Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mit vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5972
Double free vulnerability in the krb5_def_store_mkey function in lib/kdb/kdb_default.c in MIT Kerberos 5 (krb5) 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must hav...
Mit Kerberos 5 1.5
NA
CVE-2011-0283
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed request packet that does not trigger a response packet.
Mit Kerberos 5 1.9
6.1
CVSSv3
CVE-2020-27428
A DOM-based cross-site scripting (XSS) vulnerability in Scratch-Svg-Renderer v0.2.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted sb3 file.
Mit Scratch-svg-renderer 0.2.0
NA
CVE-1999-0143
Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys.
Process Software Multinet 3.4
Mit Kerberos 4.0
Process Software Multinet 3.5
Mit Kerberos 5 -
Sun Sunos 5.3
Sun Sunos 5.4
NA
CVE-2007-4000
The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 up to and including 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authentica...
Mit Kerberos 5
Fedoraproject Fedora 7
NA
CVE-2007-6429
Multiple integer overflows in X.Org Xserver prior to 1.4.1 allow context-dependent malicious users to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or ...
X.org Xserver
X.org Evi
X.org Mit-shm
NA
CVE-2007-3149
sudo, when linked with MIT Kerberos 5 (krb5), does not properly check whether a user can currently authenticate to Kerberos, which allows local users to gain privileges, in a manner unintended by the sudo security model, via certain KRB5_ environment variable settings. NOTE: anot...
Mit Kerberos 5 -
Todd Miller Sudo 1.6.8 P12
NA
CVE-1999-0713
The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges.
Mit Kerberos 5 -
Cde Cde
Transarc Afs
Digital Unix
5.3
CVSSv3
CVE-2018-20217
A Reachable Assertion issue exists in the KDC in MIT Kerberos 5 (aka krb5) prior to 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.
Mit Kerberos
Debian Debian Linux 8.0
Debian Debian Linux 9.0
NA
CVE-2005-0488
Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.
Microsoft Telnet Client 5.1.2600.2180
Mit Kerberos 5 1.3.4
Sun Sunos 5.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »