Mit

Kerberos 5

137 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2021-36222

  • EPSS 4.66%
  • Published 22.07.2021 18:15:23
  • Last modified 21.11.2024 06:13:20

ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return valu...

7.5

CVE-2020-28196

  • EPSS 0.38%
  • Published 06.11.2020 08:15:13
  • Last modified 21.11.2024 05:22:27

MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.

7.5

CVE-2019-14844

  • EPSS 11.7%
  • Published 26.09.2019 12:15:11
  • Last modified 21.11.2024 04:27:29

A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC.

6.5

CVE-2017-7562

  • EPSS 0.26%
  • Published 26.07.2018 15:29:00
  • Last modified 21.11.2024 03:32:10

An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary prin...

6.5

CVE-2018-5729

  • EPSS 0.44%
  • Published 06.03.2018 20:29:00
  • Last modified 05.05.2025 14:14:33

MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to th...

5.5

CVE-2018-5730

  • EPSS 1.11%
  • Published 06.03.2018 20:29:00
  • Last modified 05.05.2025 14:12:56

MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string w...

9.8

CVE-2017-15088

  • EPSS 3.99%
  • Published 23.11.2017 17:29:00
  • Last modified 20.04.2025 01:37:25

plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and applicatio...

9.8

CVE-2017-11462

  • EPSS 1.06%
  • Published 13.09.2017 16:29:00
  • Last modified 20.04.2025 01:37:25

Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error.

6.5

CVE-2017-11368

  • EPSS 0.31%
  • Published 09.08.2017 18:29:01
  • Last modified 20.04.2025 01:37:25

In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests.

6.5

CVE-2016-3120

  • EPSS 1.89%
  • Published 01.08.2016 02:59:12
  • Last modified 12.04.2025 10:46:40

The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.6 and 1.4.x before 1.14.3, when restrict_anonymous_to_tgt is enabled, uses an incorrect client data structure, which allows r...