This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Mit First view 1996-02-21
Product Kerberos 5 Last view 2020-11-06
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:* 52
cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:* 50
cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:* 48
cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:* 47
cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:* 46
cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:* 46
cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:* 46
cpe:2.3:a:mit:kerberos_5:1.0:-:*:*:*:*:*:* 46
cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:* 44
cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:* 44
cpe:2.3:a:mit:kerberos_5:1.3:-:*:*:*:*:*:* 44
cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:* 44
cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:* 44
cpe:2.3:a:mit:kerberos_5:1.2:-:*:*:*:*:*:* 44
cpe:2.3:a:mit:kerberos_5:-:*:*:*:*:*:*:* 44
cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:* 44
cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:* 43
cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:* 43
cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:* 43
cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:* 43
cpe:2.3:a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:* 43
cpe:2.3:a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:* 43
cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:* 43
cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:* 42
cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:* 42
cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:* 41
cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:* 41
cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:* 41
cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:* 41
cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:* 40
cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:* 40
cpe:2.3:a:mit:kerberos_5:1.3.5:*:*:*:*:*:*:* 39
cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:* 39
cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:* 38
cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:* 38
cpe:2.3:a:mit:kerberos_5:1.2.8:*:*:*:*:*:*:* 38
cpe:2.3:a:mit:kerberos_5:1.3.6:*:*:*:*:*:*:* 38
cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:* 37
cpe:2.3:a:mit:kerberos_5:1.2:beta2:*:*:*:*:*:* 37
cpe:2.3:a:mit:kerberos_5:1.2:beta1:*:*:*:*:*:* 37
cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:* 36
cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:* 36
cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:* 33
cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:* 33
cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:* 30
cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:* 30
cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:* 28
cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:* 28
cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:* 27
cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:* 27

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.5 2020-11-06 CVE-2020-28196

MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.

7.5 2019-09-26 CVE-2019-14844

A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC.

6.5 2018-07-26 CVE-2017-7562

An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances.

3.8 2018-03-06 CVE-2018-5730

MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN.

4.7 2018-03-06 CVE-2018-5729

MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module.

6.5 2018-01-16 CVE-2018-5710

An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client.

7.5 2018-01-16 CVE-2018-5709

An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.

9.8 2017-11-23 CVE-2017-15088

plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in situations involving untrusted X.509 data, related to the get_matching_data and X509_NAME_oneline_ex functions. NOTE: this has security relevance only in use cases outside of the MIT Kerberos distribution, e.g., the use of get_matching_data in KDC certauth plugin code that is specific to Red Hat.

9.8 2017-09-13 CVE-2017-11462

Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error.

6.5 2017-08-09 CVE-2017-11368

In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests.

6.5 2016-07-31 CVE-2016-3120

The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.6 and 1.4.x before 1.14.3, when restrict_anonymous_to_tgt is enabled, uses an incorrect client data structure, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an S4U2Self request.

5.3 2016-03-25 CVE-2016-3119

The process_db_args function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request to modify a principal.

6.5 2016-02-12 CVE-2015-8631

Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (memory consumption) via a request specifying a NULL principal name.

7.5 2016-02-12 CVE-2015-8630

The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal functions in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by specifying KADM5_POLICY with a NULL policy name.

5.3 2016-02-12 CVE-2015-8629

The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string.

8.5 2015-11-12 CVE-2015-2698

The iakerb_gss_export_sec_context function in lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) 1.14 pre-release 2015-09-14 improperly accesses a certain pointer, which allows remote authenticated users to cause a denial of service (memory corruption) or possibly have unspecified other impact by interacting with an application that calls the gss_export_sec_context function. NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-2696.

4 2015-11-08 CVE-2015-2697

The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request.

7.1 2015-11-08 CVE-2015-2696

lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mishandled during a gss_inquire_context call.

5 2015-11-08 CVE-2015-2695

lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call.

5.8 2015-05-25 CVE-2015-2694

The kdcpreauth modules in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.2 do not properly track whether a client's request has been validated, which allows remote attackers to bypass an intended preauthentication requirement by providing (1) zero bytes of data or (2) an arbitrary realm name, related to plugins/preauth/otp/main.c and plugins/preauth/pkinit/pkinit_srv.c.

5 2015-02-20 CVE-2014-5355

MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '\0' character, which allows remote attackers to (1) cause a denial of service (NULL pointer dereference) via a zero-byte version string or (2) cause a denial of service (out-of-bounds read) by omitting the '\0' character, related to appl/user_user/server.c and lib/krb5/krb/recvauth.c.

5 2015-02-19 CVE-2014-9423

The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (aka krb5) 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized interposer data to clients, which allows remote attackers to obtain sensitive information from process heap memory by sniffing the network for data in a handle field.

6.1 2015-02-19 CVE-2014-9422

The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadmind in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 allows remote authenticated users to bypass a kadmin/* authorization check and obtain administrative access by leveraging access to a two-component principal with an initial "kadmind" substring, as demonstrated by a "ka/x" principal.

9 2015-02-19 CVE-2014-9421

The auth_gssapi_unwrap_data function in lib/rpc/auth_gssapi_misc.c in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly handle partial XDR deserialization, which allows remote authenticated users to cause a denial of service (use-after-free and double free, and daemon crash) or possibly execute arbitrary code via malformed XDR data, as demonstrated by data sent to kadmind.

9 2015-02-19 CVE-2014-5352

The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgssapi_krb5 library in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly maintain security-context handles, which allows remote authenticated users to cause a denial of service (use-after-free and double free, and daemon crash) or possibly execute arbitrary code via crafted GSSAPI traffic, as demonstrated by traffic to kadmind.

CWE : Common Weakness Enumeration

%idName
15% (13) CWE-20 Improper Input Validation
14% (12) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
12% (10) CWE-476 NULL Pointer Dereference
7% (6) CWE-399 Resource Management Errors
6% (5) CWE-415 Double Free
6% (5) CWE-264 Permissions, Privileges, and Access Controls
4% (4) CWE-310 Cryptographic Issues
4% (4) CWE-189 Numeric Errors
4% (4) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
3% (3) CWE-787 Out-of-bounds Write
3% (3) CWE-125 Out-of-bounds Read
1% (1) CWE-772 Missing Release of Resource after Effective Lifetime
1% (1) CWE-763 Release of Invalid Pointer or Reference
1% (1) CWE-674 Uncontrolled Recursion
1% (1) CWE-617 Reachable Assertion
1% (1) CWE-306 Missing Authentication for Critical Function
1% (1) CWE-287 Improper Authentication
1% (1) CWE-284 Access Control (Authorization) Issues
1% (1) CWE-255 Credentials Management
1% (1) CWE-200 Information Exposure
1% (1) CWE-190 Integer Overflow or Wraparound
1% (1) CWE-90 Failure to Sanitize Data into LDAP Queries ('LDAP Injection')
1% (1) CWE-18 Source Code
1% (1) CWE-16 Configuration

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Name
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7 Blind SQL Injection
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-13 Subverting Environment Variable Values
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-18 Embedding Scripts in Nonscript Elements
CAPEC-22 Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-26 Leveraging Race Conditions
CAPEC-28 Fuzzing
CAPEC-29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32 Embedding Scripts in HTTP Query Strings
CAPEC-42 MIME Conversion
CAPEC-43 Exploiting Multiple Input Interpretation Layers
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-52 Embedding NULL Bytes
CAPEC-53 Postfix, Null Terminate, and Backslash
CAPEC-63 Simple Script Injection
CAPEC-64 Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-66 SQL Injection

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:1828 Buffer Overflow in "in.telnetd"or "telnetd"Process
oval:org.mitre.oval:def:230 xdrmem_bytes() Integer Overflow Vulnerability
oval:org.mitre.oval:def:1110 Kerberos V5 Null Pointer DoS Vulnerability
oval:org.mitre.oval:def:4430 Kerberos 5 KDC Buffer Underrun in Principle Name Handling
oval:org.mitre.oval:def:2536 Kerberos 5 KDC Heap Corruption Vulnerability
oval:org.mitre.oval:def:244 Kerberos KDC Heap Corruption Denial of Service
oval:org.mitre.oval:def:991 Multiple BO Vulnerabilities in MIT Kerberos 5
oval:org.mitre.oval:def:724 MIT Kerberos 5 KRB5_AName_To_Localname Multiple Principal Name Buffer Overrun...
oval:org.mitre.oval:def:2002 Multiple Buffer Overflows in Kerberos 5 (krb5_aname_to_localname)
oval:org.mitre.oval:def:10295 Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5...
oval:org.mitre.oval:def:4936 Kerberos 5 KDC ASN.1 Error Handling Double-free Vulnerabilities
oval:org.mitre.oval:def:10709 Double free vulnerabilities in the error handling code for ASN.1 decoders in ...
oval:org.mitre.oval:def:3322 Kerberos 5 Double-free Vulnerability in krb5_rd_cred Function
oval:org.mitre.oval:def:10267 Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (kr...
oval:org.mitre.oval:def:2139 Kerberos 5 ASN.1 Library DoS
oval:org.mitre.oval:def:10014 The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5...
oval:org.mitre.oval:def:4661 MIT Kerberos 5 Multiple Double-Free Vulnerabilities
oval:org.mitre.oval:def:10497 The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Lin...
oval:org.mitre.oval:def:11911 The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerbero...
oval:org.mitre.oval:def:1139 Telnet Client Information Disclosure Vulnerability
oval:org.mitre.oval:def:11373 Certain BSD-based Telnet clients, including those used on Solaris and SuSE Li...
oval:org.mitre.oval:def:397 MIT Kerberos 5 Key Distribution Center Remote Denial of Service Vulnerability
oval:org.mitre.oval:def:10229 MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows ...
oval:org.mitre.oval:def:9902 Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerber...
oval:org.mitre.oval:def:736 MIT Kerberos 5 Key Distribution Center Remote Denial of Service Vulnerability

SAINT Exploits

Description Link
MIT Kerberos 5 RPC library RPCSEC_GSS buffer overflow More info here

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
76661 Kerberos KDC lookup_lockout_policy() Function NULL Pointer Dereference Remote...
76660 Kerberos KDC krb5_ldap_get_principal() Function NULL Pointer Dereference Remo...
76659 Kerberos KDC Multiple Function Assertation Weakness Remote DoS
71972 Oracle Solaris Kerberos Checksum Acceptability Weakness KDC / KRB-SAFE Messag...
71789 Kerberos kadmind Unspecified Packet Handling Remote DoS
71183 Kerberos KDC src/kdc/do_as_req.c prepare_error_as() Function AS-REQ Request D...
70910 Kerberos KDC Unspecified DoS
70909 Kerberos KDC LDAP Backend Principal Name Handling DoS
70908 Kerberos KDC LDAP Backend Unparse Implementation DoS
70907 Kerberos kpropd do_standalone() Function Unspecified DoS
70083 Oracle Database MIT Kerberos 5 kg_accept_krb5 Remote Denial of Service
69610 MIT Kerberos 5 (krb5) Checksum Acceptability Weakness KDC / KRB-SAFE Message ...
69609 MIT Kerberos 5 (krb5) Checksum Acceptability Weakness RC4 Key GSS Token Forge...
69608 MIT Kerberos 5 (krb5) RC4 Key-derivation Checksums One-byte Stream-cipher Ope...
69607 MIT Kerberos 5 (krb5) KDC TGS Request TGT Credentials Inner Request KrbFastRe...
68525 MIT Kerberos 5 (krb5) Key Distribution Center kdc_authdata.c merge_authdata F...
64744 Kerberos GSS-API AP-REQ Authenticator NULL Dereference Remote DoS
63975 Kerberos KDC kdc/do_tgs_req.c process_tgs_req() Function Ticket Validation Do...
63569 Kerberos src/kadmin/server/server_stubs.c init_2_svc() Function API Version N...
63162 MIT Kerberos 5 (krb5) SPNEGO GSS-API Mechanism lib/gssapi/spnego/spnego_mech....
62391 Kerberos KDC Authorization Data Request Remote DoS
61795 MIT Kerberos 5 (krb5) Crypto Library AES / RC4 Decryption Functionality Malfo...
61423 Kerberos KDC Cross-Realm Referral kdc/do_tgs_req.c prep_reprocess_req Functio...
53384 MIT Kerberos 5 (krb5) SPNEGO GSS-API Mechanism Network Input Buffer Handling ...
53383 MIT Kerberos 5 (krb5) ASN.1 Decoder asn1_decode_generaltime() Function Remote...

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-08-30 Name : Fedora Update for krb5 FEDORA-2012-11388
File : nvt/gb_fedora_2012_11388_krb5_fc17.nasl
2012-08-30 Name : Fedora Update for krb5 FEDORA-2012-2187
File : nvt/gb_fedora_2012_2187_krb5_fc17.nasl
2012-08-30 Name : Fedora Update for krb5 FEDORA-2012-8784
File : nvt/gb_fedora_2012_8784_krb5_fc17.nasl
2012-08-14 Name : Fedora Update for krb5 FEDORA-2012-11370
File : nvt/gb_fedora_2012_11370_krb5_fc16.nasl
2012-08-10 Name : Debian Security Advisory DSA 2518-1 (krb5)
File : nvt/deb_2518_1.nasl
2012-08-03 Name : CentOS Update for krb5-devel CESA-2012:1131 centos6
File : nvt/gb_CESA-2012_1131_krb5-devel_centos6.nasl
2012-08-03 Name : RedHat Update for krb5 RHSA-2012:1131-01
File : nvt/gb_RHSA-2012_1131-01_krb5.nasl
2012-08-03 Name : Mandriva Update for krb5 MDVSA-2012:120 (krb5)
File : nvt/gb_mandriva_MDVSA_2012_120.nasl
2012-08-03 Name : Ubuntu Update for krb5 USN-1520-1
File : nvt/gb_ubuntu_USN_1520_1.nasl
2012-07-30 Name : CentOS Update for krb5-devel CESA-2011:0199 centos5 x86_64
File : nvt/gb_CESA-2011_0199_krb5-devel_centos5_x86_64.nasl
2012-07-10 Name : Mandriva Update for krb5 MDVSA-2012:102 (krb5)
File : nvt/gb_mandriva_MDVSA_2012_102.nasl
2012-07-09 Name : RedHat Update for krb5 RHSA-2011:1379-01
File : nvt/gb_RHSA-2011_1379-01_krb5.nasl
2012-06-15 Name : Fedora Update for krb5 FEDORA-2012-8803
File : nvt/gb_fedora_2012_8803_krb5_fc16.nasl
2012-06-15 Name : Fedora Update for krb5 FEDORA-2012-8805
File : nvt/gb_fedora_2012_8805_krb5_fc15.nasl
2012-06-06 Name : RedHat Update for krb5 RHSA-2011:0356-01
File : nvt/gb_RHSA-2011_0356-01_krb5.nasl
2012-06-06 Name : RedHat Update for krb5 RHSA-2011:0447-01
File : nvt/gb_RHSA-2011_0447-01_krb5.nasl
2012-06-05 Name : RedHat Update for krb5 RHSA-2011:0200-01
File : nvt/gb_RHSA-2011_0200-01_krb5.nasl
2012-04-16 Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates
File : nvt/gb_VMSA-2010-0009.nasl
2012-03-16 Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe...
File : nvt/gb_VMSA-2011-0003.nasl
2012-03-16 Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX...
File : nvt/gb_VMSA-2011-0012.nasl
2012-03-15 Name : VMSA-2010-0016 VMware ESXi and ESX third party updates for Service Console an...
File : nvt/gb_VMSA-2010-0016.nasl
2012-03-15 Name : VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates ...
File : nvt/gb_VMSA-2011-0007.nasl
2012-03-15 Name : VMSA-2011-0013.2 VMware third party component updates for VMware vCenter Serv...
File : nvt/gb_VMSA-2011-0013.nasl
2012-02-12 Name : Gentoo Security Advisory GLSA 201201-13 (mit-krb5)
File : nvt/glsa_201201_13.nasl
2012-02-11 Name : Debian Security Advisory DSA 2379-1 (krb5)
File : nvt/deb_2379_1.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0160 Multiple Vulnerabilities in Oracle Linux and Virtualization
Severity: Category I - VMSKEY: V0061123
2015-B-0069 Multiple Vulnerabilities in MIT Kerberos 5
Severity: Category I - VMSKEY: V0060811
2013-B-0130 MIT Kerberos Denial of Service Vulnerabilities
Severity: Category I - VMSKEY: V0042308
2013-B-0044 MIT Kerberos Denial of Service Vulnerabilities
Severity: Category I - VMSKEY: V0037773
2011-A-0160 Multiple Vulnerabilities in VMware vCenter Server 4.0 and vCenter Update Mana...
Severity: Category I - VMSKEY: V0030769
2011-A-0147 Multiple Vulnerabilities in VMware ESX and ESXi
Severity: Category I - VMSKEY: V0030545
2011-A-0066 Multiple Vulnerabilities in VMware Products
Severity: Category I - VMSKEY: V0027158

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2015-03-27 MIT Kerberos KDC as-req sname null pointer dereference attempt
RuleID : 8888889 - Type : SERVER-OTHER - Revision : 1
2015-03-27 MIT Kerberos KDC as-req sname null pointer dereference attempt
RuleID : 8888888 - Type : SERVER-OTHER - Revision : 1
2020-01-07 MIT Kerberos 5 krb5_read_message ksh protocol bad sendauth version length den...
RuleID : 52392 - Type : SERVER-OTHER - Revision : 1
2020-01-07 MIT Kerberos 5 krb5_read_message ksh protocol bad sendauth version length den...
RuleID : 52391 - Type : SERVER-OTHER - Revision : 1
2020-01-07 MIT Kerberos 5 krb5_read_message klogin ksh kprop protocols bad app version s...
RuleID : 52390 - Type : SERVER-OTHER - Revision : 1
2020-01-07 MIT Kerberos 5 krb5_read_message klogin ksh kprop protocols bad app version s...
RuleID : 52389 - Type : SERVER-OTHER - Revision : 1
2020-01-07 MIT Kerberos 5 krb5_read_message klogin ksh kprop protocols bad sendauth vers...
RuleID : 52388 - Type : SERVER-OTHER - Revision : 1
2020-01-07 MIT Kerberos 5 krb5_read_message kprop protocol bad sendauth version length d...
RuleID : 52387 - Type : SERVER-OTHER - Revision : 1
2020-01-07 MIT Kerberos 5 krb5_read_message klogin ksh kprop protocols bad app version l...
RuleID : 52386 - Type : SERVER-OTHER - Revision : 1
2020-01-07 MIT Kerberos 5 krb5_read_message klogin protocol bad sendauth or app version ...
RuleID : 52385 - Type : SERVER-OTHER - Revision : 1
2020-01-07 MIT Kerberos 5 krb5_read_message klogin ksh kprop protocols bad sendauth vers...
RuleID : 52384 - Type : SERVER-OTHER - Revision : 1
2019-09-24 MIT Kerberos kpasswd UDP denial of service attempt
RuleID : 51212 - Type : SERVER-OTHER - Revision : 1
2016-03-14 MIT Kerberos 5 IAKERB outbound token detected
RuleID : 36816 - Type : SERVER-OTHER - Revision : 5
2016-03-14 MIT Kerberos 5 SPNEGO incoming token detected
RuleID : 36815 - Type : SERVER-OTHER - Revision : 5
2016-03-14 MIT Kerberos 5 SPNEGO acceptor acc_ctx_cont denial of service attempt
RuleID : 36814 - Type : SERVER-OTHER - Revision : 5
2015-06-23 MIT Kerberos KDC as-req sname null pointer dereference attempt
RuleID : 34972 - Type : SERVER-OTHER - Revision : 2
2015-06-23 MIT Kerberos KDC as-req sname null pointer dereference attempt
RuleID : 34971 - Type : SERVER-OTHER - Revision : 2
2015-07-08 MIT Kerberos 5 krb5_read_message denial of service attempt
RuleID : 34709 - Type : SERVER-OTHER - Revision : 4
2014-11-16 MIT Kerberos KDC TGS request cross-realm referral null pointer dereference de...
RuleID : 31765 - Type : SERVER-OTHER - Revision : 4
2014-11-16 MIT Kerberos KDC TGS request cross-realm referral null pointer dereference de...
RuleID : 31764 - Type : SERVER-OTHER - Revision : 4
2014-01-10 MIT Kerberos KDC prep_reprocess_req null pointer dereference attempt
RuleID : 27906 - Type : SERVER-OTHER - Revision : 3
2014-01-10 Kerberos KDC null pointer dereference denial of service attempt
RuleID : 27195 - Type : SERVER-OTHER - Revision : 5
2014-01-10 Kerberos KDC null pointer dereference denial of service attempt
RuleID : 27194 - Type : SERVER-OTHER - Revision : 5
2014-01-10 Kerberos KDC null pointer dereference denial of service attempt
RuleID : 27193 - Type : SERVER-OTHER - Revision : 5
2014-01-10 MIT Kerberos kpasswd process_chpw_request denial of service attempt
RuleID : 26769 - Type : SERVER-OTHER - Revision : 8

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-12-28 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1408.nasl - Type: ACT_GATHER_INFO
2018-12-28 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2018-1425.nasl - Type: ACT_GATHER_INFO
2018-12-20 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2018-1129.nasl - Type: ACT_GATHER_INFO
2018-12-10 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2018-1398.nasl - Type: ACT_GATHER_INFO
2018-11-21 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1376.nasl - Type: ACT_GATHER_INFO
2018-11-16 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-3071.nasl - Type: ACT_GATHER_INFO
2018-11-07 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2018-1361.nasl - Type: ACT_GATHER_INFO
2018-11-06 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2018-1354.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1240.nasl - Type: ACT_GATHER_INFO
2018-09-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1010.nasl - Type: ACT_GATHER_INFO
2018-08-31 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-2_0-0087.nasl - Type: ACT_GATHER_INFO
2018-08-21 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-1_0-0177.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0011.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0021.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0038.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-1_0-0093.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-2_0-0007.nasl - Type: ACT_GATHER_INFO
2018-05-11 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2018-1010.nasl - Type: ACT_GATHER_INFO
2018-04-27 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-0666.nasl - Type: ACT_GATHER_INFO
2018-03-02 Name: The remote Fedora host is missing a security update.
File: fedora_2018-f97cb1c9b0.nasl - Type: ACT_GATHER_INFO
2018-02-21 Name: The remote Fedora host is missing a security update.
File: fedora_2018-391a1f3e61.nasl - Type: ACT_GATHER_INFO
2018-02-01 Name: The remote Debian host is missing a security update.
File: debian_DLA-1265.nasl - Type: ACT_GATHER_INFO
2018-01-19 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1007.nasl - Type: ACT_GATHER_INFO
2018-01-19 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1008.nasl - Type: ACT_GATHER_INFO
2018-01-15 Name: The remote Fedora host is missing a security update.
File: fedora_2017-2dd6c320a4.nasl - Type: ACT_GATHER_INFO