This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Mit First view 2014-12-16
Product Kerberos 5 Last view 2019-09-26
Version 1.12.5 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:mit:kerberos_5

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2019-09-26 CVE-2019-14844

A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC.

6.5 2018-07-26 CVE-2017-7562

An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances.

6.5 2018-01-16 CVE-2018-5710

An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client.

7.5 2018-01-16 CVE-2018-5709

An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.

6.5 2016-02-12 CVE-2015-8631

Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (memory consumption) via a request specifying a NULL principal name.

7.5 2016-02-12 CVE-2015-8630

The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal functions in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by specifying KADM5_POLICY with a NULL policy name.

3.1 2016-02-12 CVE-2015-8629

The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string.

6.8 2015-11-08 CVE-2015-2697

The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request.

7.1 2015-11-08 CVE-2015-2696

lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mishandled during a gss_inquire_context call.

7.1 2015-11-08 CVE-2015-2695

lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call.

3.5 2014-12-16 CVE-2014-5353

The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy.

CWE : Common Weakness Enumeration

%idName
30% (3) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
20% (2) CWE-18 Source Code
10% (1) CWE-476 NULL Pointer Dereference
10% (1) CWE-287 Improper Authentication
10% (1) CWE-200 Information Exposure
10% (1) CWE-190 Integer Overflow or Wraparound
10% (1) CWE-20 Improper Input Validation

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-12-28 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1408.nasl - Type: ACT_GATHER_INFO
2018-11-07 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2018-1361.nasl - Type: ACT_GATHER_INFO
2018-11-06 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2018-1354.nasl - Type: ACT_GATHER_INFO
2018-09-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1010.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0011.nasl - Type: ACT_GATHER_INFO
2018-05-11 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2018-1010.nasl - Type: ACT_GATHER_INFO
2018-04-27 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-0666.nasl - Type: ACT_GATHER_INFO
2018-02-01 Name: The remote Debian host is missing a security update.
File: debian_DLA-1265.nasl - Type: ACT_GATHER_INFO
2017-05-01 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2016-1012.nasl - Type: ACT_GATHER_INFO
2016-11-21 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201611-14.nasl - Type: ACT_GATHER_INFO
2016-04-22 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2016-691.nasl - Type: ACT_GATHER_INFO
2016-04-05 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20160404_krb5_on_SL7_x.nasl - Type: ACT_GATHER_INFO
2016-04-01 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2016-0532.nasl - Type: ACT_GATHER_INFO
2016-04-01 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2016-0532.nasl - Type: ACT_GATHER_INFO
2016-04-01 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2016-0532.nasl - Type: ACT_GATHER_INFO
2016-03-24 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20160323_krb5_on_SL6_x.nasl - Type: ACT_GATHER_INFO
2016-03-24 Name: The remote OracleVM host is missing a security update.
File: oraclevm_OVMSA-2016-0039.nasl - Type: ACT_GATHER_INFO
2016-03-24 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2016-0493.nasl - Type: ACT_GATHER_INFO
2016-03-23 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2016-0493.nasl - Type: ACT_GATHER_INFO
2016-03-23 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2016-0493.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote Fedora host is missing a security update.
File: fedora_2016-d9d394d999.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote Fedora host is missing a security update.
File: fedora_2016-35492207cb.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote Fedora host is missing a security update.
File: fedora_2015-be1b87a3b7.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote Fedora host is missing a security update.
File: fedora_2015-200d2dfd9f.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote Fedora host is missing a security update.
File: fedora_2015-1b9c33d713.nasl - Type: ACT_GATHER_INFO