CVSS: 7.5EPSS: 2%CPEs: 20EXPL: 0CVE-2010-1321 – krb5: null pointer dereference in GSS-API library leads to DoS (MITKRB5-SA-2010-005)
https://notcve.org/view.php?id=CVE-2010-1321
19 May 2010 — The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing. Vulnerabilidad en la función "kg_accept_krb5" en "krb5/accept_sec_context.c" de l... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 14%CPEs: 4EXPL: 2CVE-2010-1320 – MIT Kerberos 5 - 'src/kdc/do_tgs_req.c' Ticket Renewal Double-Free Memory Corruption
https://notcve.org/view.php?id=CVE-2010-1320
22 Apr 2010 — Double free vulnerability in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x before 1.8.2 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a request associated with (1) renewal or (2) validation. Una doble vulnerabilidad en do_tgs_req.c en el Centro de distribución de claves (KDC) en MIT Kerberos 5 (también conocido como krb5) versiones v1.7.x y v1.8.x antes de v1.8.2 permite a los usuarios rem... • https://www.exploit-db.com/exploits/33855 • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 2%CPEs: 8EXPL: 1CVE-2010-0629 – krb5: kadmind use-after-free remote crash (MITKRB5-SA-2010-003)
https://notcve.org/view.php?id=CVE-2010-0629
07 Apr 2010 — Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number. Vulnerabilidad de uso después de la liberación kadmin/server/server_stubs.c en kadmind en MIT Kerberos 5 (también conocido como krb5) de la v1.5 a la v1.6.3, permite a usuarios autenticados remotamente provocar una denegación de servicio ... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=567052 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2010-0628
https://notcve.org/view.php?id=CVE-2010-0628
25 Mar 2010 — The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid packet that triggers incorrect preparation of an error token. La función spnego_gss_accept_sec_context en lib/gssapi/SPNEGO/spnego_mech.c en la funcionalidad GSS-API de SPNEGO en MIT Kerberos 5 (alias krb5) v1.7 antes de v1.7.... • http://secunia.com/advisories/39023 •
CVSS: 7.8EPSS: 4%CPEs: 3EXPL: 0CVE-2010-0283
https://notcve.org/view.php?id=CVE-2010-0283
21 Feb 2010 — The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid (1) AS-REQ or (2) TGS-REQ request. El Key Distribution Center (KDC) en MIT Kerberos 5 (también conocido como krb5) v1.7 anterior a v1.7.2, y 1.8 alpha, permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y caída del demonio) a través de peticiones (1) AS-REQ o (2) TGS-REQ inválid... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 20%CPEs: 21EXPL: 0CVE-2009-4212 – krb: KDC integer overflows in AES and RC4 decryption routines (MITKRB5-SA-2009-004)
https://notcve.org/view.php?id=CVE-2009-4212
13 Jan 2010 — Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid. Múltiples vulnerabilidades de desbordamiento de entero en la funcionalidad de desencriptado AES y RC4 en la biblioteca crypto en MIT Kerberos 5 (también conocido comokrb... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2009-3295
https://notcve.org/view.php?id=CVE-2009-3295
29 Dec 2009 — The prep_reprocess_req function in kdc/do_tgs_req.c in the cross-realm referral implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a ticket request. La función prep_reprocess_req de kdc/do_tgs_req.c en la implementación de "cross-realm referral" (referencia entre dominios cruzados) en el Key Distribution Center (KDC) de MIT Kerberos 5 (krb5) v1.7 anteriores a v1... • http://secunia.com/advisories/37977 •
CVSS: 9.1EPSS: 8%CPEs: 9EXPL: 0CVE-2009-0844 – krb5: buffer over-read in SPNEGO GSS-API mechanism (MITKRB5-SA-2009-001)
https://notcve.org/view.php?id=CVE-2009-0844
09 Apr 2009 — The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote attackers to cause a denial of service (daemon crash) and possibly obtain sensitive information via a crafted length value that triggers a buffer over-read. La función get_input_token en la implementación SPNEGO de MIT Kerberos 5 (también conocido como krb5) v1.5 hasta v1.6.3 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) y posiblemente obtener informaci... • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 23%CPEs: 18EXPL: 0CVE-2009-0846 – krb5: ASN.1 decoder can free uninitialized pointer when decoding an invalid encoding (MITKRB5-SA-2009-002)
https://notcve.org/view.php?id=CVE-2009-0846
09 Apr 2009 — The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer. La función asn1_decode_generaltime en lib/krb5/asn.1/asn1_decode.c en el decodificador ASN.1 GeneralizedTime en MIT Kerberos 5 (también conocido como Krb5) anteriore... • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html • CWE-416: Use After Free CWE-824: Access of Uninitialized Pointer •
CVSS: 7.5EPSS: 29%CPEs: 8EXPL: 1CVE-2009-0845 – krb5: NULL pointer dereference in GSSAPI SPNEGO (MITKRB5-SA-2009-001)
https://notcve.org/view.php?id=CVE-2009-0845
27 Mar 2009 — The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via invalid ContextFlags data in the reqFlags field in a negTokenInit token. La función spnego_gss_accept_sec_context en lib/gssapi/spnego/spnego_mech.c en MIT Kerberos 5 (conocido como krb5) v.1.6.3, cuando se utiliza SPNEGO, permite a atacantes remotos provocar una ... • http://krbdev.mit.edu/rt/Ticket/Display.html?user=guest&pass=guest&id=6402 • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •