Lucene search

GoogleOSV:DSA-629-1

HistoryJan 07, 2005 - 12:00 a.m.

krb5 - buffer overflow

2005-01-0700:00:00

Google

osv.dev

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

A buffer overflow has been discovered in the MIT Kerberos 5
administration library (libkadm5srv) that could lead to the execution
of arbitrary code upon exploitation by an authenticated user, not
necessarily one with administrative privileges.

For the stable distribution (woody) this problem has been fixed in
version 1.2.4-5woody7.

For the unstable distribution (sid) this problem has been fixed in
version 1.3.6-1.

We recommend that you upgrade your krb5 packages.

CPENameOperatorVersion
krb5eq1.2.4-5woody6

CPE	Name	Operator	Version
	krb5	eq	1.2.4-5woody6

References

www.debian.org/security/2005/dsa-629

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

Related for OSV:DSA-629-1