CVE-2000-0390Improper Restriction of Operations within the Bounds of a Memory Buffer in Kerberos

5 documents5 sources
Severity
10.0CRITICALNVD
EPSS
8.5%
top 7.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Cygnus Network SecurityCygnus KerbnetMIT Kerberos+2 more
Timeline
PublishedMay 16
Latest updateApr 30

Description

Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages5 packages

NVDmit/kerberos4.0
NVDmit/kerberos_51.0, 1.1.1+1
NVDredhat/linux6.2

🔴Vulnerability Details

2
GHSA
GHSA-hw2f-876w-6xvx: Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges2022-04-30
CVEList
CVE-2000-0390: Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges2000-07-12

📋Vendor Advisories

1
Red Hat
security flaw2000-05-16

💬Community

1
Bugzilla
CVE-2000-0390 security flaw2018-08-16
CVE-2000-0390 — MIT Kerberos vulnerability | cvebase