Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2007-1216 |
Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via a message with an "an invalid direction encoding". Published: April 05, 2007; 9:19:00 PM -0400 |
V3.x:(not available) V2.0: 9.0 HIGH |
CVE-2001-0417 |
Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files. Published: June 27, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-1999-1296 |
Buffer overflow in Kerberos IV compatibility libraries as used in Kerberos V allows local users to gain root privileges via a long line in a kerberos configuration file, which can be specified via the KRB_CONF environmental variable. Published: April 29, 1997; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |