Search Results (148 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0247 5 Freebsd, Mit, Netbsd and 2 more 5 Freebsd, Kerberos 5, Netbsd and 2 more 2026-04-16 N/A
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.
CVE-2001-0417 1 Mit 2 Kerberos, Kerberos 5 2026-04-16 N/A
Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files.
CVE-1999-0713 4 Cde, Digital, Mit and 1 more 4 Cde, Unix, Kerberos 5 and 1 more 2026-04-16 N/A
The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges.
CVE-2000-0514 1 Mit 1 Kerberos 5 2026-04-16 N/A
GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict access to some FTP commands, which allows remote attackers to cause a denial of service, and local users to gain root privileges.
CVE-2000-0549 2 Cygnus, Mit 4 Cygnus Network Security, Kerbnet, Kerberos and 1 more 2026-04-16 N/A
Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request.
CVE-2004-0523 5 Mit, Redhat, Sgi and 2 more 8 Kerberos, Kerberos 5, Enterprise Linux and 5 more 2026-04-16 N/A
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.
CVE-2004-0643 3 Debian, Mit, Redhat 6 Debian Linux, Kerberos 5, Enterprise Linux and 3 more 2026-04-16 N/A
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
CVE-2003-0072 2 Mit, Redhat 4 Kerberos, Kerberos 5, Enterprise Linux and 1 more 2026-04-16 N/A
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka "array overrun").
CVE-2002-0036 2 Mit, Redhat 3 Kerberos 5, Enterprise Linux, Linux 2026-04-16 N/A
Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value.
CVE-2003-0058 3 Mit, Redhat, Sun 6 Kerberos 5, Enterprise Linux, Linux and 3 more 2026-04-16 N/A
MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.
CVE-2003-0059 2 Mit, Redhat 3 Kerberos 5, Enterprise Linux, Linux 2026-04-16 N/A
Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys.
CVE-2004-0772 4 Debian, Mit, Openpkg and 1 more 4 Debian Linux, Kerberos 5, Openpkg and 1 more 2026-04-16 9.8 Critical
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code.
CVE-2005-0488 4 Microsoft, Mit, Redhat and 1 more 4 Telnet Client, Kerberos 5, Enterprise Linux and 1 more 2026-04-16 N/A
Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.
CVE-2025-24528 2 Mit, Redhat 5 Kerberos 5, Discovery, Enterprise Linux and 2 more 2026-04-15 7.1 High
In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.
CVE-2023-39975 2 Mit, Redhat 2 Kerberos 5, Enterprise Linux 2026-02-25 8.8 High
kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another.
CVE-2020-28196 5 Fedoraproject, Mit, Netapp and 2 more 13 Fedora, Kerberos 5, Active Iq Unified Manager and 10 more 2025-12-03 7.5 High
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
CVE-2024-26458 3 Mit, Netapp, Redhat 13 Kerberos 5, Active Iq Unified Manager, Cloud Volumes Ontap Mediator and 10 more 2025-05-23 5.3 Medium
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.
CVE-2024-26461 3 Mit, Netapp, Redhat 13 Kerberos 5, Active Iq Unified Manager, Cloud Volumes Ontap Mediator and 10 more 2025-05-23 7.5 High
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.
CVE-2018-5729 4 Debian, Fedoraproject, Mit and 1 more 7 Debian Linux, Fedora, Kerberos 5 and 4 more 2025-05-05 4.7 Medium
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module.
CVE-2018-5730 4 Debian, Fedoraproject, Mit and 1 more 7 Debian Linux, Fedora, Kerberos 5 and 4 more 2025-05-05 3.8 Low
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN.