CVE-2004-0523

Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.

Affected Software

Name	Vendor	Start Version	End Version
Kerberos	Mit	1.0 (including)	1.0 (including)
Kerberos	Mit	1.0.8 (including)	1.0.8 (including)
Kerberos	Mit	1.2.2.beta1 (including)	1.2.2.beta1 (including)
Kerberos_5	Mit	1.0 (including)	1.0 (including)
Kerberos_5	Mit	1.0.6 (including)	1.0.6 (including)
Kerberos_5	Mit	1.1 (including)	1.1 (including)
Kerberos_5	Mit	1.1.1 (including)	1.1.1 (including)
Kerberos_5	Mit	1.2 (including)	1.2 (including)
Kerberos_5	Mit	1.2-beta1 (including)	1.2-beta1 (including)
Kerberos_5	Mit	1.2-beta2 (including)	1.2-beta2 (including)
Kerberos_5	Mit	1.2.1 (including)	1.2.1 (including)
Kerberos_5	Mit	1.2.2 (including)	1.2.2 (including)
Kerberos_5	Mit	1.2.3 (including)	1.2.3 (including)
Kerberos_5	Mit	1.2.4 (including)	1.2.4 (including)
Kerberos_5	Mit	1.2.5 (including)	1.2.5 (including)
Kerberos_5	Mit	1.2.6 (including)	1.2.6 (including)
Kerberos_5	Mit	1.2.7 (including)	1.2.7 (including)
Kerberos_5	Mit	1.3 (including)	1.3 (including)
Kerberos_5	Mit	1.3-alpha1 (including)	1.3-alpha1 (including)
Kerberos_5	Mit	1.3.3 (including)	1.3.3 (including)
Propack	Sgi	2.4 (including)	2.4 (including)
Propack	Sgi	3.0 (including)	3.0 (including)
Seam	Sun	1.0 (including)	1.0 (including)
Seam	Sun	1.0.1 (including)	1.0.1 (including)
Seam	Sun	1.0.2 (including)	1.0.2 (including)
Tinysofa_enterprise_server	Tinysofa	1.0 (including)	1.0 (including)
Tinysofa_enterprise_server	Tinysofa	1.0_u1 (including)	1.0_u1 (including)
Red Hat Enterprise Linux 3	RedHat	krb5-0:1.2.7-24	*
Krb5	Ubuntu	dapper	*
Krb5	Ubuntu	devel	*
Krb5	Ubuntu	edgy	*
Krb5	Ubuntu	feisty	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0523
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References