Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mit kerberos 4 vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-1999-0143
Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys.
Process Software Multinet 3.4
Mit Kerberos 4.0
Process Software Multinet 3.5
Mit Kerberos 5 -
Sun Sunos 5.3
Sun Sunos 5.4
7.5
CVSSv2
CVE-2005-1689
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and previous versions allows remote malicious users to execute arbitrary code via certain error conditions.
Mit Kerberos 5
Apple Mac Os X Server
Apple Mac Os X
Debian Debian Linux 3.1
Debian Debian Linux 3.0
5
CVSSv2
CVE-2021-36222
ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) prior to 1.18.4 and 1.19.x prior to 1.19.2 allows remote malicious users to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly ma...
Mit Kerberos 5
Debian Debian Linux 10.0
Netapp Active Iq Unified Manager -
Netapp Oncommand Insight -
Netapp Oncommand Workflow Automation -
Netapp Snapcenter -
Oracle Mysql Server
1 Github repository
7.5
CVSSv2
CVE-2004-0772
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and previous versions may allow remote malicious users to execute arbitrary code.
Mit Kerberos 5
Openpkg Openpkg 2.0
Openpkg Openpkg 2.1
Debian Debian Linux 3.0
4
CVSSv2
CVE-2021-37750
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) prior to 1.18.5 and 1.19.x prior to 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.
Mit Kerberos 5
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Starwindsoftware Starwind Virtual San V8r13
Oracle Communications Cloud Native Core Network Slice Selection Function 22.1.0
4
CVSSv2
CVE-2010-0629
Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 up to and including 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version nu...
Mit Kerberos 5
Fedoraproject Fedora 11
Opensuse Opensuse 11.1
Opensuse Opensuse 11.0
Suse Linux Enterprise 11.0
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
10
CVSSv2
CVE-2001-0247
Buffer overflows in BSD-based FTP servers allows remote malicious users to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.
Mit Kerberos 5 1.2.1
Mit Kerberos 5 1.2.2
Sgi Irix 6.5.3
Sgi Irix 6.5.3f
Sgi Irix 6.5.1
Sgi Irix 6.5.10
Sgi Irix 6.5.5
Sgi Irix 6.5.6
Mit Kerberos 5 1.1.1
Sgi Irix 6.1
Sgi Irix 6.5.3m
Sgi Irix 6.5.4
Mit Kerberos 5 1.2
Sgi Irix 6.5.11
Sgi Irix 6.5.2m
Sgi Irix 6.5.7
Sgi Irix 6.5.8
Freebsd Freebsd 2.2
Freebsd Freebsd 3.1
Freebsd Freebsd 2.2.5
Freebsd Freebsd 2.2.6
Freebsd Freebsd 3.5
3 EDB exploits
9.3
CVSSv2
CVE-2008-0062
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer dereference or double-free.
Mit Kerberos 5
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Fedoraproject Fedora 8
Fedoraproject Fedora 7
5
CVSSv2
CVE-2020-28196
MIT Kerberos 5 (aka krb5) prior to 1.17.2 and 1.18.x prior to 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
Mit Kerberos 5
Fedoraproject Fedora 31
Netapp Cloud Backup -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Mysql Server
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Communications Cloud Native Core Policy 1.14.0
4.3
CVSSv2
CVE-2008-0063
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote malicious users to obtain sensitive information, aka "Uninitialized stack values."
Mit Kerberos 5
Apple Mac Os X
Apple Mac Os X Server
Opensuse Opensuse 10.2
Opensuse Opensuse 10.3
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 10
Suse Linux 10.1
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Fedoraproject Fedora 8
Fedoraproject Fedora 7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »