what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 40 RSS Feed

Files

MIT krb5 Security Advisory 2009-001
Posted Apr 7, 2009
Site web.mit.edu

MIT krb5 Security Advisory 2009-001 - The MIT krb5 implementation of the SPNEGO GSS-API mechanism can read beyond the end of a network input buffer. This can cause a GSS-API application to crash by reading from invalid address space. The MIT krb5 implementation of the SPNEGO GSS-API mechanism can dereference a null pointer under error conditions. This can cause a GSS-API application to crash. MIT krb5 can perform an incorrect length check inside an ASN.1 decoder. This only presents a problem in the PK-INIT code paths. In the MIT krb5 KDC or kinit program, this could lead to spurious malloc() failures or, under some conditions, program crash.

tags | advisory
advisories | CVE-2009-0844, CVE-2009-0845, CVE-2009-0847
SHA-256 | 583a1d16957cdf1f031324b91889dc97c740b74cc3658c16852a8bfb19d26197

Related Files

MIT krb5 Security Advisory 2015-001
Posted Feb 3, 2015
Site web.mit.edu

MIT krb5 Security Advisory 2015-001 - The MIT krb5 team has discovered four vulnerabilities affecting kadmind. Some of these vulnerabilities may also affect server applications which use the gssrpc library or the gss_process_context_token() function. These are implementation vulnerabilities, not vulnerabilities in the Kerberos protocol.

tags | advisory, vulnerability, protocol
advisories | CVE-2014-5352
SHA-256 | f28cbd6ed4a8c0e3d26bda041aee940c93d73705b7f39828878cb06bf34542dd
MIT krb5 Security Advisory 2014-001
Posted Aug 9, 2014
Site web.mit.edu

MIT krb5 Security Advisory 2014-001 - In MIT krb5, when kadmind is configured to use LDAP for the KDC database, an authenticated remote attacker can cause it to perform an out-of-bounds write (buffer overflow). This is not a protocol vulnerability. Using LDAP for the KDC database is a non-default configuration for the KDC.

tags | advisory, remote, overflow, protocol
advisories | CVE-2014-4345
SHA-256 | bae8ba206013d74a29880ba20751b206d092a9d7228d613cff50af35cbe8b9a7
MIT krb5 Security Advisory 2012-001
Posted Aug 1, 2012
Site web.mit.edu

MIT krb5 Security Advisory 2012-001 - The MIT krb5 KDC (Key Distribution Center) daemon can free an uninitialized pointer while processing an unusual AS-REQ, corrupting the process heap and possibly causing the daemon to abnormally terminate. An attacker could use this vulnerability to execute malicious code, but exploiting frees of uninitialized pointers to execute code is believed to be difficult. It is possible that a legitimate client that is misconfigured in an unusual way could trigger this vulnerability. The MIT krb5 KDC daemon can dereference an uninitialized pointer while processing a malformed AS-REQ, causing the daemon to abnormally terminate. This vulnerability could theoretically lead to the execution of malicious code, but that is believed to be very difficult.

tags | advisory
advisories | CVE-2012-1014, CVE-2012-1015
SHA-256 | c6e678cd6912090035d37e0e943e9a727bca5c72a814f85c04f9e97cff64c21e
MIT krb5 Security Advisory 2011-008
Posted Dec 28, 2011
Site web.mit.edu

MIT krb5 Security Advisory 2011-008 - The telnet daemon (telnetd) in MIT krb5 (and in krb5-appl after the applications were moved to a separate distribution for krb5-1.8) is vulnerable to a buffer overflow. The flaw does not require authentication to exploit. Exploit code is reported to be actively used in the wild.

tags | advisory, overflow
advisories | CVE-2011-4862
SHA-256 | 94f4852b4ef0d480fd44f6fff8a1a449daff42441b00c788d6970db82695afc2
MIT krb5 Security Advisory 2011-007
Posted Dec 7, 2011
Site web.mit.edu

MIT krb5 Security Advisory 2011-007 - In releases krb5-1.9 and later, the KDC can crash due to a null pointer dereference in code that handles TGS (Ticket Granting Service) requests. The trigger condition is trivial to produce using unmodified client software, but requires the ability to authenticate as a principal in the KDC's realm.

tags | advisory
advisories | CVE-2011-1530
SHA-256 | 4ca042a5da054adcd94232f80427d3eb47e18bef1cfb4b02d416b3b522988c17
MIT krb5 Security Advisory 2011-006
Posted Oct 20, 2011
Site web.mit.edu

MIT krb5 Security Advisory 2011-006 - In releases krb5-1.9 and later, the KDC can crash due to a null pointer dereference if configured to use the LDAP back end. A trigger condition is publicly known but not known to be widely circulated. In releases krb5-1.8 and later, the KDC can crash due to an assertion failure. No exploit is known to exist, but there is public evidence that the unidentified trigger condition occurs in the field. In releases krb5-1.8 and later, the KDC can crash due to a null pointer dereference. No exploit is known to exist.

tags | advisory
advisories | CVE-2011-1527, CVE-2011-1528, CVE-2011-1529
SHA-256 | 8b04ece8c34bca3fda0990a86bfcf42198a26b09a9a26da0008d965a7b170253
MIT krb5 Security Advisory 2011-005
Posted Jul 7, 2011
Site web.mit.edu

MIT krb5 Security Advisory 2011-005 - A remote client of the GSS-API FTP daemon in the krb5-appl distribution can access files using the effective group ID that the FTP daemon process had when it started.

tags | advisory, remote
advisories | CVE-2011-1526
SHA-256 | 1fe339215ceaa9f7616aea04e0760e9c50130ea0ca8add4046b96df17325d31e
MIT krb5 Security Advisory 2011-004
Posted Apr 14, 2011
Site web.mit.edu

MIT krb5 Security Advisory 2011-004 - The password-changing capability of the MIT krb5 administration daemon (kadmind) has a bug that can cause it to attempt to free() an invalid pointer under certain error conditions. This can cause the daemon to crash or induce the execution of arbitrary code (which is believed to be difficult). No exploit that executes arbitrary code is known to exist, but it is easy to trigger a denial of service manually.

tags | advisory, denial of service, arbitrary
advisories | CVE-2011-0285
SHA-256 | 0e3e5240220bc86a2ebbd53af919f5eb300431e7d92522bea43cb28a37d3570e
MIT krb5 Security Advisory 2011-003
Posted Mar 16, 2011
Site web.mit.edu

MIT krb5 Security Advisory 2011-003 - The MIT Kerberos 5 Key Distribution Center (KDC) daemon is vulnerable to a double-free condition if the Public Key Cryptography for Initial Authentication (PKINIT) capability is enabled, resulting in daemon crash or arbitrary code execution (which is believed to be difficult).

tags | advisory, arbitrary, code execution
advisories | CVE-2011-0284
SHA-256 | b0ca25ea27a1f31338f24d60a05c7d8d56f653b8316aaf2ac49d655c3abd9ae7
MIT krb5 Security Advisory 2011-002
Posted Feb 9, 2011
Site web.mit.edu

MIT krb5 Security Advisory 2011-002 - The MIT krb5 Key Distribution Center (KDC) daemon is vulnerable to denial of service attacks from unauthenticated remote attackers. CVE-2011-0281 and CVE-2011-0282 occur only in KDCs using LDAP back ends, but CVE-2011-0283 occurs in all krb5-1.9 KDCs.

tags | advisory, remote, denial of service
advisories | CVE-2011-0281, CVE-2011-0282, CVE-2011-0283
SHA-256 | 537effdd39dea6c8a3f21ad5bed3351a69acff15857c7c8386bb0ee6b9b645a5
MIT krb5 Security Advisory 2011-001
Posted Feb 8, 2011
Site web.mit.edu

MIT krb5 Security Advisory 2011-001 - The MIT krb5 KDC database propagation daemon (kpropd) is vulnerable to a denial-of-service attack triggered by invalid network input. If a kpropd worker process receives invalid input that causes it to exit with an abnormal status, it can cause the termination of the listening process that spawned it, preventing the slave KDC it was running on from receiving database updates from the master KDC.

tags | advisory
advisories | CVE-2010-4022
SHA-256 | 7cf25f2ff026501a57cf8c31911a2fe6b46fe68de815df7baaf8ae13556ff833
MIT krb5 Security Advisory 2010-007
Posted Dec 1, 2010
Site web.mit.edu

Multiple checksum handling vulnerabilities exist in Kerberos. These vulnerabilities are in the MIT implementation of Kerberos (krb5), but because these vulnerabilities arise from flaws in protocol handling logic, other implementations may also be vulnerable.

tags | advisory, vulnerability, protocol
advisories | CVE-2010-1323, CVE-2010-1324, CVE-2010-4020, CVE-2010-4020, CVE-2010-4021
SHA-256 | df6ccc1619d5bc92b3ec89421e803287d181c7ce6fa6677e04ea80150ebc84bb
MIT krb5 Security Advisory 2010-006
Posted Oct 5, 2010
Site web.mit.edu

MIT krb5 Security Advisory 2010-006 - When the MIT krb5 KDC receives certain Kerberos TGS request messages, it may dereference an uninitialized pointer while processing authorization data, causing a crash, or in rare cases, unauthorized information disclosure, ticket modification, or execution of arbitrary code. The crash may be triggered by legitimate requests. This is an implementation vulnerability in MIT krb5, and not a vulnerability in the Kerberos protocol.

tags | advisory, arbitrary, protocol, info disclosure
advisories | CVE-2010-1322
SHA-256 | f3039556ba2a6b5f444436e40cac97de156ae171ed4baa92a2d04b1d58559192
GSS-API Library Null Pointer Dereference
Posted May 19, 2010
Site web.mit.edu

MIT krb5 Security Advisory 2010-005 - Certain invalid GSS-API tokens can cause a GSS-API acceptor (server) to crash due to a null pointer dereference in the GSS-API library. This is an implementation vulnerability in MIT krb5, and not a vulnerability in the Kerberos protocol.

tags | advisory, protocol
advisories | CVE-2010-1321
SHA-256 | cc1b8fffda0bffb0aa4a0713ccb004929b6f728de0eb2f7abea453bcbceb2996
KDC Double Free Vulnerability
Posted Apr 20, 2010
Site web.mit.edu

MIT krb5 Security Advisory 2010-004 - An authenticated remote attacker can crash the KDC by inducing the KDC to perform a double free. Under some circumstances on some platforms, this could also allow malicious code execution. Successfully inducing code execution by exploiting a double free is believed to be difficult, and no such exploits are known to exist for this vulnerability.

tags | advisory, remote, code execution
advisories | CVE-2010-1320
SHA-256 | 7b328a95b0feb5b66e3e8d9d97e9c430a50cbb70a4a9b3e5635ac7b96fad9238
kadmind Denial Of Service
Posted Apr 7, 2010
Site web.mit.edu

MIT krb5 Security Advisory 2010-003 - In previous MIT krb5 releases krb5-1.5 through krb5-1.6.3, the Kerberos administration daemon (kadmind) can crash due to referencing freed memory. A legitimate user can trigger this crash by using a newer version of the kadmin protocol than the server supports.

tags | advisory, protocol
advisories | CVE-2010-0629
SHA-256 | 52f15147f99a8b73ce1c76f66321a7b8f7baa3149d7fbbd12a0453ca1dd44b10
SPNEGO Denial Of Service
Posted Mar 23, 2010
Site web.mit.edu

MIT krb5 Security Advisory 2010-002 - In MIT krb5 releases krb5-1.7 and later, the SPNEGO GSS-API mechanism can experience an assertion failure when receiving certain invalid messages. This can cause a GSS-API application to crash.

tags | advisory
advisories | CVE-2010-0628
SHA-256 | 8b74aaf71f23d59e52c2c5e99d47fcfed5c74bdf28f1258ddc4c501fa74f3d46
MIT krb5 Security Advisory 2010-001
Posted Feb 16, 2010
Site web.mit.edu

MIT krb5 Security Advisory 2010-001 - Improper input validation in the KDC can cause an assertion failure and process termination. A functional exploit exists, but is not known to be publicly circulated. Releases prior to krb5-1.7 did not contain the vulnerable code. This is an implementation vulnerability in MIT krb5, and is not a vulnerability in the Kerberos protocol.

tags | advisory, protocol
advisories | CVE-2010-0283
SHA-256 | b1bd884f089b3170c3a079bd0375feef10cfbc74b302004b3d4841a87c15c4b9
MIT krb5 Security Advisory 2009-004
Posted Jan 14, 2010
Site web.mit.edu

MIT krb5 Security Advisory 2009-004 - Integer underflow bugs in the AES and RC4 decryption operations of the crypto library of the MIT Kerberos software can cause crashes, heap corruption, or, under extraordinarily unlikely conditions, arbitrary code execution. Only releases krb5-1.3 and later are vulnerable, as earlier releases did not contain the functionality implemented by the vulnerable code.

tags | advisory, arbitrary, cryptography, code execution
advisories | CVE-2009-4212
SHA-256 | 193c3366049395667e47d23e4b590c4d4d8774883250a735de92418983d0d6ec
MIT krb5 Security Advisory 2009-003
Posted Dec 30, 2009
Site web.mit.edu

MIT krb5 Security Advisory 2009-003 - A null pointer dereference can occur in an error condition in the KDC cross-realm referral processing code in MIT krb5-1.7. This can cause the KDC to crash. This is an implementation vulnerability in MIT krb5, and is not a vulnerability in the Kerberos protocol.

tags | advisory, protocol
advisories | CVE-2009-3295
SHA-256 | 492697d164ff8839715b475976bfa5ce3d9f4e7467ed101685ba6316dbd549a1
MIT krb5 Security Advisory 2009-002
Posted Apr 7, 2009
Site web.mit.edu

MIT krb5 Security Advisory 2009-002 - An ASN.1 decoder can free an uninitialized pointer when decoding an invalid encoding. This can cause a Kerberos application to crash, or, under theoretically possible but unlikely circumstances, execute arbitrary malicious code.

tags | advisory, arbitrary
advisories | CVE-2009-0846
SHA-256 | d26cdb51c70ac0de19c2b9607694e8b48c583d10e58fa642b3788316fae5852e
MITKRB5-SA-2008-002.txt
Posted Mar 19, 2008
Site web.mit.edu

MIT krb5 Security Advisory 2008-002 - Two bugs in the RPC library server code, used in the kadmin server, causes an array overrun if too many file descriptors are opened. Memory corruption can result.

tags | advisory, overflow
advisories | CVE-2008-0947, CVE-2008-0948
SHA-256 | babea146a2709b824d53e705a51818ddc0eafaabe79184f098c7bcaae51bc824
MITKRB5-SA-2007-006-2.txt
Posted Sep 6, 2007
Site web.mit.edu

MIT krb5 Security Advisory 2007-006 - The MIT krb5 Kerberos administration daemon (kadmind) is vulnerable to a stack buffer overflow in the RPCSEC_GSS authentication flavor of the RPC library. Third-party applications using the RPC library provided with MIT krb5 may also be affected. Updated version of the original advisory with a fixed patch.

tags | advisory, overflow
advisories | CVE-2007-3999, CVE-2007-4000
SHA-256 | c517f29d3963a74e5996d51015499a26393ca2069f0a85df1eae3889e291d2f7
MITKRB5-SA-2007-006.txt
Posted Sep 5, 2007
Site web.mit.edu

MIT krb5 Security Advisory 2007-006 - The MIT krb5 Kerberos administration daemon (kadmind) is vulnerable to a stack buffer overflow in the RPCSEC_GSS authentication flavor of the RPC library. Third-party applications using the RPC library provided with MIT krb5 may also be affected.

tags | advisory, overflow
advisories | CVE-2007-3999, CVE-2007-4000
SHA-256 | 1a9330f6b961fff2fb28514f62dcab6e7a9f0930d3de7df2541edeccbfb12714
MITKRB5-SA-2007-005.txt
Posted Jun 29, 2007
Site web.mit.edu

MIT krb5 Security Advisory 2007-005 - The MIT krb5 Kerberos administration daemon (kadmind) is vulnerable to a stack buffer overflow.

tags | advisory, overflow
advisories | CVE-2007-2798
SHA-256 | 5915f86c61c9564dc34aa5cb655f913b024147f3860c66cbc95b45eba5a08091
Page 1 of 2
Back12Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    8 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    19 Files
  • 25
    Jun 25th
    5 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close