Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0060

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0060
Last Modified 05 Sep 2008 04:33:21
Published 19 Feb 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0060

Summary

Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in Kerberos principal names.

Vulnerable Systems

Application

  • Mit Kerberos 5-1.2.1

  • Mit Kerberos 5-1.2.2

  • Mit Kerberos 5-1.2.3

  • Mit Kerberos 5-1.2.4


References

CERT-VN - VU#787523

BID - 6712

CONFIRM - http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt

XF - kerberos-kdc-format-string(11189)

OSVDB - 4879

CONECTIVA - CLSA-2003:639


Last Updated: 27 May 2016 10:37:46