|Max CVSS||10.0||Min CVSS||4.3||Total Count||4|
|ID||CVSS||Summary||Last (major) update||Published|
Buffer overflow in the RPC library used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.4 through 1.6.3 allows remote attackers to execute arbitrary code by triggering a large number of open file descriptors.
|06-09-2011 - 22:43||18-03-2008 - 20:44|
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer derefe
|06-09-2011 - 22:41||19-03-2008 - 06:44|
Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors.
|07-03-2011 - 22:01||05-12-2007 - 21:46|
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."
|07-03-2011 - 00:00||19-03-2008 - 06:44|