Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0549

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2000-0549
Last Modified 10 Sep 2008 03:05:01
Published 09 Jun 2000 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0549

Summary

Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request.

Vulnerable Systems

Application

  • Cygnus Kerbnet 5.0

  • Cygnus Network Security 4.0

  • Mit Kerberos 4.0

  • Mit Kerberos 5 1.0

  • Mit Kerberos 5 1.1.1

  • Mit Kerberos 5-1.1


References

CERT - CA-2000-11

BUGTRAQ - 20000609 Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC

CONFIRM - http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt

REDHAT - RHSA-2000:031

CIAC - K-051


Last Updated: 27 May 2016 10:35:46