Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

kerberos_5

Source -

ADPNVD

CNA CVEs -

0

ADP CVEs -

1

CISA CVEs -

0

NVD CVEs -

135
Related CVEsRelated VendorsRelated AssignersReports
136Vulnerabilities found

CVE-2005-1175
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-45.40% / 97.52%
||
7 Day CHG~0.00%
Published-17 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP request.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CVE-2005-1689
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-55.20% / 97.97%
||
7 Day CHG~0.00%
Published-17 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.

Action-Not Available
Vendor-n/aDebian GNU/LinuxMIT (Massachusetts Institute of Technology)Apple Inc.
Product-mac_os_x_servermac_os_xdebian_linuxkerberos_5n/a
CWE ID-CWE-415
Double Free
CVE-2005-1174
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-40.92% / 97.29%
||
7 Day CHG~0.00%
Published-16 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CVE-2005-0488
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-10.25% / 92.86%
||
7 Day CHG~0.00%
Published-14 Jun, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)Microsoft CorporationSun Microsystems (Oracle Corporation)
Product-sunostelnet_clientkerberos_5n/a
CVE-2004-1189
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.09% / 26.13%
||
7 Day CHG~0.00%
Published-31 Dec, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an array index out-of-bounds error and may allow authenticated users to execute arbitrary code via a heap-based buffer overflow.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2004-0971
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.11% / 29.67%
||
7 Day CHG~0.00%
Published-20 Oct, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CVE-2004-0643
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.13% / 33.62%
||
7 Day CHG~0.00%
Published-10 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.

Action-Not Available
Vendor-n/aDebian GNU/LinuxRed Hat, Inc.MIT (Massachusetts Institute of Technology)
Product-enterprise_linux_serverenterprise_linux_desktopenterprise_linux_workstationdebian_linuxkerberos_5n/a
CWE ID-CWE-415
Double Free
CVE-2004-0772
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-21.77% / 95.53%
||
7 Day CHG~0.00%
Published-10 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code.

Action-Not Available
Vendor-openpkgn/aDebian GNU/LinuxMIT (Massachusetts Institute of Technology)
Product-openpkgdebian_linuxkerberos_5n/a
CWE ID-CWE-415
Double Free
CVE-2004-0644
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-8.58% / 92.05%
||
7 Day CHG~0.00%
Published-10 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service (infinite loop) via a certain BER encoding.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CVE-2004-0642
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-25.80% / 96.04%
||
7 Day CHG~0.00%
Published-10 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code.

Action-Not Available
Vendor-n/aDebian GNU/LinuxRed Hat, Inc.MIT (Massachusetts Institute of Technology)
Product-enterprise_linux_serverenterprise_linux_desktopenterprise_linux_workstationdebian_linuxkerberos_5n/a
CWE ID-CWE-415
Double Free
CVE-2002-0036
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-19.01% / 95.09%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CVE-2003-0059
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.22% / 86.56%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CVE-2003-0058
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-19.34% / 95.15%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)Sun Microsystems (Oracle Corporation)
Product-solarissunosenterprise_authentication_mechanismkerberos_5n/a
CVE-2004-0523
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-13.60% / 93.98%
||
7 Day CHG~0.00%
Published-03 Jun, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.

Action-Not Available
Vendor-tinysofan/aMIT (Massachusetts Institute of Technology)Silicon Graphics, Inc.Sun Microsystems (Oracle Corporation)
Product-propackseamsolaristinysofa_enterprise_serversunoskerberoskerberos_5n/a
CVE-2003-0072
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.25% / 78.52%
||
7 Day CHG~0.00%
Published-26 Mar, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka "array overrun").

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberoskerberos_5n/a
CVE-2003-0082
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.54% / 84.90%
||
7 Day CHG~0.00%
Published-26 Mar, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap (aka "buffer underrun").

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberoskerberos_5n/a
CVE-2003-0028
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-56.05% / 98.01%
||
7 Day CHG~0.00%
Published-21 Mar, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.

Action-Not Available
Vendor-openafscrayn/aMIT (Massachusetts Institute of Technology)IBM CorporationSilicon Graphics, Inc.OpenBSDFreeBSD FoundationGNUSun Microsystems (Oracle Corporation)HP Inc.
Product-glibchp-uxopenbsdaixhp-ux_series_700solarisirixunicoshp-ux_series_800sunosopenafsfreebsdkerberos_5n/a
CVE-2003-0060
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-9.13% / 92.35%
||
7 Day CHG~0.00%
Published-01 Feb, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in Kerberos principal names.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CVE-2002-1235
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-32.92% / 96.74%
||
7 Day CHG~0.00%
Published-25 Oct, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack.

Action-Not Available
Vendor-kthn/aDebian GNU/LinuxMIT (Massachusetts Institute of Technology)
Product-kth_kerberos_5debian_linuxkerberos_5kth_kerberos_4n/a
CVE-2001-1323
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.12% / 83.43%
||
7 Day CHG~0.00%
Published-03 May, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via base-64 encoded data, which is not properly handled when the radix_encode function processes file glob output from the ftpglob function.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2001-0554
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-16.67% / 94.67%
||
7 Day CHG-10.76%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

Action-Not Available
Vendor-netkitn/aNetBSDMIT (Massachusetts Institute of Technology)IBM CorporationSilicon Graphics, Inc.Debian GNU/LinuxOpenBSDFreeBSD FoundationSun Microsystems (Oracle Corporation)
Product-netbsdopenbsdaixsolarisirixsunosdebian_linuxfreebsdkerberoslinux_netkitkerberos_5n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-1999-1296
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 19.88%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Kerberos IV compatibility libraries as used in Kerberos V allows local users to gain root privileges via a long line in a kerberos configuration file, which can be specified via the KRB_CONF environmental variable.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CVE-2001-0247
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-35.17% / 96.91%
||
7 Day CHG~0.00%
Published-24 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.

Action-Not Available
Vendor-n/aNetBSDMIT (Massachusetts Institute of Technology)Silicon Graphics, Inc.OpenBSDFreeBSD Foundation
Product-netbsdopenbsdirixfreebsdkerberos_5n/a
CVE-2001-0417
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.11% / 30.42%
||
7 Day CHG~0.00%
Published-24 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberoskerberos_5n/a
CVE-2000-0550
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.07% / 86.21%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Kerberos 4 KDC program improperly frees memory twice (aka "double-free"), which allows remote attackers to cause a denial of service.

Action-Not Available
Vendor-cygnusn/aMIT (Massachusetts Institute of Technology)
Product-kerberoskerbnetcygnus_network_securitykerberos_5n/a
CVE-2000-0514
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.93% / 75.14%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict access to some FTP commands, which allows remote attackers to cause a denial of service, and local users to gain root privileges.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CVE-2000-0549
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.33% / 79.16%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request.

Action-Not Available
Vendor-cygnusn/aMIT (Massachusetts Institute of Technology)
Product-kerberoskerbnetcygnus_network_securitykerberos_5n/a
CVE-2000-0548
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.42% / 86.99%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the e_msg variable in the kerb_err_reply function.

Action-Not Available
Vendor-kerbnet_projectcygnus_network_security_projectn/aMIT (Massachusetts Institute of Technology)
Product-kerberoskerbnetcygnus_network_securitykerberos_5n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2000-0389
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-11.01% / 93.16%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges.

Action-Not Available
Vendor-cygnusn/aRed Hat, Inc.MIT (Massachusetts Institute of Technology)
Product-cygnus_network_securitykerberoslinuxkerbnetkerberos_5n/a
CVE-2000-0547
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.58% / 84.98%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the localrealm variable in the process_v4 function.

Action-Not Available
Vendor-kerbnet_projectcygnus_network_security_projectn/aMIT (Massachusetts Institute of Technology)
Product-kerberoskerbnetcygnus_network_securitykerberos_5n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2000-0546
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.58% / 84.98%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function.

Action-Not Available
Vendor-kerbnet_projectcygnus_network_security_projectn/aMIT (Massachusetts Institute of Technology)
Product-kerberoskerbnetcygnus_network_securitykerberos_5n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2000-0392
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.11% / 30.79%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges.

Action-Not Available
Vendor-cygnusn/aRed Hat, Inc.MIT (Massachusetts Institute of Technology)
Product-cygnus_network_securitykerberoslinuxkerbnetkerberos_5n/a
CVE-2000-0391
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-8.48% / 92.01%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges.

Action-Not Available
Vendor-cygnusn/aRed Hat, Inc.MIT (Massachusetts Institute of Technology)
Product-cygnus_network_securitykerberoslinuxkerbnetkerberos_5n/a
CVE-2000-0390
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-8.48% / 92.01%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.

Action-Not Available
Vendor-cygnusn/aRed Hat, Inc.MIT (Massachusetts Institute of Technology)
Product-cygnus_network_securitykerberoslinuxkerbnetkerberos_5n/a
CVE-1999-0713
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.04% / 10.03%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges.

Action-Not Available
Vendor-cdedigitaltransarcn/aMIT (Massachusetts Institute of Technology)
Product-cdeafskerberos_5unixn/a
CVE-1999-0143
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.08% / 24.75%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys.

Action-Not Available
Vendor-process_softwaren/aMIT (Massachusetts Institute of Technology)Sun Microsystems (Oracle Corporation)
Product-kerberossunosmultinetkerberos_5n/a
  • Previous
  • 1
  • 2
  • 3
  • Next