Search for packages
| purl | pkg:deb/debian/krb5@1.15-1%2Bdeb9u1 |
| Next non-vulnerable version | 1.20.1-2+deb12u4 |
| Latest non-vulnerable version | 1.20.1-2+deb12u4 |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3y1h-rrkp-u3a8
Aliases: CVE-2021-36222 |
ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation. |
Affected by 9 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-66s2-r7xt-pbhs
Aliases: CVE-2018-5729 |
krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data |
Affected by 9 other vulnerabilities. |
|
VCID-6u99-q9jp-uufv
Aliases: CVE-2023-36054 |
lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count. |
Affected by 2 other vulnerabilities. |
|
VCID-9kmm-hwaq-87bq
Aliases: CVE-2018-5710 |
An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client. |
Affected by 9 other vulnerabilities. |
|
VCID-9m1b-dbbz-27dq
Aliases: CVE-2025-24528 |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
|
VCID-htwj-z8xz-puh7
Aliases: CVE-2025-3576 |
A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering. |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-kpgs-tn61-1kem
Aliases: CVE-2022-42898 |
PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug." |
Affected by 2 other vulnerabilities. |
|
VCID-nvmc-771t-mkbj
Aliases: CVE-2017-11368 |
krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure |
Affected by 9 other vulnerabilities. |
|
VCID-q4c8-fse8-j7ce
Aliases: CVE-2024-37371 |
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. |
Affected by 2 other vulnerabilities. |
|
VCID-qkq7-7am9-hqf5
Aliases: CVE-2017-11462 |
krb5: Automatic sec context deletion could lead to double-free |
Affected by 9 other vulnerabilities. |
|
VCID-u2uu-f7z6-v3fy
Aliases: CVE-2017-15088 |
Affected by 9 other vulnerabilities. |
|
|
VCID-uf2z-s3w4-y7ep
Aliases: CVE-2018-5730 |
krb5: DN container check bypass by supplying special crafted data |
Affected by 9 other vulnerabilities. |
|
VCID-ugjs-k8a1-sue3
Aliases: CVE-2021-37750 |
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field. |
Affected by 2 other vulnerabilities. |
|
VCID-wrs3-g5e3-8kbu
Aliases: CVE-2018-20217 |
A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request. |
Affected by 9 other vulnerabilities. |
|
VCID-yseg-9x35-4kfk
Aliases: CVE-2020-28196 |
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit. |
Affected by 9 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-z6g5-ha7v-9fdk
Aliases: CVE-2024-37370 |
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. |
Affected by 2 other vulnerabilities. |