Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request.
2000-06-09T04:00:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 5.0 (MEDIUM)
AV:N/AC:L/Au:N/C:N/I:N/A:P
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | cygnus | cygnus_network_security | 4.0 | Yes |
| Application | cygnus | kerbnet | 5.0 | Yes |
| Application | mit | kerberos | 4.0 | Yes |
| Application | mit | kerberos_5 | 1.0 | Yes |
| Application | mit | kerberos_5 | 1.1 | Yes |
| Application | mit | kerberos_5 | 1.1.1 | Yes |