Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2009-4212

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-13 Jan, 2010 | 19:00
Updated At-07 Aug, 2024 | 06:54
Rejected At-
Credits

Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:13 Jan, 2010 | 19:00
Updated At:07 Aug, 2024 | 06:54
Rejected At:
â–¼CVE Numbering Authority (CNA)

Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
vendor-advisory
x_refsource_APPLE
http://secunia.com/advisories/38140
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2010/0096
vdb-entry
x_refsource_VUPEN
http://support.avaya.com/css/P8/documents/100074869
x_refsource_CONFIRM
http://secunia.com/advisories/38126
third-party-advisory
x_refsource_SECUNIA
http://www.debian.org/security/2010/dsa-1969
vendor-advisory
x_refsource_DEBIAN
http://www.vupen.com/english/advisories/2010/1481
vdb-entry
x_refsource_VUPEN
http://ubuntu.com/usn/usn-881-1
vendor-advisory
x_refsource_UBUNTU
http://marc.info/?l=bugtraq&m=130497213107107&w=2
vendor-advisory
x_refsource_HP
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt
x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html
vendor-advisory
x_refsource_FEDORA
http://www.mandriva.com/security/advisories?name=MDVSA-2010:006
vendor-advisory
x_refsource_MANDRIVA
http://www.securitytracker.com/id?1023440
vdb-entry
x_refsource_SECTRACK
http://secunia.com/advisories/38080
third-party-advisory
x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1
vendor-advisory
x_refsource_SUNALERT
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1
vendor-advisory
x_refsource_SUNALERT
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192
vdb-entry
signature
x_refsource_OVAL
http://secunia.com/advisories/38203
third-party-advisory
x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=545015
x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html
vendor-advisory
x_refsource_FEDORA
http://support.apple.com/kb/HT4188
x_refsource_CONFIRM
http://secunia.com/advisories/40220
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/38108
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/bid/37749
vdb-entry
x_refsource_BID
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272
vdb-entry
signature
x_refsource_OVAL
https://rhn.redhat.com/errata/RHSA-2010-0029.html
vendor-advisory
x_refsource_REDHAT
https://rhn.redhat.com/errata/RHSA-2010-0095.html
vendor-advisory
x_refsource_REDHAT
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357
vdb-entry
signature
x_refsource_OVAL
http://secunia.com/advisories/38696
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2010/0129
vdb-entry
x_refsource_VUPEN
http://marc.info/?l=bugtraq&m=130497213107107&w=2
vendor-advisory
x_refsource_HP
http://secunia.com/advisories/38184
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://secunia.com/advisories/38140
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2010/0096
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://support.avaya.com/css/P8/documents/100074869
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/38126
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.debian.org/security/2010/dsa-1969
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.vupen.com/english/advisories/2010/1481
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://ubuntu.com/usn/usn-881-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://marc.info/?l=bugtraq&m=130497213107107&w=2
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2010:006
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://www.securitytracker.com/id?1023440
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://secunia.com/advisories/38080
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://secunia.com/advisories/38203
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=545015
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://support.apple.com/kb/HT4188
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/40220
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/38108
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/bid/37749
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: https://rhn.redhat.com/errata/RHSA-2010-0029.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://rhn.redhat.com/errata/RHSA-2010-0095.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://secunia.com/advisories/38696
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2010/0129
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://marc.info/?l=bugtraq&m=130497213107107&w=2
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://secunia.com/advisories/38184
Resource:
third-party-advisory
x_refsource_SECUNIA
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://secunia.com/advisories/38140
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2010/0096
vdb-entry
x_refsource_VUPEN
x_transferred
http://support.avaya.com/css/P8/documents/100074869
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/38126
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.debian.org/security/2010/dsa-1969
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.vupen.com/english/advisories/2010/1481
vdb-entry
x_refsource_VUPEN
x_transferred
http://ubuntu.com/usn/usn-881-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://marc.info/?l=bugtraq&m=130497213107107&w=2
vendor-advisory
x_refsource_HP
x_transferred
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt
x_refsource_CONFIRM
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2010:006
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://www.securitytracker.com/id?1023440
vdb-entry
x_refsource_SECTRACK
x_transferred
http://secunia.com/advisories/38080
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://secunia.com/advisories/38203
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=545015
x_refsource_CONFIRM
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://support.apple.com/kb/HT4188
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/40220
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/38108
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/bid/37749
vdb-entry
x_refsource_BID
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272
vdb-entry
signature
x_refsource_OVAL
x_transferred
https://rhn.redhat.com/errata/RHSA-2010-0029.html
vendor-advisory
x_refsource_REDHAT
x_transferred
https://rhn.redhat.com/errata/RHSA-2010-0095.html
vendor-advisory
x_refsource_REDHAT
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://secunia.com/advisories/38696
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2010/0129
vdb-entry
x_refsource_VUPEN
x_transferred
http://marc.info/?l=bugtraq&m=130497213107107&w=2
vendor-advisory
x_refsource_HP
x_transferred
http://secunia.com/advisories/38184
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://secunia.com/advisories/38140
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/0096
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://support.avaya.com/css/P8/documents/100074869
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/38126
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.debian.org/security/2010/dsa-1969
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/1481
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://ubuntu.com/usn/usn-881-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=130497213107107&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2010:006
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://www.securitytracker.com/id?1023440
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://secunia.com/advisories/38080
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://secunia.com/advisories/38203
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=545015
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://support.apple.com/kb/HT4188
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/40220
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/38108
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/bid/37749
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: https://rhn.redhat.com/errata/RHSA-2010-0029.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://rhn.redhat.com/errata/RHSA-2010-0095.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://secunia.com/advisories/38696
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/0129
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=130497213107107&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://secunia.com/advisories/38184
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:13 Jan, 2010 | 19:30
Updated At:23 Apr, 2026 | 00:35

Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
MIT (Massachusetts Institute of Technology)
mit
>>kerberos>>5-1.6.3
cpe:2.3:a:mit:kerberos:5-1.6.3:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.3
cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.3.1
cpe:2.3:a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.3.2
cpe:2.3:a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.3.3
cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.3.4
cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.3.5
cpe:2.3:a:mit:kerberos_5:1.3.5:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.3.6
cpe:2.3:a:mit:kerberos_5:1.3.6:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.4
cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.4.1
cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.4.2
cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.4.3
cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.4.4
cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.5
cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.5.1
cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.5.2
cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.5.3
cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.6
cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.6.1
cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.6.2
cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.7
cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-189Primarynvd@nist.gov
CWE ID: CWE-189
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Per: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt "Only releases krb5-1.3 and later are vulnerable, as earlier releases did not contain the functionality implemented by the vulnerable code. This is an implementation vulnerability in MIT krb5, and is not a vulnerability in the Kerberos protocol."

Evaluator Solution

Per: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt FIXES ===== * The upcoming krb5-1.7.1 and krb5-1.6.4 releases will contain a fix for this vulnerability. * For the krb5-1.7 release, apply the patch available at: http://web.mit.edu/kerberos/advisories/2009-004-patch_1.7.txt A PGP-signed patch is available at http://web.mit.edu/kerberos/advisories/2009-004-patch_1.7.txt.asc * For the krb5-1.6 releases, apply the patch available at: http://web.mit.edu/kerberos/advisories/2009-004-patch_1.6.3.txt A PGP-signed patch is available at http://web.mit.edu/kerberos/advisories/2009-004-patch_1.6.3.txt.asc * The krb5-1.6.3 patch might apply successfully to older releases.

Vendor Statements
References
HyperlinkSourceResource
http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.htmlcve@mitre.org
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.htmlcve@mitre.org
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.htmlcve@mitre.org
N/A
http://marc.info/?l=bugtraq&m=130497213107107&w=2cve@mitre.org
N/A
http://secunia.com/advisories/38080cve@mitre.org
N/A
http://secunia.com/advisories/38108cve@mitre.org
N/A
http://secunia.com/advisories/38126cve@mitre.org
N/A
http://secunia.com/advisories/38140cve@mitre.org
N/A
http://secunia.com/advisories/38184cve@mitre.org
N/A
http://secunia.com/advisories/38203cve@mitre.org
N/A
http://secunia.com/advisories/38696cve@mitre.org
N/A
http://secunia.com/advisories/40220cve@mitre.org
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1cve@mitre.org
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1cve@mitre.org
N/A
http://support.apple.com/kb/HT4188cve@mitre.org
N/A
http://support.avaya.com/css/P8/documents/100074869cve@mitre.org
N/A
http://ubuntu.com/usn/usn-881-1cve@mitre.org
N/A
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txtcve@mitre.org
Patch
Vendor Advisory
http://www.debian.org/security/2010/dsa-1969cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2010:006cve@mitre.org
N/A
http://www.securityfocus.com/bid/37749cve@mitre.org
N/A
http://www.securitytracker.com/id?1023440cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2010/0096cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2010/0129cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2010/1481cve@mitre.org
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=545015cve@mitre.org
Patch
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192cve@mitre.org
N/A
https://rhn.redhat.com/errata/RHSA-2010-0029.htmlcve@mitre.org
N/A
https://rhn.redhat.com/errata/RHSA-2010-0095.htmlcve@mitre.org
N/A
http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=130497213107107&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/38080af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/38108af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/38126af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/38140af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/38184af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/38203af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/38696af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/40220af854a3a-2127-422b-91ae-364da2661108
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.apple.com/kb/HT4188af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.avaya.com/css/P8/documents/100074869af854a3a-2127-422b-91ae-364da2661108
N/A
http://ubuntu.com/usn/usn-881-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txtaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.debian.org/security/2010/dsa-1969af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2010:006af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/37749af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id?1023440af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2010/0096af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2010/0129af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2010/1481af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=545015af854a3a-2127-422b-91ae-364da2661108
Patch
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192af854a3a-2127-422b-91ae-364da2661108
N/A
https://rhn.redhat.com/errata/RHSA-2010-0029.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
https://rhn.redhat.com/errata/RHSA-2010-0095.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=130497213107107&w=2
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/38080
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/38108
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/38126
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/38140
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/38184
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/38203
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/38696
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/40220
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT4188
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://support.avaya.com/css/P8/documents/100074869
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://ubuntu.com/usn/usn-881-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.debian.org/security/2010/dsa-1969
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2010:006
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/37749
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1023440
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2010/0096
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2010/0129
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2010/1481
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=545015
Source: cve@mitre.org
Resource:
Patch
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://rhn.redhat.com/errata/RHSA-2010-0029.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://rhn.redhat.com/errata/RHSA-2010-0095.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=130497213107107&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/38080
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/38108
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/38126
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/38140
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/38184
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/38203
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/38696
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/40220
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT4188
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.avaya.com/css/P8/documents/100074869
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://ubuntu.com/usn/usn-881-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.debian.org/security/2010/dsa-1969
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2010:006
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/37749
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1023440
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2010/0096
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2010/0129
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2010/1481
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=545015
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://rhn.redhat.com/errata/RHSA-2010-0029.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://rhn.redhat.com/errata/RHSA-2010-0095.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

18Records found
CVE-2000-0390
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.06% / 89.37%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.

Action-Not Available
Vendor-cygnusn/aRed Hat, Inc.MIT (Massachusetts Institute of Technology)
Product-linuxkerbnetcygnus_network_securitykerberoskerberos_5n/a
CVE-2009-0846
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-8.90% / 94.57%
||
7 Day CHG~0.00%
Published-09 Apr, 2009 | 00:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer.

Action-Not Available
Vendor-n/aCanonical Ltd.Apple Inc.MIT (Massachusetts Institute of Technology)Red Hat, Inc.Fedora Project
Product-enterprise_linux_eusubuntu_linuxmac_os_xkerberos_5enterprise_linux_serverenterprise_linux_workstationenterprise_linux_desktopfedoraenterprise_linuxn/a
CWE ID-CWE-824
Access of Uninitialized Pointer
CVE-2008-0947
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-8.83% / 94.53%
||
7 Day CHG~0.00%
Published-19 Mar, 2008 | 00:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the RPC library used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.4 through 1.6.3 allows remote attackers to execute arbitrary code by triggering a large number of open file descriptors.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-5902
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-5.91% / 92.31%
||
7 Day CHG~0.00%
Published-06 Dec, 2007 | 02:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote attackers to have an unknown impact via a large length value for a GSS client name in an RPC request.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CVE-2007-4743
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-10||HIGH
EPSS-4.61% / 90.50%
||
7 Day CHG~0.00%
Published-06 Sep, 2007 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and other applications that use krb5, does not correctly check the buffer length in some environments and architectures, which might allow remote attackers to conduct a buffer overflow attack.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-2442
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-11.38% / 95.44%
||
7 Day CHG~0.00%
Published-26 Jun, 2007 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup.

Action-Not Available
Vendor-n/aCanonical Ltd.Debian GNU/LinuxMIT (Massachusetts Institute of Technology)
Product-debian_linuxubuntu_linuxkerberos_5n/a
CWE ID-CWE-824
Access of Uninitialized Pointer
CVE-2007-0956
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-29.84% / 97.97%
||
7 Day CHG~0.00%
Published-06 Apr, 2007 | 01:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass authentication and gain system access via a username beginning with a '-' character, a similar issue to CVE-2007-0882.

Action-Not Available
Vendor-n/aCanonical Ltd.Debian GNU/LinuxMIT (Massachusetts Institute of Technology)
Product-debian_linuxubuntu_linuxkerberos_5n/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2000-0389
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-16.50% / 96.59%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges.

Action-Not Available
Vendor-cygnusn/aRed Hat, Inc.MIT (Massachusetts Institute of Technology)
Product-linuxkerbnetcygnus_network_securitykerberoskerberos_5n/a
CVE-2004-0523
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-11.67% / 95.51%
||
7 Day CHG~0.00%
Published-03 Jun, 2004 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.

Action-Not Available
Vendor-tinysofan/aSun Microsystems (Oracle Corporation)Silicon Graphics, Inc.MIT (Massachusetts Institute of Technology)
Product-sunossolarisseampropackkerberoskerberos_5tinysofa_enterprise_servern/a
CVE-2003-0041
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.54% / 87.79%
||
7 Day CHG~0.00%
Published-01 Feb, 2003 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client.

Action-Not Available
Vendor-n/aRed Hat, Inc.Mandriva (Mandrakesoft)MIT (Massachusetts Institute of Technology)
Product-mandrake_linuxmandrake_multi_network_firewalllinuxkerberos_ftp_clientn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2002-1235
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-15.10% / 96.31%
||
7 Day CHG~0.00%
Published-25 Oct, 2002 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack.

Action-Not Available
Vendor-kthn/aDebian GNU/LinuxMIT (Massachusetts Institute of Technology)
Product-debian_linuxkerberos_5kth_kerberos_4kth_kerberos_5n/a
CVE-2001-0247
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-19.32% / 97.00%
||
7 Day CHG~0.00%
Published-24 May, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.

Action-Not Available
Vendor-n/aOpenBSDNetBSDSilicon Graphics, Inc.MIT (Massachusetts Institute of Technology)FreeBSD Foundation
Product-irixfreebsdnetbsdkerberos_5openbsdn/a
CVE-2000-0391
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.06% / 89.37%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges.

Action-Not Available
Vendor-cygnusn/aRed Hat, Inc.MIT (Massachusetts Institute of Technology)
Product-linuxkerbnetcygnus_network_securitykerberoskerberos_5n/a
CVE-2000-0514
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.52% / 82.81%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict access to some FTP commands, which allows remote attackers to cause a denial of service, and local users to gain root privileges.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CVE-2011-0285
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-17.95% / 96.81%
||
7 Day CHG~0.00%
Published-15 Apr, 2011 | 00:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The process_chpw_request function in schpw.c in the password-changing functionality in kadmind in MIT Kerberos 5 (aka krb5) 1.7 through 1.9 frees an invalid pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted request that triggers an error condition.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2001-0554
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-37.90% / 98.36%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

Action-Not Available
Vendor-netkitn/aOpenBSDDebian GNU/LinuxIBM CorporationSilicon Graphics, Inc.NetBSDMIT (Massachusetts Institute of Technology)FreeBSD FoundationSun Microsystems (Oracle Corporation)
Product-debian_linuxsunosirixsolarisnetbsdfreebsdkerberosaixkerberos_5linux_netkitopenbsdn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2011-4862
Matching Score-8
Assigner-FreeBSD
ShareView Details
Matching Score-8
Assigner-FreeBSD
CVSS Score-10||HIGH
EPSS-95.10% / 99.85%
||
7 Day CHG~0.00%
Published-25 Dec, 2011 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.

Action-Not Available
Vendor-heimdal_projectn/aFreeBSD FoundationopenSUSEGNUMIT (Massachusetts Institute of Technology)SUSEDebian GNU/LinuxFedora Project
Product-debian_linuxlinux_enterprise_desktopfreebsdinetutilslinux_enterprise_serverfedorakrb5-appllinux_enterprise_software_development_kitheimdalopensusen/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2007-3999
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-10.91% / 95.31%
||
7 Day CHG~0.00%
Published-05 Sep, 2007 | 10:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party applications that use krb5, allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long string in an RPC message.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Details not found