Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mit kerberos 5 vulnerabilities and exploits
(subscribe to this query)
614
VMScore
CVE-2007-5971
Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors.
Mit Kerberos 5
605
VMScore
CVE-2017-11103
Heimdal prior to 7.4 allows remote malicious users to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained ...
Heimdal Project Heimdal
Freebsd Freebsd -
Samba Samba
Apple Mac Os X
Apple Iphone Os
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
605
VMScore
CVE-2011-1530
The process_tgs_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 up to and including 1.9.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS request that t...
Mit Mit Kerberos 5.1.9.2
Mit Mit Kerberos 5.1.9.1
Mit Mit Kerberos 5.1.9
605
VMScore
CVE-2010-3557
Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was...
Sun Jre 1.6.0
Sun Jre
Sun Jdk 1.6.0
Sun Jdk
Sun Jdk 1.5.0
Sun Sdk
Sun Sdk 1.4.2 19
Sun Sdk 1.4.2
Sun Sdk 1.4.2 26
Sun Sdk 1.4.2 10
Sun Sdk 1.4.2 12
Sun Sdk 1.4.2 17
Sun Sdk 1.4.2 14
Sun Sdk 1.4.2 21
Sun Sdk 1.4.2 13
Sun Sdk 1.4.2 6
Sun Sdk 1.4.2 23
Sun Sdk 1.4.2 5
Sun Sdk 1.4.2 1
Sun Sdk 1.4.2 18
Sun Sdk 1.4.2 4
Sun Sdk 1.4.2 22
605
VMScore
CVE-2010-3549
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous informatio...
Sun Jre 1.6.0
Sun Jre
Sun Jdk 1.6.0
Sun Jdk
Sun Jdk 1.5.0
Sun Sdk
Sun Sdk 1.4.2 19
Sun Sdk 1.4.2
Sun Sdk 1.4.2 26
Sun Sdk 1.4.2 10
Sun Sdk 1.4.2 12
Sun Sdk 1.4.2 17
Sun Sdk 1.4.2 14
Sun Sdk 1.4.2 21
Sun Sdk 1.4.2 13
Sun Sdk 1.4.2 6
Sun Sdk 1.4.2 23
Sun Sdk 1.4.2 5
Sun Sdk 1.4.2 1
Sun Sdk 1.4.2 18
Sun Sdk 1.4.2 4
Sun Sdk 1.4.2 22
605
VMScore
CVE-2010-1321
The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) up to and including 1.7.1 and 1.8 prior to 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authen...
Mit Kerberos 5
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Oracle Database Server -
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 11
Opensuse Opensuse 11.0
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Suse Linux Enterprise Server 10
Fedoraproject Fedora 11
Fedoraproject Fedora 13
Fedoraproject Fedora 12
578
VMScore
CVE-2011-1526
ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and previous versions does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, o...
Mit Krb5-appl
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Fedoraproject Fedora 15
Fedoraproject Fedora 14
Suse Linux Enterprise Desktop 11
Opensuse Opensuse 11.4
Opensuse Opensuse 11.3
Suse Linux Enterprise Server 10
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Software Development Kit 11
578
VMScore
CVE-2010-1322
The merge_authdata function in kdc_authdata.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x prior to 1.8.4 does not properly manage an index into an authorization-data list, which allows remote malicious users to cause a denial of service (daemon crash),...
Mit Kerberos 5 1.8
Mit Kerberos 5 1.8.1
Mit Kerberos 5 1.8.2
Mit Kerberos 5 1.8.3
534
VMScore
CVE-2018-16860
A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and ...
Samba Samba
Heimdal Project Heimdal
517
VMScore
CVE-2019-25017
An issue exists in rcp in MIT krb5-appl up to and including 1.0.3. Due to the rcp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned (o...
Mit Krb5-appl
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »