Vulnerabilities > MIT > Kerberos 5 > 1.13.5

DATE CVE VULNERABILITY TITLE RISK
2023-08-07 CVE-2023-36054 Access of Uninitialized Pointer vulnerability in multiple products
lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer.
network
low complexity
mit debian netapp CWE-824
6.5
2022-12-25 CVE-2022-42898 Integer Overflow or Wraparound vulnerability in multiple products
PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms.
network
low complexity
mit heimdal-project samba CWE-190
8.8
2021-08-23 CVE-2021-37750 NULL Pointer Dereference vulnerability in multiple products
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.
6.5
2021-07-22 CVE-2021-36222 NULL Pointer Dereference vulnerability in multiple products
ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash.
network
low complexity
mit debian netapp oracle CWE-476
5.0
2020-11-06 CVE-2020-28196 Uncontrolled Recursion vulnerability in multiple products
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
network
low complexity
mit fedoraproject netapp oracle CWE-674
7.5
2018-07-26 CVE-2017-7562 Improper Certificate Validation vulnerability in multiple products
An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates.
network
low complexity
redhat mit CWE-295
6.5
2017-11-23 CVE-2017-15088 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in MIT Kerberos 5
plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in situations involving untrusted X.509 data, related to the get_matching_data and X509_NAME_oneline_ex functions.
network
low complexity
mit CWE-119
7.5
2017-08-09 CVE-2017-11368 Reachable Assertion vulnerability in multiple products
In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests.
network
low complexity
fedoraproject mit CWE-617
6.5
2016-08-01 CVE-2016-3120 NULL Pointer Dereference vulnerability in MIT Kerberos 5
The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.6 and 1.4.x before 1.14.3, when restrict_anonymous_to_tgt is enabled, uses an incorrect client data structure, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an S4U2Self request.
network
low complexity
mit CWE-476
6.5
2015-11-09 CVE-2015-2697 Out-of-bounds Read vulnerability in multiple products
The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request.
network
low complexity
mit oracle canonical debian opensuse suse CWE-125
4.0