Product:

Kerberos_5

(Mit)
Repositories https://github.com/krb5/krb5
#Vulnerabilities 132
Date Id Summary Products Score Patch Annotated
2017-09-13 CVE-2017-11462 Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error. Fedora, Kerberos_5 9.8
2018-03-06 CVE-2018-5729 MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module. Debian_linux, Fedora, Kerberos_5, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 4.7
2018-03-06 CVE-2018-5730 MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN. Debian_linux, Fedora, Kerberos_5, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 3.8
2020-11-06 CVE-2020-28196 MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit. Fedora, Kerberos_5, Active_iq_unified_manager, Cloud_backup, Oncommand_insight, Oncommand_workflow_automation, Snapcenter, Communications_cloud_native_core_policy, Communications_offline_mediation_controller, Communications_pricing_design_center, Mysql_server 7.5
2021-08-23 CVE-2021-37750 The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field. Debian_linux, Fedora, Kerberos_5, Communications_cloud_native_core_network_slice_selection_function, Starwind_virtual_san 6.5
2022-12-25 CVE-2022-42898 PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug." Heimdal, Kerberos_5, Samba 8.8
2022-08-30 CVE-2022-39028 telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd application has many crashes within a short time interval, the telnet service would become unavailable after inetd logs a "telnet/tcp server failing (looping), service terminated" error. NOTE: MIT... Debian_linux, Inetutils, Kerberos_5, Netkit\-Telnet 7.5
2018-07-26 CVE-2017-7562 An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances. Kerberos_5, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 6.5
2019-09-26 CVE-2019-14844 A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC. Fedora, Kerberos_5 7.5
1996-02-21 CVE-1999-0143 Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys. Kerberos, Kerberos_5, Multinet, Sunos N/A