Description
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the e_msg variable in the kerb_err_reply function.
References (6)
Core 6
Core References
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert
http://www.cert.org/advisories/CA-2000-11.html
Broken Link third-party-advisory
government-resource
x_refsource_ciac
http://ciac.llnl.gov/ciac/bulletins/k-051.shtml
Broken Link mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html
Patch, Vendor Advisory x_refsource_confirm
http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt
Third Party Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2000-031.html
Broken Link vdb-entry
x_refsource_osvdb
http://www.osvdb.org/4875
Scores
EPSS
0.0342
EPSS Percentile
87.5%
Details
CWE
CWE-120
Status
published
Products (7)
cygnus_network_security_project/cygnus_network_security
kerbnet_project/kerbnet
mit/kerberos
4.0 (2 CPE variants)
mit/kerberos
< 4.0
mit/kerberos_5
1.1
mit/kerberos_5
1.1.1
mit/kerberos_5
1.0 - 1.0.7
Published
Jun 09, 2000
Tracked Since
Feb 18, 2026