Information on source package krb5

Available versions

ReleaseVersion
wheezy, wheezy1.10.1+dfsg-5+deb7u1
jessie, sid1.12.1+dfsg-1
squeeze, squeeze1.8.3+dfsg-4squeeze7

Open issues

BugwheezyjessiesidsqueezeDescription
CVE-2011-4151fixedfixedfixedvulnerableThe krb5_db2_lockout_audit function in the Key Distribution Center ...
CVE-2012-1013fixedfixedfixedvulnerableThe check_1_6_dummy function in lib/kadm5/srv/svr_principal.c in ...
CVE-2013-1415fixedfixedfixedvulnerableThe pkinit_check_kdc_pkid function in ...
CVE-2013-1416fixedfixedfixedvulnerableThe prep_reprocess_req function in do_tgs_req.c in the Key ...
CVE-2013-1418vulnerablefixedfixedvulnerableThe setup_server_realm function in main.c in the Key Distribution ...

Open unimportant issues

BugwheezyjessiesidsqueezeDescription
CVE-2004-0971vulnerablevulnerablevulnerablevulnerableThe krb5-send-pr script in the kerberos5 (krb5) package in Trustix ...

Resolved issues

BugDescription
CVE-2002-0391Integer overflow in xdr_array function in RPC servers for operating ...
CVE-2002-1235The kadm_ser_in function in (1) the Kerberos v4compatibility ...
CVE-2002-2443schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) ...
CVE-2003-0028Integer overflow in the xdrmem_getbytes() function, and possibly other ...
CVE-2003-0041Kerberos FTP client allows remote FTP sites to execute arbitrary code ...
CVE-2003-0058MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows ...
CVE-2003-0059Unknown vulnerability in the chk_trans.c of the libkrb5 library for ...
CVE-2003-0060Format string vulnerabilities in the logging routines for MIT Kerberos ...
CVE-2003-0072The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and ...
CVE-2003-0082The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and ...
CVE-2003-0138Version 4 of the Kerberos protocol (krb4), as used in Heimdal and ...
CVE-2003-0139Certain weaknesses in the implementation of version 4 of the Kerberos ...
CVE-2004-0523Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos ...
CVE-2004-0642Double free vulnerabilities in the error handling code for ASN.1 ...
CVE-2004-0643Double free vulnerability in the krb5_rd_cred function for MIT ...
CVE-2004-0644The asn1buf_skiptail function in the ASN.1 decoder library for MIT ...
CVE-2004-0772Double free vulnerabilities in error handling code in krb524d for MIT ...
CVE-2004-1189The add_to_history function in svr_principal.c in libkadm5srv for MIT ...
CVE-2005-0468Heap-based buffer overflow in the env_opt_add function in telnet.c for ...
CVE-2005-0469Buffer overflow in the slc_add_reply function in various BSD-based ...
CVE-2005-0488Certain BSD-based Telnet clients, including those used on Solaris and ...
CVE-2005-1174MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) ...
CVE-2005-1175Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT ...
CVE-2005-1689Double free vulnerability in the krb5_recvauth function in MIT ...
CVE-2006-3083The (1) krshd and (2) v4rcp applications in (a) MIT Kerberos 5 (krb5) ...
CVE-2006-3084The (1) ftpd and (2) ksu programs in (a) MIT Kerberos 5 (krb5) up to ...
CVE-2006-6143The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through ...
CVE-2006-6144The "mechglue" abstraction interface of the GSS-API library for ...
CVE-2007-0956The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote ...
CVE-2007-0957Stack-based buffer overflow in the krb5_klog_syslog function in the ...
CVE-2007-1216Double free vulnerability in the GSS-API library ...
CVE-2007-2442The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos ...
CVE-2007-2443Integer signedness error in the gssrpc__svcauth_unix function in ...
CVE-2007-2798Stack-based buffer overflow in the rename_principal_2_svc function in ...
CVE-2007-3999Stack-based buffer overflow in the svcauth_gss_validate function in ...
CVE-2007-4000The kadm5_modify_policy_internal function in ...
CVE-2007-4743The original patch for CVE-2007-3999 in svc_auth_gss.c in the ...
CVE-2007-5894** DISPUTED ** ...
CVE-2007-5901Use-after-free vulnerability in the gss_indicate_mechs function in ...
CVE-2007-5902Integer overflow in the svcauth_gss_get_principal function in ...
CVE-2007-5971Double free vulnerability in the gss_krb5int_make_seal_token_v3 ...
CVE-2007-5972Double free vulnerability in the krb5_def_store_mkey function in ...
CVE-2008-0062KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for ...
CVE-2008-0063The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not ...
CVE-2008-0947Buffer overflow in the RPC library used by libgssrpc and kadmind in ...
CVE-2008-0948Buffer overflow in the RPC library (lib/rpc/rpc_dtablesize.c) used by ...
CVE-2009-0844The get_input_token function in the SPNEGO implementation in MIT ...
CVE-2009-0845The spnego_gss_accept_sec_context function in ...
CVE-2009-0846The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c ...
CVE-2009-0847The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka ...
CVE-2009-3295The prep_reprocess_req function in kdc/do_tgs_req.c in the cross-realm ...
CVE-2009-4212Multiple integer underflows in the (1) AES and (2) RC4 decryption ...
CVE-2010-0283The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 ...
CVE-2010-0628The spnego_gss_accept_sec_context function in ...
CVE-2010-0629Use-after-free vulnerability in kadmin/server/server_stubs.c in ...
CVE-2010-1320Double free vulnerability in do_tgs_req.c in the Key Distribution ...
CVE-2010-1321The kg_accept_krb5 function in krb5/accept_sec_context.c in the ...
CVE-2010-1322The merge_authdata function in kdc_authdata.c in the Key Distribution ...
CVE-2010-1323MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x ...
CVE-2010-1324MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not ...
CVE-2010-4020MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4 ...
CVE-2010-4021The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 ...
CVE-2010-4022The do_standalone function in the MIT krb5 KDC database propagation ...
CVE-2011-0281The unparse implementation in the Key Distribution Center (KDC) in MIT ...
CVE-2011-0282The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x ...
CVE-2011-0283The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 ...
CVE-2011-0284Double free vulnerability in the prepare_error_as function in ...
CVE-2011-0285The process_chpw_request function in schpw.c in the password-changing ...
CVE-2011-1527The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT ...
CVE-2011-1528The krb5_ldap_lockout_audit function in the Key Distribution Center ...
CVE-2011-1529The lookup_lockout_policy function in the Key Distribution Center ...
CVE-2011-1530The process_tgs_req function in do_tgs_req.c in the Key Distribution ...
CVE-2011-4862Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 ...
CVE-2012-1012server/server_stubs.c in the kadmin protocol implementation in MIT ...
CVE-2012-1014The process_as_req function in the Key Distribution Center (KDC) in ...
CVE-2012-1015The kdc_handle_protected_negotiation function in the Key Distribution ...
CVE-2012-1016The pkinit_server_return_padata function in ...
CVE-2013-1417do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 ...

Security announcements

DSADescription
DSA-2701-1krb5 - denial of service
DSA-2701-1krb5 - denial of service
DSA-2518-1krb5 - denial of service
DSA-2379-1krb5 - several
DSA-2375-1krb5 - buffer overflow
DSA-2129-1krb5 - checksum verification weakness
DSA-2052-1krb5 - denial of service
DSA-2031-1krb5 - denial of service
DSA-1969-1krb5 - denial of service
DSA-1969-1krb5 - denial of service
DSA-1766-1krb5 - several vulnerabilities
DSA-1766-1krb5 - several vulnerabilities
DSA-1524-1krb5 - multiple vulnerabilities
DSA-1524-1krb5 - multiple vulnerabilities
DSA-1367-1krb5 - arbitrary code execution
DSA-1323-1krb5
DSA-1323-1krb5
DSA-1276-1krb5 - several vulnerabilities
DSA-1276-1krb5 - several vulnerabilities
DSA-1146-1krb5 - programming error
DSA-757-1krb5 - buffer overflow, double-free memory
DSA-757-1krb5 - buffer overflow, double-free memory
DSA-703-1krb5 - buffer overflows
DSA-629-1krb5 - buffer overflow
DSA-543-1krb5 -- several vulnerabilities
DSA-520krb5 - buffer overflows
DSA-266krb5 - several vulnerabilities
DSA-183krb5 - buffer overflow
DSA-143krb5 - integer overflow

Search for package or bug name: Reporting problems

Home - Testing Security Team - Debian Security - Source (SVN)