Published: 07/07/2004 Updated: 02/02/2024

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

k5admind (kadmind) for Heimdal allows remote malicious users to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
heimdal project heimdal
debian debian linux 3.0

Evgeny Demidov discovered a potential buffer overflow in a Kerberos 4 component of heimdal, a free implementation of Kerberos 5 The problem is present in kadmind, a server for administrative access to the Kerberos database This problem could perhaps be exploited to cause the daemon to read a negative amount of data which could lead to unexpected ...

CWE-131 http://www.debian.org/security/2004/dsa-504 http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020998.html ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:09.kadmind.asc http://security.gentoo.org/glsa/glsa-200405-23.xml http://marc.info/?l=bugtraq&m=108386148126457&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/16071 https://www.debian.org/security/./dsa-504 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-0434

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect