Every CVE whose affected-product data names Mit Kerberos, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (33)
CVE-2000-0390 — CVSS 10.0 (critical): Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.
CVE-2009-4212 — CVSS 10.0 (critical): Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3…
CVE-2004-0523 — CVSS 10.0 (critical): Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute…
CVE-2000-0389 — CVSS 10.0 (critical): Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges.
CVE-2001-0554 — CVSS 10.0 (critical): Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a…
CVE-2010-0283 — CVSS 7.8 (high): The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial…
CVE-2003-0138 — CVSS 7.5 (high): Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a…
CVE-1999-1321 — CVSS 7.5 (high): Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could allow remote attackers to cause a denial of service or execute arbitrary…
CVE-2018-5709 — CVSS 7.5 (high): An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that…
CVE-2003-0139 — CVSS 7.5 (high): Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 distribution, when triple-DES keys are…
CVE-2018-5710 — CVSS 6.5 (medium): An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a…
CVE-2017-11368 — CVSS 6.5 (medium): In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or…
CVE-2009-0844 — CVSS 5.8 (medium): The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote attackers to cause a…
CVE-2018-20217 — CVSS 5.3 (medium): A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket…
CVE-2000-0549 — CVSS 5.0 (medium): Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to…
CVE-2009-0845 — CVSS 5.0 (medium): The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3, when SPNEGO…
CVE-2003-0082 — CVSS 5.0 (medium): The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of…
CVE-2000-0550 — CVSS 5.0 (medium): Kerberos 4 KDC program improperly frees memory twice (aka "double-free"), which allows remote attackers to cause a denial of service.
CVE-2000-0547 — CVSS 5.0 (medium): Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the localrealm variable in the…
CVE-2011-0281 — CVSS 5.0 (medium): The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is…
CVE-2011-0282 — CVSS 5.0 (medium): The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to…
CVE-2014-4342 — CVSS 5.0 (medium): MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL…
CVE-2000-0546 — CVSS 5.0 (medium): Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey…
CVE-2003-0072 — CVSS 5.0 (medium): The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of…
CVE-2000-0548 — CVSS 5.0 (medium): Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the e_msg variable in the kerb_err_reply…
CVE-1999-0143 — CVSS 4.6 (medium): Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys.
CVE-2009-0847 — CVSS 4.3 (medium): The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause…
CVE-2013-6800 — CVSS 4.0 (medium): An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x allows remote…
CVE-2010-1323 — CVSS 3.7 (low): MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of…
CVE-2014-5354 — CVSS 3.5 (low): plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows…
CVE-2001-0417 — CVSS 2.1 (low): Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files.