Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-5730 | 4 Debian, Fedoraproject, Mit and 1 more | 6 Debian Linux, Fedora, Kerberos 5 and 3 more | 2021-09-30 | 5.5 MEDIUM | 3.8 LOW |
| MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN. | |||||
| CVE-2010-1323 | 1 Mit | 2 Kerberos, Kerberos 5 | 2020-01-21 | 2.6 LOW | 3.7 LOW |
| MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys. | |||||
| CVE-2010-1324 | 1 Mit | 1 Kerberos 5 | 2020-01-21 | 4.3 MEDIUM | 3.7 LOW |
| MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key. | |||||