Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mit kerberos 5 1.4.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4743
The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 up to and including 1.6.2, as used by the Kerberos administration daemon (kadmind) and other applications that use krb5, does not correctly check the buffer length in...
Mit Kerberos 5 1.4.1
Mit Kerberos 5 1.4.2
Mit Kerberos 5 1.6
Mit Kerberos 5 1.6.1
Mit Kerberos 5 1.4
Mit Kerberos 5 1.5.2
Mit Kerberos 5 1.5.3
Mit Kerberos 5 1.4.3
Mit Kerberos 5 1.4.4
Mit Kerberos 5 1.6.2
Mit Kerberos 5 1.5
Mit Kerberos 5 1.5.1
NA
CVE-2007-3999
Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 up to and including 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party application...
Mit Kerberos 5 1.4.1
Mit Kerberos 5 1.4.2
Mit Kerberos 5 1.6
Mit Kerberos 5 1.6.1
Mit Kerberos 5 1.4.3
Mit Kerberos 5 1.4.4
Mit Kerberos 5 1.6.2
Mit Kerberos 5 1.4
Mit Kerberos 5 1.5.2
Mit Kerberos 5 1.5.3
Mit Kerberos 5 1.5
Mit Kerberos 5 1.5.1
NA
CVE-2007-2442
The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and previous versions might allow remote malicious users to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup.
Mit Kerberos 5
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
NA
CVE-2007-2443
Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and previous versions might allow remote malicious users to execute arbitrary code via a negative length value.
Mit Kerberos 5
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 7.04
NA
CVE-2007-2798
Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.
Mit Kerberos 5
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 7.04
Debian Debian Linux 3.1
Debian Debian Linux 4.0
NA
CVE-2007-1216
Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 prior to 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to...
Mit Kerberos 5
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 6.10
Debian Debian Linux 3.1
Debian Debian Linux 4.0
1 Github repository
NA
CVE-2007-0956
The telnet daemon (telnetd) in MIT krb5 prior to 1.6.1 allows remote malicious users to bypass authentication and gain system access via a username beginning with a '-' character, a similar issue to CVE-2007-0882.
Mit Kerberos 5
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 6.10
NA
CVE-2007-0957
Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Kerberos administration daemon (kadmind) and Key Distribution Center (KDC), in MIT krb5 prior to 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerb...
Mit Kerberos 5
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 6.10
NA
CVE-2006-6143
The RPC library in Kerberos 5 1.4 up to and including 1.4.4, and 1.5 up to and including 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote malicious use...
Mit Kerberos 5 1.4
Mit Kerberos 5 1.4.1
Mit Kerberos 5 1.4.2
Mit Kerberos 5 1.4.3
Mit Kerberos 5 1.4.4
Mit Kerberos 5 1.5
Mit Kerberos 5 1.5.1
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
NA
CVE-2006-3083
The (1) krshd and (2) v4rcp applications in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x prior to 1.4.4, when running on Linux and AIX, and (b) Heimdal 0.7.2 and previous versions, do not check return codes for setuid calls, which allows local users to gain privileges by causin...
Heimdal Heimdal 0.7.2
Mit Kerberos 5 1.4.2
Mit Kerberos 5 1.4.3
Mit Kerberos 5 1.4
Mit Kerberos 5 1.4.1
Mit Kerberos 5 1.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »