VULHUB ™

CERT Advisory CA-2000-06 - Multiple Buffer Overflows in MIT Kerberos Authenticated Services. Several buffer overflow vulnerabilities exist in the Kerberos authentication software version 4, including implementations included for backwards compatibility in Kerberos 5 implementations. The most severe vulnerability allows remote intruders to gain root privileges on systems running services using Kerberos authentication. If vulnerable services are enabled on the Key Distribution Center (KDC) system, the entire Kerberos domain may be compromised. All known Kerberos 4 implementations derived from MIT sources are believed to be vulnerable. krshd has a remote root vulnerability and v4rcp and ksu have local vulnerabilities. MIT Kerberos team advisory here.

CERT Advisory CA-2000-06 - Multiple Buffer Overflows in MIT Kerberos Authenticated Services. Several buffer overflow vulnerabilities exist in the Kerberos authentication software version 4, including implementations included for backwards compatibility in Kerberos 5 implementations. The most severe vulnerability allows remote intruders to gain root privileges on systems running services using Kerberos authentication. If vulnerable services are enabled on the Key Distribution Center (KDC) system, the entire Kerberos domain may be compromised. All known Kerberos 4 implementations derived from MIT sources are believed to be vulnerable. krshd has a remote root vulnerability and v4rcp and ksu have local vulnerabilities. MIT Kerberos team advisory here.