The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of MIT Kerberos 5

MIT krb5: assertion error via Old Encryption S4U2Self Request
An attacker can force an assertion error via Old Encryption S4U2Self Request of MIT krb5, in order to trigger a denial of service...
bulletinjan2019, CVE-2018-20217, DLA-1643-1, FEDORA-2018-7db7ccda4d, FEDORA-2019-ac7e19b0c8, openSUSE-SU-2019:0063-1, openSUSE-SU-2019:0085-1, SUSE-SU-2019:0111-1, SUSE-SU-2019:0113-1, VIGILANCE-VUL-28099
krb5: NULL pointer dereference via ldap_principal2.c
An attacker can force a NULL pointer to be dereferenced in ldap_principal2.c of krb5, in order to trigger a denial of service...
CVE-2018-5729, CVE-2018-5730, DLA-1643-1, DSA-2019-131, FEDORA-2018-391a1f3e61, FEDORA-2018-f97cb1c9b0, openSUSE-SU-2018:0854-1, openSUSE-SU-2019:0139-1, RHSA-2018:3071-01, SUSE-SU-2019:0175-1, VIGILANCE-VUL-25336
MIT krb5: NULL pointer dereference via plugins/kdb/ldap/ libkdb_ldap/ ldap_principal2.c
An attacker can force a NULL pointer to be dereferenced via plugins/kdb/ldap/ libkdb_ldap/ ldap_principal2.c of MIT krb5, in order to trigger a denial of service...
CVE-2018-5710, VIGILANCE-VUL-25096
MIT krb5: read-write access via kadmin/dbutil/dump.c
An attacker can bypass access restrictions via kadmin/dbutil/dump.c of MIT krb5, in order to read or alter data...
CVE-2018-5709, VIGILANCE-VUL-25095
MIT krb5: buffer overflow via PKINIT get_matching_data
An attacker can generate a buffer overflow via PKINIT get_matching_data() of MIT krb5, in order to trigger a denial of service, and possibly to run code...
871698, CVE-2017-15088, FEDORA-2017-41957e0f90, openSUSE-SU-2017:2993-1, SUSE-SU-2017:2948-1, VIGILANCE-VUL-24388
MIT krb5: use after free via GSS-API
An attacker can force the usage of a freed memory area via GSS-API of MIT krb5, in order to trigger a denial of service, and possibly to run code...
873563, CVE-2017-11462, DSA-2019-131, FEDORA-2017-10c74147f9, FEDORA-2017-56e23bc2b5, openSUSE-SU-2017:2712-1, VIGILANCE-VUL-23791
MIT krb5: privilege escalation via EKU Cert Missing SAN
An attacker can bypass restrictions via EKU Cert Missing SAN of MIT krb5, in order to escalate his privileges...
CVE-2017-7562, FEDORA-2017-bf74db7147, RHSA-2018:0666-01, SUSE-SU-2018:1425-1, VIGILANCE-VUL-23635
MIT Kerberos: assertion error via krb5kdc S4U2Self/S4U2Proxy
An attacker can force an assertion error via krb5kdc S4U2Self/S4U2Proxy of MIT Kerberos, in order to trigger a denial of service...
bulletinjul2018, CVE-2017-11368, DLA-1058-1, FEDORA-2017-71c47e1e82, FEDORA-2017-8e9d9771c4, FEDORA-2017-e5b36383f4, RHSA-2018:0666-01, VIGILANCE-VUL-23349
MIT krb5: security improvement via DES disabling
The security of MIT krb5 was improved by disabling by default the DES encryption algorithm, which is now to be considered weak...
VIGILANCE-VUL-20637
MIT krb5: buffer overflow via libkrad
An attacker can generate a buffer overflow via libkrad of MIT krb5, in order to trigger a denial of service, and possibly to run code...
FEDORA-2016-0b966047e1, FEDORA-2016-335ed87353, FEDORA-2016-d18f993ab6, VIGILANCE-VUL-19992
Our database contains other pages. You can request a free trial to read them.

Display information about MIT Kerberos 5: