Description
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the localrealm variable in the process_v4 function.
References (5)
Core 5
Core References
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert
http://www.cert.org/advisories/CA-2000-11.html
Broken Link third-party-advisory
government-resource
x_refsource_ciac
http://ciac.llnl.gov/ciac/bulletins/k-051.shtml
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/1338
Broken Link mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html
Patch, Vendor Advisory x_refsource_confirm
http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt
Scores
EPSS
0.0258
EPSS Percentile
85.7%
Details
CWE
CWE-120
Status
published
Products (7)
cygnus_network_security_project/cygnus_network_security
kerbnet_project/kerbnet
mit/kerberos
4.0 (2 CPE variants)
mit/kerberos
< 4.0
mit/kerberos_5
1.1
mit/kerberos_5
1.1.1
mit/kerberos_5
1.0 - 1.0.7
Published
Jun 09, 2000
Tracked Since
Feb 18, 2026