Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kerberos vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2002-1235
The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and previous versions, (2) kadmind in KTH Kerberos 4 (eBones) prior to 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) prior to 0.5.1 when comp...
Kth Kth Kerberos 4
Kth Kth Kerberos 5
Mit Kerberos 5
Debian Debian Linux 3.0
2.1
CVSSv2
CVE-2001-0417
Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files.
Mit Kerberos 5 1.5.2
Mit Kerberos 4
7.8
CVSSv2
CVE-2011-1527
The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 up to and including 1.9.1, when the LDAP back end is used, allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a kinit operation with i...
Mit Kerberos 5 1.9.1
Mit Kerberos 5 1.9
5.5
CVSSv2
CVE-2012-1012
server/server_stubs.c in the kadmin protocol implementation in MIT Kerberos 5 (aka krb5) 1.10 prior to 1.10.1 does not properly restrict access to (1) SET_STRING and (2) GET_STRINGS operations, which might allow remote authenticated administrators to modify or read string attribu...
Mit Kerberos 5 1.10
Mit Kerberos 5 1.10.1
7.5
CVSSv2
CVE-2003-0059
Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 prior to 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys.
Mit Kerberos 5 1.2.2
Mit Kerberos 5 1.2.1
5
CVSSv2
CVE-2001-1443
KTH Kerberos IV and Kerberos V (Heimdal) for Telnet clients do not encrypt connections if the server does not support the requested encryption, which allows remote malicious users to read communications via a man-in-the-middle attack.
Kth Kth Kerberos 4
Kth Kth Kerberos 5
7.5
CVSSv2
CVE-2001-1444
The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Kerberos V (Heimdal), does not encrypt authentication and encryption options sent from the server, which allows remote malicious users to downgrade authentication and encryption mechanisms via a man-in-the-middle...
Kth Kth Kerberos 4
Kth Kth Kerberos 5
10
CVSSv2
CVE-2000-0514
GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict access to some FTP commands, which allows remote malicious users to cause a denial of service, and local users to gain root privileges.
Mit Kerberos 5 1.1
Mit Kerberos 5 1.1.1
5
CVSSv2
CVE-2013-1415
The pkinit_check_kdc_pkid function in plugins/preauth/pkinit/pkinit_crypto_openssl.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) prior to 1.10.4 and 1.11.x prior to 1.11.1 does not properly handle errors during extraction of fiel...
Mit Kerberos 5
Mit Kerberos 5 1.11
Opensuse Opensuse 11.4
5
CVSSv2
CVE-2003-0058
MIT Kerberos V5 Key Distribution Center (KDC) prior to 1.2.5 allows remote authenticated malicious users to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.
Mit Kerberos 5 1.2.4
Sun Enterprise Authentication Mechanism 1.0
Mit Kerberos 5 1.2.2
Mit Kerberos 5 1.2.3
Mit Kerberos 5 1.2.1
Sun Sunos 5.8
Sun Solaris 8.0
Sun Solaris 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »