Skip to main content

Kerberos 5

53 CVEs product

Monthly

CVE-2026-40355 HIGH PATCH This Week

Remote denial of service in MIT Kerberos 5 (krb5) before 1.22.3 lets an unauthenticated attacker crash any GSS-API acceptor that has a NegoEx mechanism registered in /etc/gss/mech. Sending a malformed NegoEx token to an application that calls gss_accept_sec_context() triggers a NULL pointer dereference in parse_nego_message, terminating the process (CWE-476). No public exploit identified at time of analysis; EPSS is low (0.07%) and CISA SSVC lists exploitation as proof-of-concept only, with technical impact rated partial and not automatable.

Null Pointer Dereference Denial Of Service Kerberos 5
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-40356 HIGH PATCH This Week

Remote denial of service in MIT Kerberos 5 (krb5) before 1.22.3 allows an unauthenticated network attacker to crash any application that calls gss_accept_sec_context() on a host where a NegoEx mechanism is registered in /etc/gss/mech. A crafted NegoEx token triggers an integer underflow leading to an out-of-bounds read in parse_message(), terminating the GSS-API acceptor process. No public exploit is identified at time of analysis, EPSS risk is low (0.07%), and CISA SSVC scores exploitation as 'none'.

Buffer Overflow Integer Overflow Kerberos 5
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2024-37371 CRITICAL PATCH Act Now

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Kerberos 5 Debian Linux
NVD GitHub
CVSS 3.1
9.1
EPSS
2.6%
CVE-2024-37370 HIGH PATCH This Week

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Kerberos 5
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-26462 MEDIUM POC This Month

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Kerberos 5 Active Iq Unified Manager Cloud Volumes Ontap Mediator Management Services For Element Software And Netapp Hci +4
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2024-26461 HIGH POC This Week

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Kerberos 5 Active Iq Unified Manager Cloud Volumes Ontap Mediator Management Services For Element Software And Netapp Hci +5
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2024-26458 MEDIUM POC This Month

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Kerberos 5 Active Iq Unified Manager Cloud Volumes Ontap Mediator Management Services For Element Software And Netapp Hci +5
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
CVE-2023-39975 HIGH PATCH This Week

kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Kerberos 5
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-36054 MEDIUM PATCH This Month

lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Memory Corruption Denial Of Service Kerberos 5 Debian Linux Active Iq Unified Manager +4
NVD GitHub
CVSS 3.1
6.5
EPSS
2.8%
CVE-2022-42898 HIGH POC PATCH This Week

PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Integer Overflow RCE Denial Of Service Buffer Overflow Kerberos 5 +2
NVD GitHub
CVSS 3.1
8.8
EPSS
6.4%
CVE-2022-39028 HIGH POC PATCH This Week

telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Inetutils Kerberos 5 Debian Linux +1
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-37750 MEDIUM PATCH This Month

The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Null Pointer Dereference Denial Of Service Kerberos 5 Fedora Debian Linux +2
NVD GitHub
CVSS 3.1
6.5
EPSS
2.2%
CVE-2021-36222 HIGH PATCH This Week

ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Kerberos 5 Debian Linux Active Iq Unified Manager +4
NVD GitHub
CVSS 3.1
7.5
EPSS
10.3%
CVE-2020-28196 HIGH PATCH This Week

MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Kerberos 5 Fedora Active Iq Unified Manager Cloud Backup +7
NVD GitHub
CVSS 3.1
7.5
EPSS
4.4%
CVE-2019-14844 HIGH PATCH This Week

A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Kerberos 5 Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
4.4%
CVE-2018-5730 LOW PATCH Monitor

MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity.

LDAP Information Disclosure Code Injection Kerberos 5 Fedora +4
NVD GitHub
CVSS 3.1
3.8
EPSS
2.3%
CVE-2018-5729 MEDIUM PATCH This Month

MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity.

Null Pointer Dereference Denial Of Service Kerberos 5 Fedora Debian Linux +3
NVD GitHub
CVSS 3.1
4.7
EPSS
2.6%
CVE-2017-15088 CRITICAL PATCH Act Now

plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow RCE Stack Overflow Red Hat +1
NVD GitHub
CVSS 3.1
9.8
EPSS
3.7%
CVE-2017-11462 CRITICAL PATCH Act Now

Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Kerberos 5 Fedora
NVD GitHub
CVSS 3.0
9.8
EPSS
1.1%
CVE-2017-11368 MEDIUM PATCH This Month

In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Fedora Kerberos Kerberos 5
NVD GitHub
CVSS 3.0
6.5
EPSS
0.7%
CVE-2016-3120 MEDIUM This Month

The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.6 and 1.4.x before 1.14.3, when restrict_anonymous_to_tgt is enabled, uses. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Kerberos 5
NVD GitHub
CVSS 3.0
6.5
EPSS
3.3%
CVE-2016-3119 MEDIUM PATCH This Month

The process_db_args function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) through 1.13.4 and 1.14.x through 1.14.1 mishandles the. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Denial Of Service Leap Opensuse Kerberos 5
NVD GitHub
CVSS 3.0
5.3
EPSS
9.2%
CVE-2015-8631 MEDIUM PATCH This Month

Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Kerberos 5 Leap Opensuse Debian Linux +7
NVD GitHub
CVSS 3.1
6.5
EPSS
2.2%
CVE-2015-8630 HIGH PATCH This Week

The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal functions in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.4 and 1.14.x before. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Kerberos 5
NVD GitHub
CVSS 3.0
7.5
EPSS
3.0%
CVE-2015-8629 MEDIUM PATCH This Month

The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Denial Of Service Information Disclosure Buffer Overflow Kerberos 5 Linux +10
NVD GitHub
CVSS 3.1
5.3
EPSS
1.6%
CVE-2015-2698 HIGH This Week

The iakerb_gss_export_sec_context function in lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) 1.14 pre-release 2015-09-14 improperly accesses a certain pointer, which allows remote. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Buffer Overflow Kerberos 5
NVD GitHub
CVSS 2.0
8.5
EPSS
0.9%
CVE-2015-2697 MEDIUM PATCH This Month

The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash). Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Information Disclosure Buffer Overflow Kerberos 5 Solaris +7
NVD GitHub
CVSS 2.0
4.0
EPSS
6.4%
CVE-2015-2696 HIGH PATCH This Week

lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

Denial Of Service Kerberos 5 Leap Opensuse Linux Enterprise Desktop +4
NVD GitHub
CVSS 2.0
7.1
EPSS
8.3%
CVE-2015-2695 MEDIUM PATCH This Month

lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Kerberos 5 Solaris Ubuntu Linux Debian Linux +5
NVD GitHub
CVSS 2.0
5.0
EPSS
5.4%
CVE-2015-2694 MEDIUM PATCH This Month

The kdcpreauth modules in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.2 do not properly track whether a client's request has been validated, which allows remote attackers to bypass an. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Privilege Escalation Kerberos 5
NVD GitHub
CVSS 2.0
5.8
EPSS
0.9%
CVE-2014-5355 MEDIUM This Month

MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '\0' character, which allows remote attackers to (1) cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Kerberos 5
NVD GitHub
CVSS 2.0
5.0
EPSS
9.4%
CVE-2014-9423 MEDIUM This Month

The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (aka krb5) 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Kerberos 5
NVD GitHub
CVSS 2.0
5.0
EPSS
1.5%
CVE-2014-9422 MEDIUM This Month

The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadmind in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 allows remote authenticated. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Kerberos 5
NVD GitHub
CVSS 2.0
6.1
EPSS
0.8%
CVE-2014-9421 CRITICAL Act Now

The auth_gssapi_unwrap_data function in lib/rpc/auth_gssapi_misc.c in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly handle partial XDR. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization RCE Denial Of Service Kerberos 5
NVD GitHub
CVSS 2.0
9.0
EPSS
5.4%
CVE-2014-5352 CRITICAL PATCH Act Now

The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgssapi_krb5 library in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

RCE Denial Of Service Kerberos 5
NVD GitHub
CVSS 2.0
9.0
EPSS
5.4%
CVE-2014-5354 LOW Monitor

plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Kerberos Kerberos 5
NVD GitHub
CVSS 2.0
3.5
EPSS
0.5%
CVE-2014-5353 LOW PATCH Monitor

The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Kerberos 5 Enterprise Linux Desktop Enterprise Linux Eus +9
NVD GitHub
CVSS 2.0
3.5
EPSS
0.7%
CVE-2014-5351 LOW Monitor

The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a response to a -randkey -keepold request, which allows. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Kerberos 5
NVD GitHub
CVSS 2.0
2.1
EPSS
0.3%
CVE-2014-4345 HIGH Act Now

Off-by-one error in the krb5_encode_krbsecretkey function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) 1.6.x through 1.11.x before. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. Epss exploitation probability 11.3% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Kerberos 5
NVD GitHub
CVSS 2.0
8.5
EPSS
11.3%
CVE-2014-4344 HIGH PATCH This Week

The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Debian Linux Enterprise Linux Desktop Enterprise Linux Hpc Node +3
NVD GitHub
CVSS 2.0
7.8
EPSS
5.3%
CVE-2014-4343 HIGH PATCH This Week

Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows remote. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable.

Denial Of Service RCE Buffer Overflow Debian Linux Kerberos 5 +4
NVD GitHub
CVSS 2.0
7.6
EPSS
7.4%
CVE-2014-4342 MEDIUM PATCH This Month

MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Buffer Overflow Debian Linux Kerberos Kerberos 5 +4
NVD GitHub
CVSS 2.0
5.0
EPSS
8.1%
CVE-2014-4341 MEDIUM PATCH This Month

MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 14.5%.

Denial Of Service Information Disclosure Buffer Overflow Kerberos 5 Enterprise Linux Desktop +8
NVD GitHub
CVSS 2.0
5.0
EPSS
14.5%
CVE-2013-1417 LOW POC PATCH Monitor

do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.11 before 1.11.4, when a single-component realm name is used, allows remote authenticated users to cause a denial of. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Kerberos 5
NVD GitHub
CVSS 2.0
3.5
EPSS
0.5%
CVE-2013-1418 MEDIUM PATCH This Month

The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.7, when multiple realms are configured, allows remote attackers to cause a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Kerberos 5 Debian Linux Opensuse
NVD GitHub
CVSS 2.0
4.3
EPSS
7.7%
CVE-2013-6800 MEDIUM PATCH This Month

An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x allows remote authenticated users to cause a denial of service (NULL pointer. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Kerberos Kerberos 5
NVD GitHub
CVSS 2.0
4.0
EPSS
0.8%
CVE-2013-1416 MEDIUM PATCH This Month

The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Kerberos 5 Opensuse Fedora +5
NVD GitHub
CVSS 2.0
4.0
EPSS
2.3%
CVE-2013-1415 MEDIUM PATCH This Month

The pkinit_check_kdc_pkid function in plugins/preauth/pkinit/pkinit_crypto_openssl.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 and. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Kerberos 5 Opensuse
NVD GitHub
CVSS 2.0
5.0
EPSS
1.6%
CVE-2012-1016 MEDIUM PATCH This Month

The pkinit_server_return_padata function in plugins/preauth/pkinit/pkinit_srv.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 attempts. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Kerberos 5
NVD GitHub
CVSS 2.0
5.0
EPSS
0.6%
CVE-2012-1015 CRITICAL PATCH Act Now

The kdc_handle_protected_negotiation function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x before 1.9.5, and 1.10.x before 1.10.3 attempts to calculate a checksum. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Buffer Overflow Denial Of Service RCE Kerberos 5
NVD
CVSS 2.0
9.3
EPSS
1.2%
CVE-2012-1014 CRITICAL PATCH Act Now

The process_as_req function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x before 1.10.3 does not initialize a certain structure member, which allows remote attackers to. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service RCE Kerberos 5
NVD
CVSS 2.0
9.0
EPSS
4.2%
CVE-2012-1013 MEDIUM POC PATCH This Month

The check_1_6_dummy function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x, and 1.10.x before 1.10.2 allows remote authenticated administrators to cause a. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Kerberos 5
NVD GitHub
CVSS 2.0
4.0
EPSS
1.0%
CVE-2012-1012 MEDIUM This Month

server/server_stubs.c in the kadmin protocol implementation in MIT Kerberos 5 (aka krb5) 1.10 before 1.10.1 does not properly restrict access to (1) SET_STRING and (2) GET_STRINGS operations, which. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Kerberos 5
NVD
CVSS 2.0
5.5
EPSS
0.2%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Remote denial of service in MIT Kerberos 5 (krb5) before 1.22.3 lets an unauthenticated attacker crash any GSS-API acceptor that has a NegoEx mechanism registered in /etc/gss/mech. Sending a malformed NegoEx token to an application that calls gss_accept_sec_context() triggers a NULL pointer dereference in parse_nego_message, terminating the process (CWE-476). No public exploit identified at time of analysis; EPSS is low (0.07%) and CISA SSVC lists exploitation as proof-of-concept only, with technical impact rated partial and not automatable.

Null Pointer Dereference Denial Of Service Kerberos 5
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Remote denial of service in MIT Kerberos 5 (krb5) before 1.22.3 allows an unauthenticated network attacker to crash any application that calls gss_accept_sec_context() on a host where a NegoEx mechanism is registered in /etc/gss/mech. A crafted NegoEx token triggers an integer underflow leading to an out-of-bounds read in parse_message(), terminating the GSS-API acceptor process. No public exploit is identified at time of analysis, EPSS risk is low (0.07%), and CISA SSVC scores exploitation as 'none'.

Buffer Overflow Integer Overflow Kerberos 5
NVD GitHub VulDB
EPSS 3% CVSS 9.1
CRITICAL PATCH Act Now

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Kerberos 5 +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Kerberos 5
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Kerberos 5 Active Iq Unified Manager +6
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Kerberos 5 Active Iq Unified Manager +7
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC This Month

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Kerberos 5 Active Iq Unified Manager +7
NVD GitHub
EPSS 1% CVSS 8.8
HIGH PATCH This Week

kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Kerberos 5
NVD GitHub
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Memory Corruption Denial Of Service Kerberos 5 +6
NVD GitHub
EPSS 6% CVSS 8.8
HIGH POC PATCH This Week

PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Integer Overflow RCE Denial Of Service +4
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Inetutils +3
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Null Pointer Dereference Denial Of Service Kerberos 5 +4
NVD GitHub
EPSS 10% CVSS 7.5
HIGH PATCH This Week

ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Kerberos 5 +6
NVD GitHub
EPSS 4% CVSS 7.5
HIGH PATCH This Week

MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Kerberos 5 Fedora +9
NVD GitHub
EPSS 4% CVSS 7.5
HIGH PATCH This Week

A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Kerberos 5 Fedora
NVD GitHub
EPSS 2% CVSS 3.8
LOW PATCH Monitor

MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity.

LDAP Information Disclosure Code Injection +6
NVD GitHub
EPSS 3% CVSS 4.7
MEDIUM PATCH This Month

MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity.

Null Pointer Dereference Denial Of Service Kerberos 5 +5
NVD GitHub
EPSS 4% CVSS 9.8
CRITICAL PATCH Act Now

plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow RCE +3
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Kerberos 5 Fedora
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Fedora Kerberos +1
NVD GitHub
EPSS 3% CVSS 6.5
MEDIUM This Month

The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.6 and 1.4.x before 1.14.3, when restrict_anonymous_to_tgt is enabled, uses. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Kerberos 5
NVD GitHub
EPSS 9% CVSS 5.3
MEDIUM PATCH This Month

The process_db_args function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) through 1.13.4 and 1.14.x through 1.14.1 mishandles the. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Denial Of Service Leap Opensuse +1
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Kerberos 5 Leap +9
NVD GitHub
EPSS 3% CVSS 7.5
HIGH PATCH This Week

The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal functions in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.4 and 1.14.x before. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Kerberos 5
NVD GitHub
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Denial Of Service Information Disclosure Buffer Overflow +12
NVD GitHub
EPSS 1% CVSS 8.5
HIGH This Week

The iakerb_gss_export_sec_context function in lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) 1.14 pre-release 2015-09-14 improperly accesses a certain pointer, which allows remote. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Buffer Overflow Kerberos 5
NVD GitHub
EPSS 6% CVSS 4.0
MEDIUM PATCH This Month

The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash). Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Information Disclosure Buffer Overflow +9
NVD GitHub
EPSS 8% CVSS 7.1
HIGH PATCH This Week

lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

Denial Of Service Kerberos 5 Leap +6
NVD GitHub
EPSS 5% CVSS 5.0
MEDIUM PATCH This Month

lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Kerberos 5 Solaris +7
NVD GitHub
EPSS 1% CVSS 5.8
MEDIUM PATCH This Month

The kdcpreauth modules in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.2 do not properly track whether a client's request has been validated, which allows remote attackers to bypass an. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Privilege Escalation Kerberos 5
NVD GitHub
EPSS 9% CVSS 5.0
MEDIUM This Month

MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '\0' character, which allows remote attackers to (1) cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Kerberos 5
NVD GitHub
EPSS 2% CVSS 5.0
MEDIUM This Month

The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (aka krb5) 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Kerberos 5
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM This Month

The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadmind in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 allows remote authenticated. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Kerberos 5
NVD GitHub
EPSS 5% CVSS 9.0
CRITICAL Act Now

The auth_gssapi_unwrap_data function in lib/rpc/auth_gssapi_misc.c in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly handle partial XDR. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization RCE Denial Of Service +1
NVD GitHub
EPSS 5% CVSS 9.0
CRITICAL PATCH Act Now

The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgssapi_krb5 library in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

RCE Denial Of Service Kerberos 5
NVD GitHub
EPSS 1% CVSS 3.5
LOW Monitor

plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Kerberos Kerberos 5
NVD GitHub
EPSS 1% CVSS 3.5
LOW PATCH Monitor

The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Kerberos 5 +11
NVD GitHub
EPSS 0% CVSS 2.1
LOW Monitor

The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a response to a -randkey -keepold request, which allows. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Kerberos 5
NVD GitHub
EPSS 11% CVSS 8.5
HIGH Act Now

Off-by-one error in the krb5_encode_krbsecretkey function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) 1.6.x through 1.11.x before. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. Epss exploitation probability 11.3% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +1
NVD GitHub
EPSS 5% CVSS 7.8
HIGH PATCH This Week

The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Debian Linux +5
NVD GitHub
EPSS 7% CVSS 7.6
HIGH PATCH This Week

Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows remote. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable.

Denial Of Service RCE Buffer Overflow +6
NVD GitHub
EPSS 8% CVSS 5.0
MEDIUM PATCH This Month

MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Buffer Overflow Debian Linux +6
NVD GitHub
EPSS 14% CVSS 5.0
MEDIUM PATCH This Month

MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 14.5%.

Denial Of Service Information Disclosure Buffer Overflow +10
NVD GitHub
EPSS 1% CVSS 3.5
LOW POC PATCH Monitor

do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.11 before 1.11.4, when a single-component realm name is used, allows remote authenticated users to cause a denial of. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Kerberos 5
NVD GitHub
EPSS 8% CVSS 4.3
MEDIUM PATCH This Month

The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.7, when multiple realms are configured, allows remote attackers to cause a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Kerberos 5 +2
NVD GitHub
EPSS 1% CVSS 4.0
MEDIUM PATCH This Month

An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x allows remote authenticated users to cause a denial of service (NULL pointer. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Kerberos Kerberos 5
NVD GitHub
EPSS 2% CVSS 4.0
MEDIUM PATCH This Month

The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Kerberos 5 +7
NVD GitHub
EPSS 2% CVSS 5.0
MEDIUM PATCH This Month

The pkinit_check_kdc_pkid function in plugins/preauth/pkinit/pkinit_crypto_openssl.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 and. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Kerberos 5 +1
NVD GitHub
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

The pkinit_server_return_padata function in plugins/preauth/pkinit/pkinit_srv.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 attempts. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Kerberos 5
NVD GitHub
EPSS 1% CVSS 9.3
CRITICAL PATCH Act Now

The kdc_handle_protected_negotiation function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x before 1.9.5, and 1.10.x before 1.10.3 attempts to calculate a checksum. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Buffer Overflow Denial Of Service RCE +1
NVD
EPSS 4% CVSS 9.0
CRITICAL PATCH Act Now

The process_as_req function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x before 1.10.3 does not initialize a certain structure member, which allows remote attackers to. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service RCE Kerberos 5
NVD
EPSS 1% CVSS 4.0
MEDIUM POC PATCH This Month

The check_1_6_dummy function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x, and 1.10.x before 1.10.2 allows remote authenticated administrators to cause a. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Kerberos 5
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM This Month

server/server_stubs.c in the kadmin protocol implementation in MIT Kerberos 5 (aka krb5) 1.10 before 1.10.1 does not properly restrict access to (1) SET_STRING and (2) GET_STRINGS operations, which. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Kerberos 5
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy