Vulnerabilities > MIT
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-02-19 | CVE-2003-0059 | Unspecified vulnerability in MIT Kerberos 5 1.2.1/1.2.2 Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys. | 7.5 |
| 2003-02-19 | CVE-2003-0058 | Denial of Service vulnerability in Kerberos Key Distribution Center MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference. | 5.0 |
| 2003-02-19 | CVE-2002-0036 | Unspecified vulnerability in MIT Kerberos 5 Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value. | 5.0 |
| 2002-12-31 | CVE-2002-1652 | Remote Buffer Overflow vulnerability in MIT Cgiemail 1.6 Buffer overflow in cgicso.c for cgiemail 1.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long query parameter. | 7.5 |
| 2002-11-04 | CVE-2002-1235 | Remote Buffer Overflow vulnerability in Multiple Vendor kadmind The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | 10.0 |
| 2002-10-04 | CVE-2002-0900 | Remote Buffer Overflow vulnerability in MIT PGP Public Key Server Search String Buffer overflow in pks PGP public key web server before 0.9.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long search argument to the lookup capability. | 7.5 |
| 2001-08-14 | CVE-2001-0554 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. | 10.0 |
| 2001-06-27 | CVE-2001-0417 | Local Security vulnerability in Kerberos 5 Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files. | 2.1 |
| 2001-06-18 | CVE-2001-0247 | Buffer Overflow vulnerability in Multiple Vendor BSD ftpd glob() Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. | 10.0 |
| 2001-05-16 | CVE-2001-1323 | Classic Buffer Overflow vulnerability in MIT Kerberos 5 Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via base-64 encoded data, which is not properly handled when the radix_encode function processes file glob output from the ftpglob function. | 7.5 |