Filtered by vendor Mit
Subscribe
Total
154 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0523 | 4 Mit, Sgi, Sun and 1 more | 7 Kerberos, Kerberos 5, Propack and 4 more | 2024-02-28 | 10.0 HIGH | N/A |
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root. | |||||
CVE-2003-0058 | 2 Mit, Sun | 4 Kerberos 5, Enterprise Authentication Mechanism, Solaris and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference. | |||||
CVE-2001-0554 | 9 Debian, Freebsd, Ibm and 6 more | 11 Debian Linux, Freebsd, Aix and 8 more | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. | |||||
CVE-2003-0060 | 1 Mit | 1 Kerberos 5 | 2024-02-28 | 7.5 HIGH | N/A |
Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in Kerberos principal names. | |||||
CVE-2002-0036 | 1 Mit | 1 Kerberos 5 | 2024-02-28 | 5.0 MEDIUM | N/A |
Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value. | |||||
CVE-2004-0772 | 3 Debian, Mit, Openpkg | 3 Debian Linux, Kerberos 5, Openpkg | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code. | |||||
CVE-2000-0546 | 3 Cygnus Network Security Project, Kerbnet Project, Mit | 4 Cygnus Network Security, Kerbnet, Kerberos and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function. | |||||
CVE-2000-0547 | 3 Cygnus Network Security Project, Kerbnet Project, Mit | 4 Cygnus Network Security, Kerbnet, Kerberos and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the localrealm variable in the process_v4 function. | |||||
CVE-2000-0548 | 3 Cygnus Network Security Project, Kerbnet Project, Mit | 4 Cygnus Network Security, Kerbnet, Kerberos and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the e_msg variable in the kerb_err_reply function. | |||||
CVE-2002-1235 | 3 Debian, Kth, Mit | 4 Debian Linux, Kth Kerberos 4, Kth Kerberos 5 and 1 more | 2024-02-28 | 10.0 HIGH | N/A |
The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | |||||
CVE-2004-1189 | 1 Mit | 1 Kerberos 5 | 2024-02-28 | 7.2 HIGH | N/A |
The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an array index out-of-bounds error and may allow authenticated users to execute arbitrary code via a heap-based buffer overflow. | |||||
CVE-2003-0028 | 10 Cray, Freebsd, Gnu and 7 more | 13 Unicos, Freebsd, Glibc and 10 more | 2024-02-28 | 7.5 HIGH | N/A |
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. | |||||
CVE-1999-1296 | 1 Mit | 1 Kerberos 5 | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in Kerberos IV compatibility libraries as used in Kerberos V allows local users to gain root privileges via a long line in a kerberos configuration file, which can be specified via the KRB_CONF environmental variable. | |||||
CVE-2001-0417 | 1 Mit | 2 Kerberos, Kerberos 5 | 2024-02-28 | 2.1 LOW | N/A |
Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files. |