Mit: >> Kerberos Security Vulnerabilities
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
CVSS Score
10.0
EPSS Score
0.274
Published
2001-08-14
Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files.
CVSS Score
2.1
EPSS Score
0.001
Published
2001-06-27
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function.
CVSS Score
5.0
EPSS Score
0.026
Published
2000-06-09
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the localrealm variable in the process_v4 function.
CVSS Score
5.0
EPSS Score
0.026
Published
2000-06-09
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the e_msg variable in the kerb_err_reply function.
CVSS Score
5.0
EPSS Score
0.034
Published
2000-06-09
Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request.
CVSS Score
5.0
EPSS Score
0.013
Published
2000-06-09
Kerberos 4 KDC program improperly frees memory twice (aka "double-free"), which allows remote attackers to cause a denial of service.
CVSS Score
5.0
EPSS Score
0.031
Published
2000-06-09
Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges.
CVSS Score
10.0
EPSS Score
0.11
Published
2000-05-16
Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.
CVSS Score
10.0
EPSS Score
0.085
Published
2000-05-16
Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges.
CVSS Score
10.0
EPSS Score
0.085
Published
2000-05-16