The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack.

Threat-Mapped Scoring

Score: 1.9

Priority: P3 - Important (Medium)

• S9 – Sabotage of System/App
• S10 – Denial of Service (+0.1 bonus)

EPSS

Score: 0.32917
Percentile: 0.96689

CVSS Scoring

Affected Products

• cpe:2.3:a:kth:kth_kerberos_4:*:*:*:*:*:*:*:*
• cpe:2.3:a:kth:kth_kerberos_5:*:*:*:*:*:*:*:*
• cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*
• cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*

← Back to Home