Mit Krb5 vulnerabilities
124 known vulnerabilities affecting mit/krb5.
Total CVEs
124
CISA KEV
0
Public exploits
4
Exploited in wild
2
Severity breakdown
CRITICAL30HIGH32MEDIUM53LOW9
Vulnerabilities
Page 6 of 7
CVE-2024-26458P4MEDIUMCVSS 5.3≥ 0, < 1.17-6ubuntu4.9≥ 0, < 1.19.2-2ubuntu0.6+1 more2025-03-03
CVE-2024-26458 [MEDIUM] krb5 vulnerabilities
krb5 vulnerabilities
It was discovered that Kerberos incorrectly handled certain memory
operations. A remote attacker could possibly use this issue to cause
Kerberos to consume memory,leading to a denial of service. (CVE-2024-26458,
CVE-2024-26461)
It was discovered that Kerberos incorrectly handled certain memory
operations. A remote attacker could possibly use this issue to cause
Kerberos to consume memory,leading to a denial of service. This issu
osv
CVE-2004-0644P4MEDIUMCVSS 5.0≥ 0, < 1.3.4-32004-09-28
CVE-2004-0644 [MEDIUM] CVE-2004-0644: The asn1buf_skiptail function in the ASN
The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service (infinite loop) via a certain BER encoding.
osv
CVE-2010-1324P4LOWCVSS 3.7≥ 0, < 1.8.3+dfsg-32010-12-02
CVE-2010-1324 [LOW] CVE-2010-1324: MIT Kerberos 5 (aka krb5) 1
MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.
osv
CVE-2015-2697P4MEDIUMCVSS 4.0≥ 0, < 1.13.2+dfsg-32015-11-09
CVE-2015-2697 [MEDIUM] CVE-2015-2697: The build_principal_va function in lib/krb5/krb/bld_princ
The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request.
osv
CVE-2014-5353P4LOWCVSS 3.5≥ 0, < 1.12.1+dfsg-162014-12-16
CVE-2014-5353 [LOW] CVE-2014-5353: The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy
The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy.
osv
CVE-2012-1013P4MEDIUMCVSS 4.0≥ 0, < 1.10.1+dfsg-32012-06-07
CVE-2012-1013 [MEDIUM] CVE-2012-1013: The check_1_6_dummy function in lib/kadm5/srv/svr_principal
The check_1_6_dummy function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x, and 1.10.x before 1.10.2 allows remote authenticated administrators to cause a denial of service (NULL pointer dereference and daemon crash) via a KRB5_KDB_DISALLOW_ALL_TIX create request that lacks a password.
osv
CVE-2010-1323P4LOWCVSS 3.7≥ 0, < 1.8.3+dfsg-32010-12-02
CVE-2010-1323 [LOW] CVE-2010-1323: MIT Kerberos 5 (aka krb5) 1
MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys.
osv
CVE-2005-1174P4MEDIUMCVSS 5.0≥ 0, < 1.3.6-42005-07-18
CVE-2005-1174 [MEDIUM] CVE-2005-1174: MIT Kerberos 5 (krb5) 1
MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory.
osv
CVE-2004-0643P4MEDIUMCVSS 4.6≥ 0, < 1.3.4-32004-09-28
CVE-2004-0643 [MEDIUM] CVE-2004-0643: Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
osv
CVE-2013-1416P4MEDIUMCVSS 4.0≥ 0, < 1.10.1+dfsg-52013-04-19
CVE-2013-1416 [MEDIUM] CVE-2013-1416: The prep_reprocess_req function in do_tgs_req
The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request.
osv
CVE-2018-5730P4LOWCVSS 3.8≥ 0, < 1.16.1-12018-03-06
CVE-2018-5730 [LOW] CVE-2018-5730: MIT krb5 1
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN.
osv
CVE-2003-0058P4MEDIUMCVSS 5.0≥ 0, < 1.2.5-12003-02-19
CVE-2003-0058 [MEDIUM] CVE-2003-0058: MIT Kerberos V5 Key Distribution Center (KDC) before 1
MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.
osv
CVE-2003-0082P4MEDIUMCVSS 5.0≥ 0, < 1.3.3-22003-04-02
CVE-2003-0082 [MEDIUM] CVE-2003-0082: The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap (aka "buffer underrun").
osv
CVE-2003-0072P4MEDIUMCVSS 5.0≥ 0, < 1.2.7-32003-04-02
CVE-2003-0072 [MEDIUM] CVE-2003-0072: The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka "array overrun").
osv
CVE-2024-26462P4MEDIUMCVSS 5.5≥ 0, < 1.20.1-2+deb12u3≥ 0, < 1.21.3-12024-02-29
CVE-2024-26462 [MEDIUM] CVE-2024-26462: Kerberos 5 (aka krb5) 1
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c.
osv
CVE-2013-6800P4MEDIUMCVSS 4.3≥ 0, < 1.12+dfsg-2ubuntu42013-11-17
CVE-2013-6800 [MEDIUM] CVE-2013-6800: An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1
An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request, a different vulnerability than CVE-2013-1418.
osv
CVE-2014-5354P4LOWCVSS 3.5≥ 0, < 1.12.1+dfsg-162014-12-16
CVE-2014-5354 [LOW] CVE-2014-5354: plugins/kdb/ldap/libkdb_ldap/ldap_principal2
plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by creating a database entry for a keyless principal, as demonstrated by a kadmin "add_principal -nokey" or "purgekeys -all" command.
osv
CVE-2014-5351P4LOWCVSS 2.1≥ 0, < 1.12+dfsg-2ubuntu5.12015-02-10
CVE-2014-5351 [LOW] krb5 vulnerabilities
krb5 vulnerabilities
It was discovered that Kerberos incorrectly sent old keys in response to a
-randkey -keepold request. An authenticated remote attacker could use this
issue to forge tickets by leveraging administrative access. This issue
only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
(CVE-2014-5351)
It was discovered that the libgssapi_krb5 library incorrectly processed
security context handles. A remote attacker could use th
osv
CVE-2009-0847P4MEDIUMCVSS 4.3≥ 0, < 1.6.dfsg.4~beta1-132009-04-09
CVE-2009-0847 [MEDIUM] CVE-2009-0847: The asn1buf_imbed function in the ASN
The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmetic.
osv
CVE-2007-5901P4MEDIUMCVSS 6.9≥ 0, < 1.6.dfsg.4~beta1-12007-12-06
CVE-2007-5901 [MEDIUM] CVE-2007-5901: Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize
Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code.
osv