproject Fedora 7
7.4
CVSSv3
CVE-2019-12098
In the client side of Heimdal prior to 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. This issue is in krb5_init_creds_step in lib/krb5/init_creds_pw.c.
Heimdal Project Heimdal
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2023-36054
lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) prior to 1.20.2 and 1.21.x prior to 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_...
Mit Kerberos 5 1.21
Mit Kerberos 5
Debian Debian Linux 10.0
Netapp Hci -
Netapp Active Iq Unified Manager -
Netapp Management Services For Element Software -
Netapp Ontap Tools -
Netapp Clustered Data Ontap 9.0
1 Github repository
6.5
CVSSv3
CVE-2022-3437
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory w...
Samba Samba
Fedoraproject Fedora 36
Fedoraproject Fedora 37
6.5
CVSSv3
CVE-2021-3671
A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.
Samba Samba
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Ontap Select Deploy Administration Utility -
Netapp Management Services For Element Software -
Netapp Management Services For Netapp Hci -
6.5
CVSSv3
CVE-2021-37750
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) prior to 1.18.5 and 1.19.x prior to 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.
Mit Kerberos 5
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Starwindsoftware Starwind Virtual San V8r13
Oracle Communications Cloud Native Core Network Slice Selection Function 22.1.0
6.5
CVSSv3
CVE-2018-5710
An issue exists in MIT Kerberos 5 (aka krb5) up to and including 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote...
Mit Kerberos
6.5
CVSSv3
CVE-2016-3120
The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) prior to 1.13.6 and 1.4.x prior to 1.14.3, when restrict_anonymous_to_tgt is enabled, uses an incorrect client data structure, which allows remote authenticated users ...
Mit Kerberos 5 1.13
Mit Kerberos 5 1.13.1
Mit Kerberos 5 1.13.2
Mit Kerberos 5 1.13.3
Mit Kerberos 5 1.13.4
Mit Kerberos 5 1.13.5
Mit Kerberos 5 1.13.6
Mit Kerberos 5 1.14
Mit Kerberos 5 1.14.1
Mit Kerberos 5 1.14.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »