Approved changes feed: RSS · Atom
cpe:2.3:a:mit:krb5-appl:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Mit (82b7f5d9-694f-5ac9-86aa-26958677636b) |
|---|---|
| Product | Krb5 Appl (01e99cf6-6fca-5f44-bbda-1288e1668ba3) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/krb5/krb5-appl |
purl2cpe | 2026-06-01 10:16:02.465844 |
pkg:rpm/opensuse/krb5-appl |
purl2cpe | 2026-06-01 10:16:02.465846 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2019-25018 |
vulnerable | 2026-06-08 05:13:41.812363 |
Details available
In the rcp client in MIT krb5-appl through 1.0.3, malicious servers could bypass intended access restrictions via the filename of . or an empty filename, similar to CVE-2018-20685 and CVE-2019-7282. The impact is modifying the permissions of the target directory on the client side. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8.
Published: 2021-02-02T17:23:31.000Z
Updated: 2024-08-05T03:00:18.816Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-25017 |
vulnerable | 2026-06-08 05:13:41.811855 |
Details available
An issue was discovered in rcp in MIT krb5-appl through 1.0.3. Due to the rcp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious rcp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rcp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file). This issue is similar to CVE-2019-6111 and CVE-2019-7283. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8.
Published: 2021-02-02T17:23:58.000Z
Updated: 2024-08-05T03:00:18.924Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4862 |
vulnerable | 2026-06-08 04:59:33.315872 |
Details available
Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.
Published: 2011-12-25T01:00:00.000Z
Updated: 2024-08-07T00:16:35.035Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-1526 |
vulnerable | 2026-06-08 04:58:00.153264 |
Details available
ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script.
Published: 2011-07-11T20:00:00.000Z
Updated: 2024-08-06T22:28:41.820Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.