cbcvebase.

Mit Kerberos 5 vulnerabilities

135 known vulnerabilities affecting mit/kerberos_5.

Total CVEs
135
CISA KEV
0
Public exploits
5
Exploited in wild
2
Severity breakdown
CRITICAL32HIGH35MEDIUM58LOW10

Vulnerabilities

Page 6 of 7
CVE-2006-6144P4MEDIUMCVSS 5.0≥ 1.5, ≤ 1.5.12006-12-31
CVE-2006-6144 [MEDIUM] CVE-2006-6144: The "mechglue" abstraction interface of the GSS-API library for Kerberos 5 1.5 through 1.5.1, as use The "mechglue" abstraction interface of the GSS-API library for Kerberos 5 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, allows remote attackers to cause a denial of service (crash) via unspecified vectors that cause mechglue to free uninitialized pointers.
nvd
CVE-2003-0059P4HIGHCVSS 7.5v1.2.1v1.2.22003-02-19
CVE-2003-0059 [HIGH] CVE-2003-0059: Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 all Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys.
nvd
CVE-2011-0283P4MEDIUMCVSS 5.0v1.92011-02-10
CVE-2011-0283 [MEDIUM] CVE-2011-0283: The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 allows remote attackers to cause The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed request packet that does not trigger a response packet.
nvd
CVE-2012-1016P4MEDIUMCVSS 5.0fixed in 1.10.42013-03-05
CVE-2012-1016 [MEDIUM] CWE-476 CVE-2012-1016: The pkinit_server_return_padata function in plugins/preauth/pkinit/pkinit_srv.c in the PKINIT implem The pkinit_server_return_padata function in plugins/preauth/pkinit/pkinit_srv.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 attempts to find an agility KDF identifier in inappropriate circumstances, which allows remote attackers to cause a denial of service (NULL pointer dereference and
nvd
CVE-2024-26458P4MEDIUMCVSS 5.3v1.21.22024-02-29
CVE-2024-26458 [MEDIUM] CWE-401 CVE-2024-26458: Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c. Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.
nvd
CVE-2004-0644P4MEDIUMCVSS 5.0v1.2.2v1.2.3+10 more2004-09-28
CVE-2004-0644 [MEDIUM] CVE-2004-0644: The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1 The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service (infinite loop) via a certain BER encoding.
nvd
CVE-2010-1324P4LOWCVSS 3.7v1.7v1.7.1+4 more2010-12-02
CVE-2010-1324 [LOW] CWE-310 CVE-2010-1324: MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptabilit MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.
nvd
CVE-1999-1296P4HIGHCVSS 7.2v1.5.21997-04-29
CVE-1999-1296 [HIGH] CVE-1999-1296: Buffer overflow in Kerberos IV compatibility libraries as used in Kerberos V allows local users to g Buffer overflow in Kerberos IV compatibility libraries as used in Kerberos V allows local users to gain root privileges via a long line in a kerberos configuration file, which can be specified via the KRB_CONF environmental variable.
nvd
CVE-2015-2697P4MEDIUMCVSS 4.0fixed in 1.142015-11-09
CVE-2015-2697 [MEDIUM] CWE-125 CVE-2015-2697: The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request.
nvd
CVE-2014-5353P4LOWCVSS 3.5fixed in 1.13.12014-12-16
CVE-2014-5353 [LOW] CWE-476 CVE-2014-5353: The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password
nvd
CVE-2012-1013P4MEDIUMCVSS 4.0v1.8v1.8.1+11 more2012-06-07
CVE-2012-1013 [MEDIUM] CVE-2012-1013: The check_1_6_dummy function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5 The check_1_6_dummy function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x, and 1.10.x before 1.10.2 allows remote authenticated administrators to cause a denial of service (NULL pointer dereference and daemon crash) via a KRB5_KDB_DISALLOW_ALL_TIX create request that lacks a password.
nvd
CVE-2010-1323P4LOWCVSS 3.7v1.3v1.3.1+23 more2010-12-02
CVE-2010-1323 [LOW] CWE-310 CVE-2010-1323: MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not proper MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4
nvd
CVE-2005-1174P4MEDIUMCVSS 5.0v1.3v1.3.1+7 more2005-07-18
CVE-2005-1174 [MEDIUM] CVE-2005-1174: MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cau MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory.
nvd
CVE-2002-0036P4MEDIUMCVSS 5.0v1.2.1v1.2.2+2 more2003-02-19
CVE-2002-0036 [MEDIUM] CVE-2002-0036: Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value.
nvd
CVE-2004-0643P4MEDIUMCVSS 4.6≤ 1.3.32004-09-28
CVE-2004-0643 [MEDIUM] CWE-415 CVE-2004-0643: Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier m Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
nvd
CVE-2013-1416P4MEDIUMCVSS 4.0fixed in 1.10.52013-04-19
CVE-2013-1416 [MEDIUM] CWE-476 CVE-2013-1416: The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request.
nvd
CVE-2018-5730P4LOWCVSS 3.8≥ 5-1.6, < 5-1.21.22018-03-06
CVE-2018-5730 [LOW] CWE-90 CVE-2018-5730: MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Ke MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN.
nvd
CVE-2003-0058P4MEDIUMCVSS 5.0v1.2.1v1.2.2+2 more2003-02-19
CVE-2003-0058 [MEDIUM] CVE-2003-0058: MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.
nvd
CVE-2000-0548P4MEDIUMCVSS 5.0≥ 1.0, ≤ 1.0.7v1.1+1 more2000-06-09
CVE-2000-0548 [MEDIUM] CWE-120 CVE-2000-0548: Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via t Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the e_msg variable in the kerb_err_reply function.
nvd
CVE-2003-0082P4MEDIUMCVSS 5.0v1.0.6v1.1+10 more2003-04-02
CVE-2003-0082 [MEDIUM] CVE-2003-0082: The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticate The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap (aka "buffer underrun").
nvd
Mit Kerberos 5 vulnerabilities | cvebase