Product:

Kerberos

(Mit)
Repositories https://github.com/krb5/krb5
#Vulnerabilities 33
Date Id Summary Products Score Patch Annotated
2017-08-09 CVE-2017-11368 In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests. Fedora, Kerberos, Kerberos_5 6.5
2018-01-16 CVE-2018-5709 An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data. Kerberos 7.5
2018-01-16 CVE-2018-5710 An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client. Kerberos 6.5
2018-12-26 CVE-2018-20217 A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request. Debian_linux, Kerberos 5.3
1996-02-21 CVE-1999-0143 Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys. Kerberos, Kerberos_5, Multinet, Sunos N/A
2001-08-14 CVE-2001-0554 Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. Debian_linux, Freebsd, Aix, Kerberos, Kerberos_5, Netbsd, Linux_netkit, Openbsd, Irix, Solaris, Sunos N/A
2000-06-09 CVE-2000-0548 Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the e_msg variable in the kerb_err_reply function. Cygnus_network_security, Kerbnet, Kerberos, Kerberos_5 N/A
2000-06-09 CVE-2000-0547 Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the localrealm variable in the process_v4 function. Cygnus_network_security, Kerbnet, Kerberos, Kerberos_5 N/A
2000-06-09 CVE-2000-0546 Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function. Cygnus_network_security, Kerbnet, Kerberos, Kerberos_5 N/A
2014-12-16 CVE-2014-5354 plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by creating a database entry for a keyless principal, as demonstrated by a kadmin "add_principal -nokey" or "purgekeys -all" command. Kerberos, Kerberos_5 N/A