CVE-2000-0546
Severity:
Pending analysis
Type:
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Publication date:
09/06/2000
Last modified:
02/02/2021
Description
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:cygnus_network_security_project:cygnus_network_security:-:*:*:*:*:*:*:* | ||
cpe:2.3:a:kerbnet_project:kerbnet:-:*:*:*:*:*:*:* | ||
cpe:2.3:a:mit:kerberos:*:*:*:*:*:*:*:* | 4.0 (excluding) | |
cpe:2.3:a:mit:kerberos:4.0:-:*:*:*:*:*:* | ||
cpe:2.3:a:mit:kerberos:4.0:patch10:*:*:*:*:*:* | ||
cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:* | 1.0 (including) | 1.0.7 (including) |
cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page