Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kerberos vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2006-6144
The "mechglue" abstraction interface of the GSS-API library for Kerberos 5 1.5 up to and including 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, allows remote malicious users to cause a denial of service (crash) via...
Mit Kerberos 5
668
VMScore
CVE-2017-15088
plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) up to and including 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote malicious users to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in ...
Mit Kerberos 5
668
VMScore
CVE-2001-1323
Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and previous versions allows remote malicious users to cause a denial of service and possibly execute arbitrary code via base-64 encoded data, which is not properly handled when the radix_encode function processes file glob output fr...
Mit Kerberos 5
641
VMScore
CVE-2004-1189
The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an array index out-of-bounds er...
Mit Kerberos 5
668
VMScore
CVE-1999-1321
Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could allow remote malicious users to cause a denial of service or execute arbitrary commands via a long DNS hostname that is not properly handled during TGT ticket passing.
Mit Kerberos V
725
VMScore
CVE-2001-0034
KTH Kerberos IV allows local users to specify an alternate proxy using the krb4_proxy variable, which allows the user to generate false proxy responses and possibly gain privileges.
Kth Kth Kerberos
1 EDB exploit
828
VMScore
CVE-2007-5894
The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 (krb5) does not initialize the length variable when auth_type has a certain value, which has unknown impact and remote authenticated attack vectors. NOTE: the original disclosure misidentifies the conditions under ...
Mit Kerberos 5 -
890
VMScore
CVE-2007-5902
Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote malicious users to have an unknown impact via a large length value for a GSS client name in an RPC request.
Mit Kerberos 5 -
445
VMScore
CVE-2012-1016
The pkinit_server_return_padata function in plugins/preauth/pkinit/pkinit_srv.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) prior to 1.10.4 attempts to find an agility KDF identifier in inappropriate circumstances, which allows r...
Mit Kerberos 5
668
VMScore
CVE-2014-8650
python-requests-Kerberos up to and including 0.5 does not handle mutual authentication
Requests-kerberos Project Requests-kerberos
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »