Mit Kerberos vulnerabilities
35 known vulnerabilities affecting mit/kerberos.
Total CVEs
35
CISA KEV
0
Public exploits
2
Exploited in wild
1
Severity breakdown
CRITICAL7HIGH7MEDIUM18LOW3
Vulnerabilities
Page 2 of 2
CVE-2011-0281P4MEDIUMCVSS 5.0v5-1.6.32011-02-10
CVE-2011-0281 [MEDIUM] CWE-310 CVE-2011-0281: The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x t
The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence.
nvd
CVE-2011-0282P4MEDIUMCVSS 5.0v5-1.6.32011-02-10
CVE-2011-0282 [MEDIUM] CVE-2011-0282: The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backe
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name.
nvd
CVE-2010-1323P4LOWCVSS 3.7v5-1.5.42010-12-02
CVE-2010-1323 [LOW] CWE-310 CVE-2010-1323: MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not proper
MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4
nvd
CVE-2000-0548P4MEDIUMCVSS 5.0fixed in 4.0v4.02000-06-09
CVE-2000-0548 [MEDIUM] CWE-120 CVE-2000-0548: Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via t
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the e_msg variable in the kerb_err_reply function.
nvd
CVE-2003-0082P4MEDIUMCVSS 5.0v1.0v1.2.2.beta12003-04-02
CVE-2003-0082 [MEDIUM] CVE-2003-0082: The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticate
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap (aka "buffer underrun").
nvd
CVE-2003-0072P4MEDIUMCVSS 5.0v1.0v1.2.2.beta12003-04-02
CVE-2003-0072 [MEDIUM] CVE-2003-0072: The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticate
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka "array overrun").
nvd
CVE-2013-6800P4MEDIUMCVSS 4.0v5-1.10.5v5-1.10.6+1 more2013-11-18
CVE-2013-6800 [MEDIUM] CVE-2013-6800: An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (
An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request, a different vulnerability than CVE-2013-1418.
nvd
CVE-2014-5354P4LOWCVSS 3.5v5_1.132014-12-16
CVE-2014-5354 [LOW] CVE-2014-5354: plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before
plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by creating a database entry for a keyless principal, as demonstrated by a kadmin "add_principal -nokey" or "purgekeys -all"
nvd
CVE-2000-0546P4MEDIUMCVSS 5.0fixed in 4.0v4.02000-06-09
CVE-2000-0546 [MEDIUM] CWE-120 CVE-2000-0546: Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via t
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function.
nvd
CVE-2000-0547P4MEDIUMCVSS 5.0fixed in 4.0v4.02000-06-09
CVE-2000-0547 [MEDIUM] CWE-120 CVE-2000-0547: Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via t
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the localrealm variable in the process_v4 function.
nvd
CVE-2000-0550P4MEDIUMCVSS 5.0v4.02000-06-09
CVE-2000-0550 [MEDIUM] CVE-2000-0550: Kerberos 4 KDC program improperly frees memory twice (aka "double-free"), which allows remote attack
Kerberos 4 KDC program improperly frees memory twice (aka "double-free"), which allows remote attackers to cause a denial of service.
nvd
CVE-2000-0549P4MEDIUMCVSS 5.0v4.02000-06-09
CVE-2000-0549 [MEDIUM] CVE-2000-0549: Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests
Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request.
nvd
CVE-2009-0847P4MEDIUMCVSS 4.3v5-1.6.32009-04-09
CVE-2009-0847 [MEDIUM] CWE-189 CVE-2009-0847: The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is
The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmetic.
nvd
CVE-2001-0417P4LOWCVSS 2.1v42001-06-27
CVE-2001-0417 [LOW] CVE-2001-0417: Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ti
Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files.
nvd
CVE-1999-0143P4MEDIUMCVSS 4.6v4.01996-02-21
CVE-1999-0143 [MEDIUM] CVE-1999-0143: Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys
Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys.
nvd
← Previous2 / 2