Buffer Overflow Vulnerability in Kerberos 4 KDC Program by MIT
CVE-2000-0546

Currently unrated

Key Information:

Vendor: Mit
Status: Kerberos 5; Kerberos; Cygnus Network Security; Kerbnet
Vendor: CVE Published:; 9 June 2000

What is CVE-2000-0546?

A buffer overflow vulnerability exists in the Kerberos 4 Key Distribution Center (KDC) program, specifically manifesting in the lastrealm variable within the set_tgtkey function. This flaw enables remote attackers to exploit the backend processes of the KDC, potentially causing service disruptions. By crafting specific input that exceeds the allocated buffer size, attackers can manipulate memory, leading to application crashes or unpredictable behavior.

References

http://www.cert.org/advisories/CA-2000-11.html

third-party-advisoryx_refsource_CERT

http://ciac.llnl.gov/ciac/bulletins/k-051.shtml

third-party-advisorygovernment-resourcex_refsource_CIAC

http://www.securityfocus.com/bid/1338

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Jul 11, 2000
Vulnerability published
Jun 9, 2000

CVE-2000-0546 Data

JSON

Mit

What is CVE-2000-0546?

References

Timeline