Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pam-krb5 project pam-krb5 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-10595
pam-krb5 prior to 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. It may overflow a buffer provided by the underlying Kerberos library by a single '\0' byte if an attacker responds to...
Pam-krb5 Project Pam-krb5
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
NA
CVE-2009-0361
Russ Allbery pam-krb5 prior to 3.13, as used by libpam-heimdal, su in Solaris 10, and other software, does not properly handle calls to pam_setcred when running setuid, which allows local users to overwrite and change the ownership of arbitrary files by setting the KRB5CCNAME env...
Eyrie Pam-krb5 3.2
Eyrie Pam-krb5 3.3
Eyrie Pam-krb5
Eyrie Pam-krb5 3.0
Eyrie Pam-krb5 3.1
Eyrie Pam-krb5 3.6
Eyrie Pam-krb5 3.7
Eyrie Pam-krb5 3.10
Eyrie Pam-krb5 3.11
Eyrie Pam-krb5 3.8
Eyrie Pam-krb5 3.9
Eyrie Pam-krb5 3.4
Eyrie Pam-krb5 3.5
NA
CVE-2009-0360
Russ Allbery pam-krb5 prior to 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching...
Eyrie Pam-krb5 3.8
Eyrie Pam-krb5 3.7
Eyrie Pam-krb5 3.0
Eyrie Pam-krb5 2.6
Eyrie Pam-krb5
Eyrie Pam-krb5 3.11
Eyrie Pam-krb5 3.4
Eyrie Pam-krb5 3.3
Eyrie Pam-krb5 2.3
Eyrie Pam-krb5 2.2
Eyrie Pam-krb5 3.10
Eyrie Pam-krb5 3.9
Eyrie Pam-krb5 3.2
Eyrie Pam-krb5 3.1
Eyrie Pam-krb5 2.1
Eyrie Pam-krb5 2.0
Eyrie Pam-krb5 3.6
Eyrie Pam-krb5 3.5
Eyrie Pam-krb5 2.5
Eyrie Pam-krb5 2.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started