Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kerberos 5 vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2007-1216
Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 prior to 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to...
Mit Kerberos 5
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 6.10
Debian Debian Linux 3.1
Debian Debian Linux 4.0
1 Github repository
8.5
CVSSv2
CVE-2020-25717
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.
Samba Samba
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Resilient Storage 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Gluster Storage 3.0
Redhat Virtualization Host 4.0
Redhat Virtualization 4.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Openstack 13
1 Github repository
8.5
CVSSv2
CVE-2015-2698
The iakerb_gss_export_sec_context function in lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) 1.14 pre-release 2015-09-14 improperly accesses a certain pointer, which allows remote authenticated users to cause a denial of service (memory corruption) or possibly have unspeci...
Mit Kerberos 5 1.14
8.5
CVSSv2
CVE-2014-4345
Off-by-one error in the krb5_encode_krbsecretkey function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) 1.6.x up to and including 1.11.x prior to 1.11.6 and 1.12.x prior to 1.12.2 allows remote authenticated users...
Mit Kerberos 5 1.10.1
Mit Kerberos 5 1.10.2
Mit Kerberos 5 1.11.4
Mit Kerberos 5 1.6
Mit Kerberos 5 1.8.2
Mit Kerberos 5 1.8.3
Mit Kerberos 5 1.8.4
Mit Kerberos 5 1.9.4
Mit Kerberos 5 1.10.3
Mit Kerberos 5 1.10.4
Mit Kerberos 5 1.6.1
Mit Kerberos 5 1.6.2
Mit Kerberos 5 1.8.5
Mit Kerberos 5 1.8.6
Mit Kerberos 5 1.11.5
Mit Kerberos 5 1.12
Mit Kerberos 5 1.11
Mit Kerberos 5 1.11.1
Mit Kerberos 5 1.7
Mit Kerberos 5 1.7.1
Mit Kerberos 5 1.9
Mit Kerberos 5 1.9.1
8.5
CVSSv2
CVE-2007-4000
The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 up to and including 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authentica...
Mit Kerberos 5
Fedoraproject Fedora 7
8.3
CVSSv2
CVE-2007-2443
Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and previous versions might allow remote malicious users to execute arbitrary code via a negative length value.
Mit Kerberos 5
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 7.04
7.8
CVSSv2
CVE-2012-4660
The SIP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.2 prior to 8.2(5.17), 8.3 prior to 8.3(2.28), 8.4 prior to 8.4(2.13), 8.5 prior to 8.5(1.4), and 8...
Cisco Adaptive Security Appliance Software 8.2
Cisco Adaptive Security Appliance Software 8.2\\(1\\)
Cisco Adaptive Security Appliance Software 8.2\\(2\\)
Cisco Adaptive Security Appliance Software 8.2\\(3\\)
Cisco Adaptive Security Appliance Software 8.2\\(3.9\\)
Cisco Adaptive Security Appliance Software 8.2\\(4\\)
Cisco Adaptive Security Appliance Software 8.2\\(4.1\\)
Cisco Adaptive Security Appliance Software 8.2\\(4.4\\)
Cisco Adaptive Security Appliance Software 8.2\\(5\\)
Cisco Adaptive Security Appliance Software 8.3\\(1\\)
Cisco Adaptive Security Appliance Software 8.3\\(2\\)
Cisco Adaptive Security Appliance Software 8.4
Cisco Adaptive Security Appliance Software 8.4\\(1\\)
Cisco Adaptive Security Appliance Software 8.4\\(1.11\\)
Cisco Adaptive Security Appliance Software 8.4\\(2\\)
Cisco Adaptive Security Appliance Software 8.4\\(2.11\\)
Cisco Adaptive Security Appliance Software 8.5
Cisco Adaptive Security Appliance Software 8.5\\(1\\)
Cisco Adaptive Security Appliance Software 8.6
Cisco Adaptive Security Appliance Software 8.6\\(1\\)
Cisco 5500 Series Adaptive Security Appliance
Cisco Catalyst 6500
7.8
CVSSv2
CVE-2011-1528
The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 up to and including 1.8.4 and 1.9 up to and including 1.9.1, when the LDAP back end is used, allows remote malicious users to cause a denial of service (assertion failure an...
Mit Kerberos 5 1.8.4
Mit Kerberos 5 1.8.2
Mit Kerberos 5 1.8
Mit Kerberos 5 1.9.1
Mit Kerberos 5 1.9
Mit Kerberos 5 1.8.3
Mit Kerberos 5 1.8.1
7.8
CVSSv2
CVE-2011-1529
The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 up to and including 1.8.4 and 1.9 up to and including 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used, allows remote malicious users to cause a denial of servic...
Mit Kerberos 5 1.8.2
Mit Kerberos 5 1.8.1
Mit Kerberos 5 1.9
Mit Kerberos 5 1.8.4
Mit Kerberos 5 1.8.3
Mit Kerberos 5 1.8
Mit Kerberos 5 1.9.1
7.8
CVSSv2
CVE-2011-1527
The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 up to and including 1.9.1, when the LDAP back end is used, allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a kinit operation with i...
Mit Kerberos 5 1.9.1
Mit Kerberos 5 1.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »