CVE-2002-0036
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
19/02/2003
Last modified:
03/04/2025
Description
Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000639
- http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt
- http://www.kb.cert.org/vuls/id/587579
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003%3A043
- http://www.osvdb.org/4896
- http://www.redhat.com/support/errata/RHSA-2003-051.html
- http://www.redhat.com/support/errata/RHSA-2003-052.html
- http://www.redhat.com/support/errata/RHSA-2003-168.html
- http://www.securityfocus.com/bid/6713
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11190
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000639
- http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt
- http://www.kb.cert.org/vuls/id/587579
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003%3A043
- http://www.osvdb.org/4896
- http://www.redhat.com/support/errata/RHSA-2003-051.html
- http://www.redhat.com/support/errata/RHSA-2003-052.html
- http://www.redhat.com/support/errata/RHSA-2003-168.html
- http://www.securityfocus.com/bid/6713
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11190