Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0434

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-0434
Last Modified 10 Sep 2008 03:26:23
Published 07 Jul 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0434

Summary

k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow.

Vulnerable Systems

Application

  • Kth Heimdal


References

XF - heimdal-kadmind-bo(16071)

DEBIAN - DSA-504

GENTOO - GLSA-200405-23

BUGTRAQ - 20040505 Advisory: Heimdal kadmind version4 remote heap overflow

FULLDISC - 20040506 Advisory: Heimdal kadmind version4 remote heap overflow

FREEBSD - FreeBSD-SA-04:09


Last Updated: 27 May 2016 10:38:36