Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kerberos 5 vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2007-0957
Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Kerberos administration daemon (kadmind) and Key Distribution Center (KDC), in MIT krb5 prior to 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerb...
Mit Kerberos 5
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 6.10
8.5
CVSSv2
CVE-2020-25717
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.
Samba Samba
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Resilient Storage 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Gluster Storage 3.0
Redhat Virtualization Host 4.0
Redhat Virtualization 4.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Openstack 13
1 Github repository
8.5
CVSSv2
CVE-2015-2698
The iakerb_gss_export_sec_context function in lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) 1.14 pre-release 2015-09-14 improperly accesses a certain pointer, which allows remote authenticated users to cause a denial of service (memory corruption) or possibly have unspeci...
Mit Kerberos 5 1.14
8.5
CVSSv2
CVE-2014-4345
Off-by-one error in the krb5_encode_krbsecretkey function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) 1.6.x up to and including 1.11.x prior to 1.11.6 and 1.12.x prior to 1.12.2 allows remote authenticated users...
Mit Kerberos 5 1.10.1
Mit Kerberos 5 1.10.2
Mit Kerberos 5 1.11.4
Mit Kerberos 5 1.6
Mit Kerberos 5 1.8.2
Mit Kerberos 5 1.8.3
Mit Kerberos 5 1.8.4
Mit Kerberos 5 1.9.4
Mit Kerberos 5 1.10.3
Mit Kerberos 5 1.10.4
Mit Kerberos 5 1.6.1
Mit Kerberos 5 1.6.2
Mit Kerberos 5 1.8.5
Mit Kerberos 5 1.8.6
Mit Kerberos 5 1.11.5
Mit Kerberos 5 1.12
Mit Kerberos 5 1.11
Mit Kerberos 5 1.11.1
Mit Kerberos 5 1.7
Mit Kerberos 5 1.7.1
Mit Kerberos 5 1.9
Mit Kerberos 5 1.9.1
8.5
CVSSv2
CVE-2007-4000
The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 up to and including 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authentica...
Mit Kerberos 5
Fedoraproject Fedora 7
8.3
CVSSv2
CVE-2007-2443
Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and previous versions might allow remote malicious users to execute arbitrary code via a negative length value.
Mit Kerberos 5
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 7.04
7.8
CVSSv2
CVE-2012-4660
The SIP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.2 prior to 8.2(5.17), 8.3 prior to 8.3(2.28), 8.4 prior to 8.4(2.13), 8.5 prior to 8.5(1.4), and 8...
Cisco Adaptive Security Appliance Software 8.2
Cisco Adaptive Security Appliance Software 8.2\\(1\\)
Cisco Adaptive Security Appliance Software 8.2\\(2\\)
Cisco Adaptive Security Appliance Software 8.2\\(3\\)
Cisco Adaptive Security Appliance Software 8.2\\(3.9\\)
Cisco Adaptive Security Appliance Software 8.2\\(4\\)
Cisco Adaptive Security Appliance Software 8.2\\(4.1\\)
Cisco Adaptive Security Appliance Software 8.2\\(4.4\\)
Cisco Adaptive Security Appliance Software 8.2\\(5\\)
Cisco Adaptive Security Appliance Software 8.3\\(1\\)
Cisco Adaptive Security Appliance Software 8.3\\(2\\)
Cisco Adaptive Security Appliance Software 8.4
Cisco Adaptive Security Appliance Software 8.4\\(1\\)
Cisco Adaptive Security Appliance Software 8.4\\(1.11\\)
Cisco Adaptive Security Appliance Software 8.4\\(2\\)
Cisco Adaptive Security Appliance Software 8.4\\(2.11\\)
Cisco Adaptive Security Appliance Software 8.5
Cisco Adaptive Security Appliance Software 8.5\\(1\\)
Cisco Adaptive Security Appliance Software 8.6
Cisco Adaptive Security Appliance Software 8.6\\(1\\)
Cisco 5500 Series Adaptive Security Appliance
Cisco Catalyst 6500
7.8
CVSSv2
CVE-2011-4151
The krb5_db2_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 up to and including 1.8.4, when the db2 (aka Berkeley DB) back end is used, allows remote malicious users to cause a denial of service (assertion failure and daemon exit) via...
Mit Kerberos 5 1.8.1
Mit Kerberos 5 1.8
Mit Kerberos 5 1.8.4
Mit Kerberos 5 1.8.3
Mit Kerberos 5 1.8.2
7.8
CVSSv2
CVE-2011-1527
The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 up to and including 1.9.1, when the LDAP back end is used, allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a kinit operation with i...
Mit Kerberos 5 1.9.1
Mit Kerberos 5 1.9
7.8
CVSSv2
CVE-2011-1528
The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 up to and including 1.8.4 and 1.9 up to and including 1.9.1, when the LDAP back end is used, allows remote malicious users to cause a denial of service (assertion failure an...
Mit Kerberos 5 1.8.4
Mit Kerberos 5 1.8.2
Mit Kerberos 5 1.8
Mit Kerberos 5 1.9.1
Mit Kerberos 5 1.9
Mit Kerberos 5 1.8.3
Mit Kerberos 5 1.8.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »