Vulnerabilities > MIT > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-07-18 | CVE-2005-1174 | Remote Denial of Service vulnerability in MIT Kerberos 5 Key Distribution Center MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory. | 5.0 |
2005-06-14 | CVE-2005-0488 | Remote Information Disclosure vulnerability in Multiple Vendor Telnet Client Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. | 5.0 |
2004-09-28 | CVE-2004-0644 | Denial Of Service vulnerability in MIT Kerberos 5 ASN.1 Decoder The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service (infinite loop) via a certain BER encoding. | 5.0 |
2004-09-28 | CVE-2004-0643 | Double Free vulnerability in multiple products Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code. | 4.6 |
2004-03-03 | CVE-2002-1575 | Unspecified vulnerability in MIT Cgiemail 1.6 cgiemail allows remote attackers to use cgiemail as a spam proxy via CRLF injection of encoded newline (%0a) characters in parameters such as "required-subject," which can be used to modify the CC, BCC, and other header fields in the generated email message. | 5.0 |
2003-04-02 | CVE-2003-0082 | Buffer Underrun vulnerability in MIT Kerberos 5 Principal Name The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap (aka "buffer underrun"). | 5.0 |
2003-04-02 | CVE-2003-0072 | Buffer Overflow vulnerability in MIT Kerberos 5 Principal Name The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka "array overrun"). | 5.0 |
2003-02-19 | CVE-2003-0058 | Denial of Service vulnerability in Kerberos Key Distribution Center MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference. | 5.0 |
2003-02-19 | CVE-2002-0036 | Unspecified vulnerability in MIT Kerberos 5 Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value. | 5.0 |
2000-06-09 | CVE-2000-0550 | Kerberos 4 KDC program improperly frees memory twice (aka "double-free"), which allows remote attackers to cause a denial of service. | 5.0 |