Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Cygnus_network_security | Cygnus | 4.0 (including) | 4.0 (including) |
| Kerbnet | Cygnus | 5.0 (including) | 5.0 (including) |
| Kerberos | Mit | 4.0 (including) | 4.0 (including) |
| Kerberos_5 | Mit | 1.0 (including) | 1.0 (including) |
| Kerberos_5 | Mit | 1.1.1 (including) | 1.1.1 (including) |
References
- http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html
- http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html
- http://www.cert.org/advisories/CA-2000-06.html
- http://www.osvdb.org/4884
- http://www.redhat.com/support/errata/RHSA-2000-025.html
- http://www.securityfocus.com/bid/1220
- http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html
- http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html
- http://www.cert.org/advisories/CA-2000-06.html
- http://www.osvdb.org/4884
- http://www.redhat.com/support/errata/RHSA-2000-025.html
- http://www.securityfocus.com/bid/1220