Buffer Overflow in Kerberos 4 KDC Program by MIT
CVE-2000-0548

Currently unrated

Key Information:

Vendor: Mit
Status: Kerberos 5; Kerberos; Cygnus Network Security; Kerbnet
Vendor: CVE Published:; 9 June 2000

What is CVE-2000-0548?

The Kerberos 4 Key Distribution Center (KDC) program contains a buffer overflow vulnerability that can be exploited by remote attackers. This vulnerability occurs in the e_msg variable within the kerb_err_reply function, allowing an attacker to send specially crafted messages that could overflow the buffer, leading to potential denial of service conditions. Successful exploitation may disrupt the availability of the KDC service, affecting authentication processes for users in a network. It is essential for organizations using Kerberos 4 to apply appropriate patches and mitigations to safeguard against these attack vectors.

References

http://www.cert.org/advisories/CA-2000-11.html

third-party-advisoryx_refsource_CERT

http://ciac.llnl.gov/ciac/bulletins/k-051.shtml

third-party-advisorygovernment-resourcex_refsource_CIAC

http://archives.neohapsis.com/archives/bugtraq/2000-06/00...

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Jul 11, 2000
Vulnerability published
Jun 9, 2000

CVE-2000-0548 Data

JSON

Mit

What is CVE-2000-0548?

References

Timeline