Pam Krb5project Pam Krb5
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Pam Krb5project Pam Krb5.
By the Year
In 2025 there have been 0 vulnerabilities in Pam Krb5project Pam Krb5. Pam Krb5 did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 0 | 0.00 |
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 1 | 9.80 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Pam Krb5 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Pam Krb5project Pam Krb5 Security Vulnerabilities
pam-krb5 before 4.9 has a buffer overflow
CVE-2020-10595
9.8 - Critical
- March 31, 2020
pam-krb5 before 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. It may overflow a buffer provided by the underlying Kerberos library by a single '\0' byte if an attacker responds to a prompt with an answer of a carefully chosen length. The effect may range from heap corruption to stack corruption depending on the structure of the underlying Kerberos library, with unknown effects but possibly including code execution. This code path is not used for normal authentication, but only when the Kerberos library does supplemental prompting, such as with PKINIT or when using the non-standard no_prompt PAM configuration option.
Classic Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Debian Linux or by Pam Krb5project? Click the Watch button to subscribe.
