Vulnerabilities > MIT > Krb5 Appl
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-02 | CVE-2019-25018 | Incorrect Authorization vulnerability in MIT Krb5-Appl In the rcp client in MIT krb5-appl through 1.0.3, malicious servers could bypass intended access restrictions via the filename of . | 5.0 |
2021-02-02 | CVE-2019-25017 | Unspecified vulnerability in MIT Krb5-Appl An issue was discovered in rcp in MIT krb5-appl through 1.0.3. network mit | 5.8 |
2011-12-25 | CVE-2011-4862 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011. network low complexity gnu heimdal-project mit freebsd fedoraproject debian opensuse suse CWE-120 critical | 10.0 |
2011-07-11 | CVE-2011-1526 | Improper Privilege Management vulnerability in multiple products ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script. | 6.5 |