CVSS: 7.5EPSS: 5%CPEs: 19EXPL: 0CVE-2008-0063 – krb5: possible leak of sensitive data from krb5kdc using krb4 request
https://notcve.org/view.php?id=CVE-2008-0063
19 Mar 2008 — The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values." El soporte Kerberos 4 en KDC en MIT Kerberos 5 (krb5kdc) no borra apropiadamente la parte no utilizada de un búfer cuando se genera un mensaje de error, lo que podría permitir a los atacantes remotos obtener información confidencial, también se conoce como "Unini... • http://docs.info.apple.com/article.html?artnum=307562 • CWE-908: Use of Uninitialized Resource •
CVSS: 9.8EPSS: 83%CPEs: 9EXPL: 0CVE-2008-0062 – krb5: uninitialized pointer use in krb5kdc
https://notcve.org/view.php?id=CVE-2008-0062
19 Mar 2008 — KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer dereference or double-free. KDC en MIT Kerberos 5 (krb5kdc) no fija variable global alguna para determinados tipos de mensaje krb4, la cual permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecución de código de su elección median... • http://docs.info.apple.com/article.html?artnum=307562 • CWE-665: Improper Initialization •
CVSS: 10.0EPSS: 50%CPEs: 13EXPL: 0CVE-2008-0947 – krb5: file descriptor array overflow in RPC library
https://notcve.org/view.php?id=CVE-2008-0947
19 Mar 2008 — Buffer overflow in the RPC library used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.4 through 1.6.3 allows remote attackers to execute arbitrary code by triggering a large number of open file descriptors. Desbordamiento de búfer en la librería RPC utilizada por libgssrpc y kadmind en MIT Kerberos 5 (krb5) de 1.4 a 1.6.3 permite a atacantes remotos ejecutar código de su elección disparando una gran cantidad de descriptores de archivo abierto. • http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00006.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 1CVE-2007-5901 – krb5: use-after-free in gssapi lib
https://notcve.org/view.php?id=CVE-2007-5901
06 Dec 2007 — Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code. Vulnerabilidad de uso después de liberación (use-after-free) en la función gss_indicate_mechs de lib/gssapi/mechglue/g_initialize.c en MIT Kerberos 5 (krb5) tiene impacto y vectores de ataque desconocidos. NOTA: esto podría ser resultado de una errata en el código fuente. • http://bugs.gentoo.org/show_bug.cgi?id=199214 • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2007-5971 – krb5: double free in gssapi lib
https://notcve.org/view.php?id=CVE-2007-5971
06 Dec 2007 — Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. Una vulnerabilidad de doble liberación en la función gss_krb5int_make_seal_token_v3 en la biblioteca lib/gssapi/krb5/k5sealv3.c en MIT Kerberos 5 (krb5), presenta un impacto desconocido y vectores de ataques. • http://bugs.gentoo.org/show_bug.cgi?id=199212 • CWE-399: Resource Management Errors •
CVSS: 9.0EPSS: 1%CPEs: 1EXPL: 0CVE-2007-5972
https://notcve.org/view.php?id=CVE-2007-5972
06 Dec 2007 — Double free vulnerability in the krb5_def_store_mkey function in lib/kdb/kdb_default.c in MIT Kerberos 5 (krb5) 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store this key. Una vulnerabilidad de doble liberación en la función krb5_def_store_mkey en la biblioteca lib/kdb/kdb_default.c en MIT Kerberos 5 (krb5) versión 1.5 presenta un impacto desconocido y vectores de ataqu... • http://bugs.gentoo.org/show_bug.cgi?id=199211 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 56%CPEs: 12EXPL: 0CVE-2007-4743 – krb5 incomplete fix for CVE-2007-3999
https://notcve.org/view.php?id=CVE-2007-4743
06 Sep 2007 — The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and other applications that use krb5, does not correctly check the buffer length in some environments and architectures, which might allow remote attackers to conduct a buffer overflow attack. El parche original para la CVE-2007-3999 en el svc_auth_gss.c de la librería RPCSEC_GSS RPC en el MIT Kerberos 5 (krb5) 1.4 hasta el 1... • http://article.gmane.org/gmane.comp.encryption.kerberos.announce/86 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 70%CPEs: 2EXPL: 0CVE-2007-4000 – krb5 kadmind uninitialized pointer
https://notcve.org/view.php?id=CVE-2007-4000
05 Sep 2007 — The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy" privilege to execute arbitrary code via unspecified vectors that trigger a write to an uninitialized pointer. La función kadm5_modify_policy_internal en lib/kadm5/srv/svr_policy.c del demonio de administración... • http://secunia.com/advisories/26676 • CWE-824: Access of Uninitialized Pointer •
CVSS: 10.0EPSS: 97%CPEs: 12EXPL: 0CVE-2007-3999 – Multiple Kerberos Implementations Authentication Context Stack Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-3999
05 Sep 2007 — Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party applications that use krb5, allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long string in an RPC message. Un desbordamiento de búfer en la región stack de la memoria en la función svcauth_gss_... • http://docs.info.apple.com/article.html?artnum=307041 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 96%CPEs: 6EXPL: 0CVE-2007-2798 – krb5 kadmind buffer overflow
https://notcve.org/view.php?id=CVE-2007-2798
26 Jun 2007 — Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal. Un desbordamiento de búfer en la región Stack de la memoria en la función rename_principal_2_svc en kadmind para MIT Kerberos versiones 1.5.3, 1.6.1, y otras versiones, permite a los usuarios autenticados remotos ejecutar código arbitrario por medio de una petición creada para r... • ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc • CWE-787: Out-of-bounds Write •