MIT » Kerberos 5 : Security Vulnerabilities, CVEs, Published In 2003 (Denial of service)
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap (aka "buffer underrun").
Max CVSS
5.0
EPSS Score
2.10%
Published
2003-04-02
Updated
2020-01-21
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka "array overrun").
Max CVSS
5.0
EPSS Score
1.40%
Published
2003-04-02
Updated
2020-01-21
Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in Kerberos principal names.
Max CVSS
7.5
EPSS Score
8.84%
Published
2003-02-19
Updated
2020-01-21
MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.
Max CVSS
5.0
EPSS Score
2.03%
Published
2003-02-19
Updated
2020-01-21
Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value.
Max CVSS
5.0
EPSS Score
8.35%
Published
2003-02-19
Updated
2020-01-21
5 vulnerabilities found