CVE

Id
6889  
CVE No.
CVE-2003-0060  
Status
Candidate  
Description
Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in Kerberos principal names.  
Phase
Modified (20040818)  
Votes
ACCEPT(2) Baker, Green | MODIFY(2) Cox, Frech | NOOP(2) Cole, Wall  
Comments
Cox> This is actually fixed in krb5 version 1.2.4 not 1.2.5 | Frech> XF:kerberos-kdc-format-string(11189)  

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
39375 6889 CVE-2003-0060 CONFIRM:http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt  View
39376 6889 CVE-2003-0060 CONECTIVA:CLSA-2003:639  View
39377 6889 CVE-2003-0060 URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000639  View
39378 6889 CVE-2003-0060 CERT-VN:VU#787523  View
39379 6889 CVE-2003-0060 URL:http://www.kb.cert.org/vuls/id/787523  View
39380 6889 CVE-2003-0060 BID:6712  View
39381 6889 CVE-2003-0060 URL:http://www.securityfocus.com/bid/6712  View
39382 6889 CVE-2003-0060 XF:kerberos-kdc-format-string(11189)  View
39383 6889 CVE-2003-0060 URL:http://xforce.iss.net/xforce/xfdb/11189  View
39384 6889 CVE-2003-0060 OSVDB:4879  View

Related JVN