Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kerberos vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2000-0389
Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote malicious users to gain root privileges.
Cygnus Cygnus Network Security 4.0
Cygnus Kerbnet 5.0
Mit Kerberos 5 1.0
Mit Kerberos 4.0
Mit Kerberos 5 1.1.1
Redhat Linux 6.2
3 EDB exploits
890
VMScore
CVE-2000-0390
Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote malicious users to gain root privileges.
Mit Kerberos 5 1.1.1
Cygnus Cygnus Network Security 4.0
Mit Kerberos 4.0
Cygnus Kerbnet 5.0
Mit Kerberos 5 1.0
Redhat Linux 6.2
890
VMScore
CVE-2000-0391
Buffer overflow in krshd in Kerberos 5 allows remote malicious users to gain root privileges.
Cygnus Kerbnet 5.0
Mit Kerberos 4.0
Mit Kerberos 5 1.0
Mit Kerberos 5 1.1.1
Cygnus Cygnus Network Security 4.0
Redhat Linux 6.2
641
VMScore
CVE-2000-0392
Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges.
Cygnus Cygnus Network Security 4.0
Cygnus Kerbnet 5.0
Mit Kerberos 4.0
Mit Kerberos 5 1.0
Mit Kerberos 5 1.1.1
Redhat Linux 6.2
NA
CVE-2022-42898
PAC parsing in MIT Kerberos 5 (aka krb5) prior to 1.19.4 and 1.20.x prior to 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and...
Mit Kerberos 5
Mit Kerberos 5 1.20
Heimdal Project Heimdal
Samba Samba
447
VMScore
CVE-2018-5709
An issue exists in MIT Kerberos 5 (aka krb5) up to and including 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. A...
Mit Kerberos
356
VMScore
CVE-2018-5710
An issue exists in MIT Kerberos 5 (aka krb5) up to and including 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote...
Mit Kerberos
668
VMScore
CVE-2017-15088
plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) up to and including 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote malicious users to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in ...
Mit Kerberos 5
NA
CVE-2023-39975
kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 prior to 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another.
Mit Kerberos 5
668
VMScore
CVE-2003-0138
Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an malicious user to impersonate any principal in a realm via a chosen-plaintext attack.
Mit Kerberos 4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »