CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2018-20217 – Ubuntu Security Notice USN-5828-1
https://notcve.org/view.php?id=CVE-2018-20217
26 Dec 2018 — A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request. Se ha descubierto un problema de aserción alcanzable en el KDC en MIT Kerberos 5 (también conocido como krb5), en versiones anteriores a la 1.17. Si un atacante puede obtener un ticket krbtgt mediante un tipo de cifrado más antiguo (DES, Triple DE... • http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-5709
https://notcve.org/view.php?id=CVE-2018-5709
16 Jan 2018 — An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data. Se ha descubierto un problema en MIT Kerberos 5 (también conocido como krb5) hasta la versión 1.16. Hay una va... • https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-5710
https://notcve.org/view.php?id=CVE-2018-5710
16 Jan 2018 — An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client. Se ha descubierto un problema en MIT Kerberos 5 (también conocido como krb5) hasta la versión 1.16. La función predefinida "strlen" tiene una cadena ... • https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Denial%20Of%20Service%28DoS%29 • CWE-476: NULL Pointer Dereference •
CVSS: 9.1EPSS: 5%CPEs: 1EXPL: 0CVE-2003-0138
https://notcve.org/view.php?id=CVE-2003-0138
21 Mar 2003 — Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack. La versión 4 del protocolo Kerberos (kbr4) permite a un atacante impersonar a cualquier principal en un dominio (realm) mediante un ataque de texto plano elegido. • http://marc.info/?l=bugtraq&m=104791775804776&w=2 •
CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 0CVE-2003-0139
https://notcve.org/view.php?id=CVE-2003-0139
21 Mar 2003 — Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an attacker to create krb4 tickets for unauthorized principals using a cut-and-paste attack and "ticket splicing." Ciertas debilidades en la implementación de la versión 4 del protocolo Kerberos (krb4) en la distribución krb5, cuando se usan claves triple-DES para serviciso clave krb4, permite a un atacante crear tiques para principales no ... • http://marc.info/?l=bugtraq&m=104791775804776&w=2 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2001-0417
https://notcve.org/view.php?id=CVE-2001-0417
24 May 2001 — Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files. • http://archives.neohapsis.com/archives/bugtraq/2001-03/0078.html •
CVSS: 7.5EPSS: 2%CPEs: 8EXPL: 0CVE-2000-0546
https://notcve.org/view.php?id=CVE-2000-0546
09 Jun 2000 — Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function. • http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 2%CPEs: 8EXPL: 0CVE-2000-0547
https://notcve.org/view.php?id=CVE-2000-0547
09 Jun 2000 — Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the localrealm variable in the process_v4 function. • http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 3%CPEs: 8EXPL: 0CVE-2000-0548
https://notcve.org/view.php?id=CVE-2000-0548
09 Jun 2000 — Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the e_msg variable in the kerb_err_reply function. • http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 1CVE-2000-0549
https://notcve.org/view.php?id=CVE-2000-0549
09 Jun 2000 — Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request. • http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html •