Page 8 of 42 results (0.007 seconds)

CVSS: 5.0EPSS: 71%CPEs: 9EXPL: 0

CVE-2005-1174

https://notcve.org/view.php?id=CVE-2005-1174

MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory. MIT Kerberos 5 (krb5) 1.3 hasta la 1.4.1 Key Distribution Center (KDC) permite que atacantes remotos causen una denegación de servicio (caída de la aplicación) mediante ciertas conexiones válidas de TCP que provocan la liberación de memoria no reservada. • ftp://patches.sgi.com/support/free/security/advisories/20050703-01-U.asc http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://marc.info/?l=bugtraq&m=112122123211974&w=2 http://secunia.com/advisories/16041 http://secunia.com/advisories/17899 http://secunia.com/advisories/20364 http://securitytracker.com/id?1014460 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101809- •

CVSS: 7.5EPSS: 87%CPEs: 9EXPL: 0

CVE-2005-1175

https://notcve.org/view.php?id=CVE-2005-1175

Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP request. Desbordamiento de búfer en MIT Kerberos 5 (krb5) 1.3 hasta la 1.4.1 Key Distribution Center (KDC) permite que atacantes remotos causen una denegación de servicio (caída de la aplicación) y posiblmente ejecuten código arbitrario mediante cierta petición válida TCP o UDP. • ftp://patches.sgi.com/support/free/security/advisories/20050703-01-U.asc http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://marc.info/?l=bugtraq&m=112122123211974&w=2 http://secunia.com/advisories/16041 http://secunia.com/advisories/17135 http://secunia.com/advisories/17899 http://secunia.com/advisories/20364 http://securitytracker.com/id?1014460 http://sunsolve.sun.com/s •

CVSS: 5.0EPSS: 1%CPEs: 3EXPL: 0

CVE-2005-0488

https://notcve.org/view.php?id=CVE-2005-0488

Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. • http://idefense.com/application/poi/display?id=260&type=vulnerabilities http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html http://secunia.com/advisories/17135 http://secunia.com/advisories/21253 http://securitytracker.com/id?1014203 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1 http://sunsolve.sun.com/search/document.do? •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2004-1189

https://notcve.org/view.php?id=CVE-2004-1189

The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an array index out-of-bounds error and may allow authenticated users to execute arbitrary code via a heap-based buffer overflow. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000917 http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://marc.info/?l=bugtraq&m=110358420909358&w=2 http://marc.info/?l=bugtraq&m=110548298407590&w=2 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-004-pwhist.txt http://www.mandriva.com/security/advisories?name=MDKSA-2004:156 http://www.redhat.com/support • CWE-787: Out-of-bounds Write •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2004-0971

https://notcve.org/view.php?id=CVE-2004-0971

The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304 http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml http://www.redhat.com/support/errata/RHSA-2005-012.html http://www.securityfocus.com/bid/11289 http://www.trustix.org/errata/2004/0050 https://exchange.xforce.ibmcloud.com/vulnerabilities/17583 https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg& •