Filtered by vendor Mit
Subscribe
Total
152 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0644 | 1 Mit | 1 Kerberos 5 | 2024-02-04 | 5.0 MEDIUM | N/A |
The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service (infinite loop) via a certain BER encoding. | |||||
CVE-2002-1652 | 1 Mit | 1 Cgiemail | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in cgicso.c for cgiemail 1.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long query parameter. | |||||
CVE-2000-0391 | 3 Cygnus, Mit, Redhat | 5 Cygnus Network Security, Kerbnet, Kerberos and 2 more | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges. | |||||
CVE-2002-1235 | 3 Debian, Kth, Mit | 4 Debian Linux, Kth Kerberos 4, Kth Kerberos 5 and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | |||||
CVE-2003-0060 | 1 Mit | 1 Kerberos 5 | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in Kerberos principal names. | |||||
CVE-2000-0390 | 3 Cygnus, Mit, Redhat | 5 Cygnus Network Security, Kerbnet, Kerberos and 2 more | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges. | |||||
CVE-2000-0546 | 3 Cygnus Network Security Project, Kerbnet Project, Mit | 4 Cygnus Network Security, Kerbnet, Kerberos and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function. | |||||
CVE-2010-0629 | 1 Mit | 2 Kerberos, Kerberos 5 | 2024-02-02 | 4.0 MEDIUM | 6.5 MEDIUM |
Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number. | |||||
CVE-2004-0642 | 3 Debian, Mit, Redhat | 5 Debian Linux, Kerberos 5, Enterprise Linux Desktop and 2 more | 2024-02-02 | 7.5 HIGH | N/A |
Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code. | |||||
CVE-2004-0772 | 1 Mit | 2 Kerberos, Kerberos 5 | 2024-02-02 | 7.5 HIGH | 9.8 CRITICAL |
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code. | |||||
CVE-2005-1689 | 1 Mit | 1 Kerberos 5 | 2024-02-02 | 7.5 HIGH | 9.8 CRITICAL |
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions. | |||||
CVE-2003-0041 | 2 Mit, Redhat | 2 Kerberos Ftp Client, Linux | 2024-02-02 | 10.0 HIGH | N/A |
Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client. |