Search Results (160 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0059 2 Mit, Redhat 3 Kerberos 5, Enterprise Linux, Linux 2026-04-16 N/A
Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys.
CVE-2004-0772 4 Debian, Mit, Openpkg and 1 more 4 Debian Linux, Kerberos 5, Openpkg and 1 more 2026-04-16 9.8 Critical
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code.
CVE-2001-0554 10 Debian, Freebsd, Ibm and 7 more 12 Debian Linux, Freebsd, Aix and 9 more 2026-04-16 N/A
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
CVE-2000-0546 3 Cygnus Network Security Project, Kerbnet Project, Mit 4 Cygnus Network Security, Kerbnet, Kerberos and 1 more 2026-04-16 N/A
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function.
CVE-2000-0547 3 Cygnus Network Security Project, Kerbnet Project, Mit 4 Cygnus Network Security, Kerbnet, Kerberos and 1 more 2026-04-16 N/A
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the localrealm variable in the process_v4 function.
CVE-2000-0514 1 Mit 1 Kerberos 5 2026-04-16 N/A
GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict access to some FTP commands, which allows remote attackers to cause a denial of service, and local users to gain root privileges.
CVE-2000-0548 3 Cygnus Network Security Project, Kerbnet Project, Mit 4 Cygnus Network Security, Kerbnet, Kerberos and 1 more 2026-04-16 N/A
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the e_msg variable in the kerb_err_reply function.
CVE-1999-0143 3 Mit, Process Software, Sun 4 Kerberos, Kerberos 5, Multinet and 1 more 2026-04-16 N/A
Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys.
CVE-2005-1689 4 Apple, Debian, Mit and 1 more 5 Mac Os X, Mac Os X Server, Debian Linux and 2 more 2026-04-16 9.8 Critical
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.
CVE-2000-0392 3 Cygnus, Mit, Redhat 5 Cygnus Network Security, Kerbnet, Kerberos and 2 more 2026-04-16 N/A
Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges.
CVE-2005-1175 2 Mit, Redhat 2 Kerberos 5, Enterprise Linux 2026-04-16 N/A
Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP request.
CVE-2000-0549 2 Cygnus, Mit 4 Cygnus Network Security, Kerbnet, Kerberos and 1 more 2026-04-16 N/A
Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request.
CVE-2003-0028 11 Cray, Freebsd, Gnu and 8 more 15 Unicos, Freebsd, Glibc and 12 more 2026-04-16 N/A
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.
CVE-2001-0247 5 Freebsd, Mit, Netbsd and 2 more 5 Freebsd, Kerberos 5, Netbsd and 2 more 2026-04-16 N/A
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.
CVE-2005-1174 2 Mit, Redhat 2 Kerberos 5, Enterprise Linux 2026-04-16 N/A
MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory.
CVE-1999-1321 1 Mit 1 Kerberos 2026-04-16 N/A
Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could allow remote attackers to cause a denial of service or execute arbitrary commands via a long DNS hostname that is not properly handled during TGT ticket passing.
CVE-2000-0550 2 Cygnus, Mit 4 Cygnus Network Security, Kerbnet, Kerberos and 1 more 2026-04-16 N/A
Kerberos 4 KDC program improperly frees memory twice (aka "double-free"), which allows remote attackers to cause a denial of service.
CVE-2004-1189 2 Mit, Redhat 2 Kerberos 5, Enterprise Linux 2026-04-16 N/A
The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an array index out-of-bounds error and may allow authenticated users to execute arbitrary code via a heap-based buffer overflow.
CVE-1999-0713 4 Cde, Digital, Mit and 1 more 4 Cde, Unix, Kerberos 5 and 1 more 2026-04-16 N/A
The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges.
CVE-2003-0082 2 Mit, Redhat 4 Kerberos, Kerberos 5, Enterprise Linux and 1 more 2026-04-16 N/A
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap (aka "buffer underrun").