Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2007-5902

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-06 Dec, 2007 | 02:00
Updated At-07 Aug, 2024 | 15:47
Rejected At-
Credits

Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote attackers to have an unknown impact via a large length value for a GSS client name in an RPC request.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:06 Dec, 2007 | 02:00
Updated At:07 Aug, 2024 | 15:47
Rejected At:
▼CVE Numbering Authority (CNA)

Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote attackers to have an unknown impact via a large length value for a GSS client name in an RPC request.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/39784
third-party-advisory
x_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-940-1
vendor-advisory
x_refsource_UBUNTU
http://secunia.com/advisories/29457
third-party-advisory
x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
vendor-advisory
x_refsource_SUSE
http://www.securityfocus.com/bid/26750
vdb-entry
x_refsource_BID
http://wiki.rpath.com/Advisories:rPSA-2008-0112
x_refsource_CONFIRM
http://seclists.org/fulldisclosure/2007/Dec/0321.html
mailing-list
x_refsource_FULLDISC
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112
x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2010/1192
vdb-entry
x_refsource_VUPEN
http://bugs.gentoo.org/show_bug.cgi?id=199214
x_refsource_MISC
http://www.securityfocus.com/archive/1/489883/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://seclists.org/fulldisclosure/2007/Dec/0176.html
mailing-list
x_refsource_FULLDISC
http://secunia.com/advisories/39290
third-party-advisory
x_refsource_SECUNIA
http://ubuntu.com/usn/usn-924-1
vendor-advisory
x_refsource_UBUNTU
http://secunia.com/advisories/28636
third-party-advisory
x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-2012
x_refsource_CONFIRM
http://osvdb.org/44748
vdb-entry
x_refsource_OSVDB
Hyperlink: http://secunia.com/advisories/39784
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.ubuntu.com/usn/USN-940-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://secunia.com/advisories/29457
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.securityfocus.com/bid/26750
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://wiki.rpath.com/Advisories:rPSA-2008-0112
Resource:
x_refsource_CONFIRM
Hyperlink: http://seclists.org/fulldisclosure/2007/Dec/0321.html
Resource:
mailing-list
x_refsource_FULLDISC
Hyperlink: http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.vupen.com/english/advisories/2010/1192
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=199214
Resource:
x_refsource_MISC
Hyperlink: http://www.securityfocus.com/archive/1/489883/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://seclists.org/fulldisclosure/2007/Dec/0176.html
Resource:
mailing-list
x_refsource_FULLDISC
Hyperlink: http://secunia.com/advisories/39290
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://ubuntu.com/usn/usn-924-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://secunia.com/advisories/28636
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://issues.rpath.com/browse/RPL-2012
Resource:
x_refsource_CONFIRM
Hyperlink: http://osvdb.org/44748
Resource:
vdb-entry
x_refsource_OSVDB
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/39784
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.ubuntu.com/usn/USN-940-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://secunia.com/advisories/29457
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.securityfocus.com/bid/26750
vdb-entry
x_refsource_BID
x_transferred
http://wiki.rpath.com/Advisories:rPSA-2008-0112
x_refsource_CONFIRM
x_transferred
http://seclists.org/fulldisclosure/2007/Dec/0321.html
mailing-list
x_refsource_FULLDISC
x_transferred
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112
x_refsource_CONFIRM
x_transferred
http://www.vupen.com/english/advisories/2010/1192
vdb-entry
x_refsource_VUPEN
x_transferred
http://bugs.gentoo.org/show_bug.cgi?id=199214
x_refsource_MISC
x_transferred
http://www.securityfocus.com/archive/1/489883/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://seclists.org/fulldisclosure/2007/Dec/0176.html
mailing-list
x_refsource_FULLDISC
x_transferred
http://secunia.com/advisories/39290
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://ubuntu.com/usn/usn-924-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://secunia.com/advisories/28636
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://issues.rpath.com/browse/RPL-2012
x_refsource_CONFIRM
x_transferred
http://osvdb.org/44748
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://secunia.com/advisories/39784
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-940-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://secunia.com/advisories/29457
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.securityfocus.com/bid/26750
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://wiki.rpath.com/Advisories:rPSA-2008-0112
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://seclists.org/fulldisclosure/2007/Dec/0321.html
Resource:
mailing-list
x_refsource_FULLDISC
x_transferred
Hyperlink: http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/1192
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=199214
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/489883/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://seclists.org/fulldisclosure/2007/Dec/0176.html
Resource:
mailing-list
x_refsource_FULLDISC
x_transferred
Hyperlink: http://secunia.com/advisories/39290
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://ubuntu.com/usn/usn-924-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://secunia.com/advisories/28636
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://issues.rpath.com/browse/RPL-2012
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://osvdb.org/44748
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:06 Dec, 2007 | 02:46
Updated At:23 Apr, 2026 | 00:35

Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote attackers to have an unknown impact via a large length value for a GSS client name in an RPC request.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>-
cpe:2.3:a:mit:kerberos_5:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-189Primarynvd@nist.gov
CWE ID: CWE-189
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Red Hat
Last Modified : 2007-12-14T00:00:00

This issue is not a practical vulnerability, for more information see http://marc.info/?m=119743235325151

References
HyperlinkSourceResource
http://bugs.gentoo.org/show_bug.cgi?id=199214cve@mitre.org
Exploit
http://osvdb.org/44748cve@mitre.org
N/A
http://seclists.org/fulldisclosure/2007/Dec/0176.htmlcve@mitre.org
N/A
http://seclists.org/fulldisclosure/2007/Dec/0321.htmlcve@mitre.org
N/A
http://secunia.com/advisories/28636cve@mitre.org
N/A
http://secunia.com/advisories/29457cve@mitre.org
N/A
http://secunia.com/advisories/39290cve@mitre.org
N/A
http://secunia.com/advisories/39784cve@mitre.org
N/A
http://ubuntu.com/usn/usn-924-1cve@mitre.org
N/A
http://wiki.rpath.com/Advisories:rPSA-2008-0112cve@mitre.org
N/A
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112cve@mitre.org
N/A
http://www.novell.com/linux/security/advisories/suse_security_summary_report.htmlcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/489883/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/26750cve@mitre.org
N/A
http://www.ubuntu.com/usn/USN-940-1cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2010/1192cve@mitre.org
N/A
https://issues.rpath.com/browse/RPL-2012cve@mitre.org
N/A
http://bugs.gentoo.org/show_bug.cgi?id=199214af854a3a-2127-422b-91ae-364da2661108
Exploit
http://osvdb.org/44748af854a3a-2127-422b-91ae-364da2661108
N/A
http://seclists.org/fulldisclosure/2007/Dec/0176.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://seclists.org/fulldisclosure/2007/Dec/0321.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/28636af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/29457af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/39290af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/39784af854a3a-2127-422b-91ae-364da2661108
N/A
http://ubuntu.com/usn/usn-924-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://wiki.rpath.com/Advisories:rPSA-2008-0112af854a3a-2127-422b-91ae-364da2661108
N/A
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.novell.com/linux/security/advisories/suse_security_summary_report.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/489883/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/26750af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-940-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2010/1192af854a3a-2127-422b-91ae-364da2661108
N/A
https://issues.rpath.com/browse/RPL-2012af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=199214
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://osvdb.org/44748
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://seclists.org/fulldisclosure/2007/Dec/0176.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://seclists.org/fulldisclosure/2007/Dec/0321.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/28636
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/29457
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/39290
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/39784
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://ubuntu.com/usn/usn-924-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://wiki.rpath.com/Advisories:rPSA-2008-0112
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/489883/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/26750
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-940-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2010/1192
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://issues.rpath.com/browse/RPL-2012
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=199214
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://osvdb.org/44748
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://seclists.org/fulldisclosure/2007/Dec/0176.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://seclists.org/fulldisclosure/2007/Dec/0321.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/28636
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/29457
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/39290
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/39784
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://ubuntu.com/usn/usn-924-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://wiki.rpath.com/Advisories:rPSA-2008-0112
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/489883/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/26750
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-940-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2010/1192
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://issues.rpath.com/browse/RPL-2012
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

18Records found
CVE-2000-0390
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.06% / 89.37%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.

Action-Not Available
Vendor-cygnusn/aRed Hat, Inc.MIT (Massachusetts Institute of Technology)
Product-linuxkerbnetcygnus_network_securitykerberoskerberos_5n/a
CVE-2009-4212
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-7.41% / 93.66%
||
7 Day CHG~0.00%
Published-13 Jan, 2010 | 19:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberoskerberos_5n/a
CVE-2009-0846
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-8.90% / 94.57%
||
7 Day CHG~0.00%
Published-09 Apr, 2009 | 00:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer.

Action-Not Available
Vendor-n/aCanonical Ltd.Apple Inc.MIT (Massachusetts Institute of Technology)Red Hat, Inc.Fedora Project
Product-enterprise_linux_eusubuntu_linuxmac_os_xkerberos_5enterprise_linux_serverenterprise_linux_workstationenterprise_linux_desktopfedoraenterprise_linuxn/a
CWE ID-CWE-824
Access of Uninitialized Pointer
CVE-2008-0947
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-8.83% / 94.53%
||
7 Day CHG~0.00%
Published-19 Mar, 2008 | 00:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the RPC library used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.4 through 1.6.3 allows remote attackers to execute arbitrary code by triggering a large number of open file descriptors.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-4743
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-10||HIGH
EPSS-4.61% / 90.50%
||
7 Day CHG~0.00%
Published-06 Sep, 2007 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and other applications that use krb5, does not correctly check the buffer length in some environments and architectures, which might allow remote attackers to conduct a buffer overflow attack.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-2442
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-11.38% / 95.44%
||
7 Day CHG~0.00%
Published-26 Jun, 2007 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup.

Action-Not Available
Vendor-n/aCanonical Ltd.Debian GNU/LinuxMIT (Massachusetts Institute of Technology)
Product-debian_linuxubuntu_linuxkerberos_5n/a
CWE ID-CWE-824
Access of Uninitialized Pointer
CVE-2007-0956
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-29.84% / 97.97%
||
7 Day CHG~0.00%
Published-06 Apr, 2007 | 01:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass authentication and gain system access via a username beginning with a '-' character, a similar issue to CVE-2007-0882.

Action-Not Available
Vendor-n/aCanonical Ltd.Debian GNU/LinuxMIT (Massachusetts Institute of Technology)
Product-debian_linuxubuntu_linuxkerberos_5n/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2000-0389
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-16.50% / 96.59%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges.

Action-Not Available
Vendor-cygnusn/aRed Hat, Inc.MIT (Massachusetts Institute of Technology)
Product-linuxkerbnetcygnus_network_securitykerberoskerberos_5n/a
CVE-2004-0523
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-11.67% / 95.51%
||
7 Day CHG~0.00%
Published-03 Jun, 2004 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.

Action-Not Available
Vendor-tinysofan/aSun Microsystems (Oracle Corporation)Silicon Graphics, Inc.MIT (Massachusetts Institute of Technology)
Product-sunossolarisseampropackkerberoskerberos_5tinysofa_enterprise_servern/a
CVE-2003-0041
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.54% / 87.79%
||
7 Day CHG~0.00%
Published-01 Feb, 2003 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client.

Action-Not Available
Vendor-n/aRed Hat, Inc.Mandriva (Mandrakesoft)MIT (Massachusetts Institute of Technology)
Product-mandrake_linuxmandrake_multi_network_firewalllinuxkerberos_ftp_clientn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2002-1235
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-15.10% / 96.31%
||
7 Day CHG~0.00%
Published-25 Oct, 2002 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack.

Action-Not Available
Vendor-kthn/aDebian GNU/LinuxMIT (Massachusetts Institute of Technology)
Product-debian_linuxkerberos_5kth_kerberos_4kth_kerberos_5n/a
CVE-2001-0247
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-19.32% / 97.00%
||
7 Day CHG~0.00%
Published-24 May, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.

Action-Not Available
Vendor-n/aOpenBSDNetBSDSilicon Graphics, Inc.MIT (Massachusetts Institute of Technology)FreeBSD Foundation
Product-irixfreebsdnetbsdkerberos_5openbsdn/a
CVE-2000-0391
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.06% / 89.37%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges.

Action-Not Available
Vendor-cygnusn/aRed Hat, Inc.MIT (Massachusetts Institute of Technology)
Product-linuxkerbnetcygnus_network_securitykerberoskerberos_5n/a
CVE-2000-0514
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.52% / 82.81%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict access to some FTP commands, which allows remote attackers to cause a denial of service, and local users to gain root privileges.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CVE-2011-0285
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-17.95% / 96.81%
||
7 Day CHG~0.00%
Published-15 Apr, 2011 | 00:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The process_chpw_request function in schpw.c in the password-changing functionality in kadmind in MIT Kerberos 5 (aka krb5) 1.7 through 1.9 frees an invalid pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted request that triggers an error condition.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2001-0554
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-37.90% / 98.36%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

Action-Not Available
Vendor-netkitn/aOpenBSDDebian GNU/LinuxIBM CorporationSilicon Graphics, Inc.NetBSDMIT (Massachusetts Institute of Technology)FreeBSD FoundationSun Microsystems (Oracle Corporation)
Product-debian_linuxsunosirixsolarisnetbsdfreebsdkerberosaixkerberos_5linux_netkitopenbsdn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2011-4862
Matching Score-8
Assigner-FreeBSD
ShareView Details
Matching Score-8
Assigner-FreeBSD
CVSS Score-10||HIGH
EPSS-95.10% / 99.85%
||
7 Day CHG~0.00%
Published-25 Dec, 2011 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.

Action-Not Available
Vendor-heimdal_projectn/aFreeBSD FoundationopenSUSEGNUMIT (Massachusetts Institute of Technology)SUSEDebian GNU/LinuxFedora Project
Product-debian_linuxlinux_enterprise_desktopfreebsdinetutilslinux_enterprise_serverfedorakrb5-appllinux_enterprise_software_development_kitheimdalopensusen/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2007-3999
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-10.91% / 95.31%
||
7 Day CHG~0.00%
Published-05 Sep, 2007 | 10:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party applications that use krb5, allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long string in an RPC message.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Details not found