k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow.
References
Link | Resource |
---|---|
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:09.kadmind.asc | Broken Link Third Party Advisory |
http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020998.html | Broken Link Third Party Advisory |
http://marc.info/?l=bugtraq&m=108386148126457&w=2 | Mailing List |
http://security.gentoo.org/glsa/glsa-200405-23.xml | Third Party Advisory |
http://www.debian.org/security/2004/dsa-504 | Broken Link Patch Third Party Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/16071 | Third Party Advisory VDB Entry |
Configurations
History
02 Feb 2024, 03:05
Type | Values Removed | Values Added |
---|---|---|
References | () ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:09.kadmind.asc - Broken Link, Third Party Advisory | |
References | () http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020998.html - Broken Link, Third Party Advisory | |
References | () http://marc.info/?l=bugtraq&m=108386148126457&w=2 - Mailing List | |
References | () http://www.debian.org/security/2004/dsa-504 - Broken Link, Patch, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 10.0
v3 : 9.8 |
CWE | CWE-131 |
Information
Published : 2004-07-07 04:00
Updated : 2024-02-02 03:05
NVD link : CVE-2004-0434
Mitre link : CVE-2004-0434
CVE.ORG link : CVE-2004-0434
JSON object : View
Products Affected
heimdal_project
- heimdal
debian
- debian_linux
CWE
CWE-131
Incorrect Calculation of Buffer Size