Vulnerabilities > MIT

DATE CVE VULNERABILITY TITLE RISK
2014-12-16 CVE-2014-5354 NULL Pointer Dereference Remote Denial of Service vulnerability in MIT Kerberos 5
plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by creating a database entry for a keyless principal, as demonstrated by a kadmin "add_principal -nokey" or "purgekeys -all" command.
network
mit
3.5
2014-12-16 CVE-2014-5353 Null Pointer Dereference vulnerability in multiple products
The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy.
3.5
2014-10-10 CVE-2014-5351 Credentials Management vulnerability in MIT Kerberos 5 1.12.2
The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authenticated users to forge tickets by leveraging administrative access.
network
high complexity
mit CWE-255
2.1
2014-08-14 CVE-2014-4345 Numeric Errors vulnerability in MIT Kerberos 5
Off-by-one error in the krb5_encode_krbsecretkey function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to cause a denial of service (buffer overflow) or possibly execute arbitrary code via a series of "cpw -keepold" commands.
network
mit CWE-189
8.5
2014-08-14 CVE-2014-4344 Null Pointer Dereference vulnerability in multiple products
The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty continuation token at a certain point during a SPNEGO negotiation.
network
low complexity
debian redhat mit CWE-476
7.8
2014-08-14 CVE-2014-4343 Double Free vulnerability in multiple products
Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via network traffic that appears to come from an intended acceptor, but specifies a security mechanism different from the one proposed by the initiator.
network
high complexity
debian mit redhat CWE-415
7.6
2014-07-20 CVE-2014-4342 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session.
network
low complexity
debian mit redhat CWE-119
5.0
2014-07-20 CVE-2014-4341 Out-Of-Bounds Read vulnerability in multiple products
MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session.
network
low complexity
mit redhat debian fedoraproject CWE-125
5.0
2013-11-20 CVE-2013-1417 Improper Input Validation vulnerability in MIT Kerberos 5
do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.11 before 1.11.4, when a single-component realm name is used, allows remote authenticated users to cause a denial of service (daemon crash) via a TGS-REQ request that triggers an attempted cross-realm referral for a host-based service principal.
network
mit CWE-20
3.5
2013-11-18 CVE-2013-1418 Null Pointer Dereference vulnerability in multiple products
The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request.
4.3