| Bug | Description |
|---|
| CVE-2024-37371 | In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause inva ... |
| CVE-2024-37370 | In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the ... |
| CVE-2023-39975 | kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a ... |
| CVE-2023-36054 | lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 an ... |
| CVE-2022-42898 | PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x befo ... |
| CVE-2021-37750 | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before ... |
| CVE-2021-36222 | ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) ... |
| CVE-2020-28196 | MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allow ... |
| CVE-2019-14844 | A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including ... |
| CVE-2018-20217 | A Reachable Assertion issue was discovered in the KDC in MIT Kerberos ... |
| CVE-2018-5730 | MIT krb5 1.6 or later allows an authenticated kadmin with permission t ... |
| CVE-2018-5729 | MIT krb5 1.6 or later allows an authenticated kadmin with permission t ... |
| CVE-2018-5710 | An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The ... |
| CVE-2017-11368 | In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker ... |
| CVE-2017-7562 | An authentication bypass flaw was found in the way krb5's certauth int ... |
| CVE-2016-3120 | The validate_as_request function in kdc_util.c in the Key Distribution ... |
| CVE-2016-3119 | The process_db_args function in plugins/kdb/ldap/libkdb_ldap/ldap_prin ... |
| CVE-2015-8631 | Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MI ... |
| CVE-2015-8630 | The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal functi ... |
| CVE-2015-8629 | The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in ... |
| CVE-2015-2698 | The iakerb_gss_export_sec_context function in lib/gssapi/krb5/iakerb.c ... |
| CVE-2015-2697 | The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Ker ... |
| CVE-2015-2696 | lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 reli ... |
| CVE-2015-2695 | lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1. ... |
| CVE-2015-2694 | The kdcpreauth modules in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x ... |
| CVE-2014-9423 | The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c ... |
| CVE-2014-9422 | The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadm ... |
| CVE-2014-9421 | The auth_gssapi_unwrap_data function in lib/rpc/auth_gssapi_misc.c in ... |
| CVE-2014-5355 | MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a kr ... |
| CVE-2014-5354 | plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka ... |
| CVE-2014-5353 | The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap ... |
| CVE-2014-5352 | The krb5_gss_process_context_token function in lib/gssapi/krb5/process ... |
| CVE-2014-5351 | The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal. ... |
| CVE-2014-4345 | Off-by-one error in the krb5_encode_krbsecretkey function in plugins/k ... |
| CVE-2014-4344 | The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/ ... |
| CVE-2014-4343 | Double free vulnerability in the init_ctx_reselect function in the SPN ... |
| CVE-2014-4342 | MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows re ... |
| CVE-2014-4341 | MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cau ... |
| CVE-2013-1418 | The setup_server_realm function in main.c in the Key Distribution Cent ... |
| CVE-2013-1417 | do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (a ... |
| CVE-2013-1416 | The prep_reprocess_req function in do_tgs_req.c in the Key Distributio ... |
| CVE-2013-1415 | The pkinit_check_kdc_pkid function in plugins/preauth/pkinit/pkinit_cr ... |
| CVE-2012-1016 | The pkinit_server_return_padata function in plugins/preauth/pkinit/pki ... |
| CVE-2012-1015 | The kdc_handle_protected_negotiation function in the Key Distribution ... |
| CVE-2012-1014 | The process_as_req function in the Key Distribution Center (KDC) in MI ... |
| CVE-2012-1013 | The check_1_6_dummy function in lib/kadm5/srv/svr_principal.c in kadmi ... |
| CVE-2012-1012 | server/server_stubs.c in the kadmin protocol implementation in MIT Ker ... |
| CVE-2011-4862 | Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 throu ... |
| CVE-2011-4151 | The krb5_db2_lockout_audit function in the Key Distribution Center (KD ... |
| CVE-2011-1530 | The process_tgs_req function in do_tgs_req.c in the Key Distribution C ... |
| CVE-2011-1529 | The lookup_lockout_policy function in the Key Distribution Center (KDC ... |
| CVE-2011-1528 | The krb5_ldap_lockout_audit function in the Key Distribution Center (K ... |
| CVE-2011-1527 | The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT Kerber ... |
| CVE-2011-0285 | The process_chpw_request function in schpw.c in the password-changing ... |
| CVE-2011-0284 | Double free vulnerability in the prepare_error_as function in do_as_re ... |
| CVE-2011-0283 | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 all ... |
| CVE-2011-0282 | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x t ... |
| CVE-2011-0281 | The unparse implementation in the Key Distribution Center (KDC) in MIT ... |
| CVE-2010-4022 | The do_standalone function in the MIT krb5 KDC database propagation da ... |
| CVE-2010-4021 | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 doe ... |
| CVE-2010-4020 | MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4 key- ... |
| CVE-2010-1324 | MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not prope ... |
| CVE-2010-1323 | MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x ... |
| CVE-2010-1322 | The merge_authdata function in kdc_authdata.c in the Key Distribution ... |
| CVE-2010-1321 | The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-AP ... |
| CVE-2010-1320 | Double free vulnerability in do_tgs_req.c in the Key Distribution Cent ... |
| CVE-2010-0629 | Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmin ... |
| CVE-2010-0628 | The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego ... |
| CVE-2010-0283 | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 bef ... |
| CVE-2009-4212 | Multiple integer underflows in the (1) AES and (2) RC4 decryption func ... |
| CVE-2009-3295 | The prep_reprocess_req function in kdc/do_tgs_req.c in the cross-realm ... |
| CVE-2009-0847 | The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka ... |
| CVE-2009-0846 | The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c i ... |
| CVE-2009-0845 | The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego ... |
| CVE-2009-0844 | The get_input_token function in the SPNEGO implementation in MIT Kerbe ... |
| CVE-2008-0948 | Buffer overflow in the RPC library (lib/rpc/rpc_dtablesize.c) used by ... |
| CVE-2008-0947 | Buffer overflow in the RPC library used by libgssrpc and kadmind in MI ... |
| CVE-2008-0063 | The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not pro ... |
| CVE-2008-0062 | KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for som ... |
| CVE-2007-5972 | Double free vulnerability in the krb5_def_store_mkey function in lib/k ... |
| CVE-2007-5971 | Double free vulnerability in the gss_krb5int_make_seal_token_v3 functi ... |
| CVE-2007-5902 | Integer overflow in the svcauth_gss_get_principal function in lib/rpc/ ... |
| CVE-2007-5901 | Use-after-free vulnerability in the gss_indicate_mechs function in lib ... |
| CVE-2007-5894 | The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 (krb ... |
| CVE-2007-4743 | The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_G ... |
| CVE-2007-4000 | The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy. ... |
| CVE-2007-3999 | Stack-based buffer overflow in the svcauth_gss_validate function in li ... |
| CVE-2007-2798 | Stack-based buffer overflow in the rename_principal_2_svc function in ... |
| CVE-2007-2443 | Integer signedness error in the gssrpc__svcauth_unix function in svc_a ... |
| CVE-2007-2442 | The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos ... |
| CVE-2007-1216 | Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5un ... |
| CVE-2007-0957 | Stack-based buffer overflow in the krb5_klog_syslog function in the ka ... |
| CVE-2007-0956 | The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote att ... |
| CVE-2006-6144 | The "mechglue" abstraction interface of the GSS-API library for Kerber ... |
| CVE-2006-6143 | The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1 ... |
| CVE-2006-3084 | The (1) ftpd and (2) ksu programs in (a) MIT Kerberos 5 (krb5) up to 1 ... |
| CVE-2006-3083 | The (1) krshd and (2) v4rcp applications in (a) MIT Kerberos 5 (krb5) ... |
| CVE-2005-1689 | Double free vulnerability in the krb5_recvauth function in MIT Kerbero ... |
| CVE-2005-1175 | Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT ... |
| CVE-2005-1174 | MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) ... |
| CVE-2005-0488 | Certain BSD-based Telnet clients, including those used on Solaris and ... |
| CVE-2005-0469 | Buffer overflow in the slc_add_reply function in various BSD-based Tel ... |
| CVE-2005-0468 | Heap-based buffer overflow in the env_opt_add function in telnet.c for ... |
| CVE-2004-1189 | The add_to_history function in svr_principal.c in libkadm5srv for MIT ... |
| CVE-2004-0772 | Double free vulnerabilities in error handling code in krb524d for MIT ... |
| CVE-2004-0644 | The asn1buf_skiptail function in the ASN.1 decoder library for MIT Ker ... |
| CVE-2004-0643 | Double free vulnerability in the krb5_rd_cred function for MIT Kerbero ... |
| CVE-2004-0642 | Double free vulnerabilities in the error handling code for ASN.1 decod ... |
| CVE-2004-0523 | Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos ... |
| CVE-2003-0139 | Certain weaknesses in the implementation of version 4 of the Kerberos ... |
| CVE-2003-0138 | Version 4 of the Kerberos protocol (krb4), as used in Heimdal and othe ... |
| CVE-2003-0082 | The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earli ... |
| CVE-2003-0072 | The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earli ... |
| CVE-2003-0060 | Format string vulnerabilities in the logging routines for MIT Kerberos ... |
| CVE-2003-0059 | Unknown vulnerability in the chk_trans.c of the libkrb5 library for MI ... |
| CVE-2003-0058 | MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remo ... |
| CVE-2003-0041 | Kerberos FTP client allows remote FTP sites to execute arbitrary code ... |
| CVE-2003-0028 | Integer overflow in the xdrmem_getbytes() function, and possibly other ... |
| CVE-2002-2443 | schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) ... |
| CVE-2002-1235 | The kadm_ser_in function in (1) the Kerberos v4compatibility administr ... |
| CVE-2002-0391 | Integer overflow in xdr_array function in RPC servers for operating sy ... |