CVSS: 6.5EPSS: 6%CPEs: 30EXPL: 0CVE-2015-8631 – krb5: Memory leak caused by supplying a null principal name in request
https://notcve.org/view.php?id=CVE-2015-8631
05 Feb 2016 — Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (memory consumption) via a request specifying a NULL principal name. Múltiples pérdidas de memoria en kadmin/server/server_stubs.c en kadmind en MIT Kerberos 5 (también conocido como krb5) en versiones anteriores a 1.13.4 y 1.14.x en versiones anteriores a 1.14.1 permiten a usuarios remotos autenticados causar una d... • http://krbdev.mit.edu/rt/Ticket/Display.html?id=8343 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 6%CPEs: 21EXPL: 0CVE-2015-2695 – Ubuntu Security Notice USN-2810-1
https://notcve.org/view.php?id=CVE-2015-2695
09 Nov 2015 — lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call. lib/gssapi/spnego/spnego_mech.c en MIT Kerberos 5 (también conocido como krb5) en versiones anteriores a 1.14 confía en un manejo de contexto inapropiado, lo que permite a atacantes remotos provocar una denegació... • http://krbdev.mit.edu/rt/Ticket/Display.html?id=8244 • CWE-763: Release of Invalid Pointer or Reference •
CVSS: 7.5EPSS: 13%CPEs: 14EXPL: 0CVE-2015-2696 – Ubuntu Security Notice USN-2810-1
https://notcve.org/view.php?id=CVE-2015-2696
09 Nov 2015 — lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mishandled during a gss_inquire_context call. lib/gssapi/krb5/iakerb.c en MIT Kerberos 5 (también conocido como krb5) en versiones anteriores a 1.14 confía en un manejo de contexto inapropiado, lo cual permite a atacantes remotos provocar una denegación de servicio... • http://krbdev.mit.edu/rt/Ticket/Display.html?id=8244 • CWE-18: DEPRECATED: Source Code •
CVSS: 6.5EPSS: 77%CPEs: 15EXPL: 0CVE-2015-2697 – Ubuntu Security Notice USN-2810-1
https://notcve.org/view.php?id=CVE-2015-2697
09 Nov 2015 — The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request. La función build_principal_va en lib/krb5/krb/bld_princ.c en MIT Kerberos 5 (también conocido como krb5) en versiones anteriores a 1.14 permite a usuarios remotos autenticados provocar una denegación de servicio (lectura fuera de rango y c... • http://krbdev.mit.edu/rt/Ticket/Display.html?id=8252 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 94%CPEs: 60EXPL: 0CVE-2014-5355 – krb5: unauthenticated denial of service in recvauth_common() and others
https://notcve.org/view.php?id=CVE-2014-5355
20 Feb 2015 — MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '\0' character, which allows remote attackers to (1) cause a denial of service (NULL pointer dereference) via a zero-byte version string or (2) cause a denial of service (out-of-bounds read) by omitting the '\0' character, related to appl/user_user/server.c and lib/krb5/krb/recvauth.c. MIT Kerberos 5 (también conocido como krb5) hasta 1.13.1 espera incorrectamente que un ... • http://krbdev.mit.edu/rt/Ticket/Display.html?id=8050 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 30EXPL: 0CVE-2014-5353 – krb5: NULL pointer dereference when using a ticket policy name as a password policy name
https://notcve.org/view.php?id=CVE-2014-5353
16 Dec 2014 — The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy. La función krb5_ldap_get_password_policy_from_dn en plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c en MIT Kerberos 5 (también conocido como krb5) a... • http://advisories.mageia.org/MGASA-2014-0536.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 21%CPEs: 18EXPL: 0CVE-2014-4344 – krb5: NULL pointer dereference flaw in SPNEGO acceptor for continuation tokens
https://notcve.org/view.php?id=CVE-2014-4344
11 Aug 2014 — The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty continuation token at a certain point during a SPNEGO negotiation. La función acc_ctx_cont en el aceptador SPNEGO en lib/gssapi/spnego/spnego_mech.c en MIT Kerberos 5 (también conocido como krb5) 1.5.x hasta 1.12.x anterior a 1.12.2 permite a atacan... • http://advisories.mageia.org/MGASA-2014-0345.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.6EPSS: 2%CPEs: 18EXPL: 0CVE-2014-4343 – krb5: double-free flaw in SPNEGO initiators
https://notcve.org/view.php?id=CVE-2014-4343
11 Aug 2014 — Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via network traffic that appears to come from an intended acceptor, but specifies a security mechanism different from the one proposed by the initiator. Vulnerabilidad de doble liberación en la función init_ctx_reselect ... • http://advisories.mageia.org/MGASA-2014-0345.html • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 10.0EPSS: 1%CPEs: 30EXPL: 0CVE-2014-4345 – krb5: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001)
https://notcve.org/view.php?id=CVE-2014-4345
09 Aug 2014 — Off-by-one error in the krb5_encode_krbsecretkey function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to cause a denial of service (buffer overflow) or possibly execute arbitrary code via a series of "cpw -keepold" commands. Error de superación de límite (off-by-one) en la función krb5_encode_krbsecretkey en plugins/kdb/ldap/libkdb_ldap/ldap_princ... • http://advisories.mageia.org/MGASA-2014-0345.html • CWE-189: Numeric Errors CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 24%CPEs: 35EXPL: 0CVE-2014-4342 – krb5: denial of service flaws when handling RFC 1964 tokens
https://notcve.org/view.php?id=CVE-2014-4342
20 Jul 2014 — MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session. MIT Kerberos 5 (también conocido como krb5) 1.7.x hasta 1.12.x anterior a 1.12.2 permite a atacantes remotos causar una denegación de servicio (sobrelectura de buffer o referencia a puntero nulo y caída de aplicación) mediante la inyección de tokens inválidos en un... • http://advisories.mageia.org/MGASA-2014-0345.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •