Filtered by vendor Mit
Subscribe
Total
155 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0546 | 3 Cygnus Network Security Project, Kerbnet Project, Mit | 4 Cygnus Network Security, Kerbnet, Kerberos and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function. | |||||
| CVE-2003-0058 | 2 Mit, Sun | 4 Kerberos 5, Enterprise Authentication Mechanism, Solaris and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference. | |||||
| CVE-2004-0644 | 1 Mit | 1 Kerberos 5 | 2025-04-03 | 5.0 MEDIUM | N/A |
| The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service (infinite loop) via a certain BER encoding. | |||||
| CVE-2003-0028 | 10 Cray, Freebsd, Gnu and 7 more | 13 Unicos, Freebsd, Glibc and 10 more | 2025-04-03 | 7.5 HIGH | N/A |
| Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. | |||||
| CVE-2004-1189 | 1 Mit | 1 Kerberos 5 | 2025-04-03 | 7.2 HIGH | N/A |
| The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an array index out-of-bounds error and may allow authenticated users to execute arbitrary code via a heap-based buffer overflow. | |||||
| CVE-2002-1575 | 1 Mit | 1 Cgiemail | 2025-04-03 | 5.0 MEDIUM | N/A |
| cgiemail allows remote attackers to use cgiemail as a spam proxy via CRLF injection of encoded newline (%0a) characters in parameters such as "required-subject," which can be used to modify the CC, BCC, and other header fields in the generated email message. | |||||
| CVE-2003-0059 | 1 Mit | 1 Kerberos 5 | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys. | |||||
| CVE-2000-0548 | 3 Cygnus Network Security Project, Kerbnet Project, Mit | 4 Cygnus Network Security, Kerbnet, Kerberos and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the e_msg variable in the kerb_err_reply function. | |||||
| CVE-2002-0900 | 1 Mit | 1 Pgp Public Key Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in pks PGP public key web server before 0.9.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long search argument to the lookup capability. | |||||
| CVE-2003-0082 | 1 Mit | 2 Kerberos, Kerberos 5 | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap (aka "buffer underrun"). | |||||
| CVE-2002-0036 | 1 Mit | 1 Kerberos 5 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value. | |||||
| CVE-2001-0247 | 5 Freebsd, Mit, Netbsd and 2 more | 5 Freebsd, Kerberos 5, Netbsd and 2 more | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. | |||||
| CVE-2000-0514 | 1 Mit | 1 Kerberos 5 | 2025-04-03 | 10.0 HIGH | N/A |
| GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict access to some FTP commands, which allows remote attackers to cause a denial of service, and local users to gain root privileges. | |||||
| CVE-2024-26462 | 2 Mit, Netapp | 11 Kerberos 5, Active Iq Unified Manager, Cloud Volumes Ontap Mediator and 8 more | 2025-03-25 | N/A | 5.5 MEDIUM |
| Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c. | |||||
| CVE-2024-37371 | 2 Debian, Mit | 2 Debian Linux, Kerberos 5 | 2025-03-13 | N/A | 9.1 CRITICAL |
| In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. | |||||
| CVE-2024-37370 | 1 Mit | 1 Kerberos 5 | 2025-03-13 | N/A | 7.5 HIGH |
| In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. | |||||
| CVE-2023-39975 | 1 Mit | 1 Kerberos 5 | 2024-11-21 | N/A | 8.8 HIGH |
| kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another. | |||||
| CVE-2023-36054 | 3 Debian, Mit, Netapp | 7 Debian Linux, Kerberos 5, Active Iq Unified Manager and 4 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count. | |||||
| CVE-2022-39028 | 4 Debian, Gnu, Mit and 1 more | 4 Debian Linux, Inetutils, Kerberos 5 and 1 more | 2024-11-21 | N/A | 7.5 HIGH |
| telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd application has many crashes within a short time interval, the telnet service would become unavailable after inetd logs a "telnet/tcp server failing (looping), service terminated" error. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8. | |||||
| CVE-2021-37750 | 5 Debian, Fedoraproject, Mit and 2 more | 5 Debian Linux, Fedora, Kerberos 5 and 2 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field. | |||||