CVE-2002-1235

Severity Score

10.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack.

La función kadm_ser en
el demonio de administración de compatibildad de Kerberos v4 (kadmind4) en el MIT Kerberos 5 (krb5) krb5-1.2.6 y anteriores
kadmind en KTH Kerberos 4 (eBones) anteriores a 1.2.1, y
kadmind en KTH Kerberos 5 (Heimdal) anteriores a 0.5.1
compilados con soporte de Kerberos 4, no verifica adecuadamente la longitud de un campo de petición, lo que permite a atacantes remotos ejecutar código arbitrario mediante un ataque de desbordamiento de búfer.

*Credits: N/A

CVSS Scores

NISTv2 10.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2002-10-24 CVE Reserved
2002-10-25 CVE Published
2023-08-23 EPSS Updated
2024-08-08 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (21)

URL	Tag	Source
http://archives.neohapsis.com/archives/bugtraq/2002-10/0399.html	Mailing List
http://marc.info/?l=bugtraq&m=103539530729206&w=2	Mailing List
http://marc.info/?l=bugtraq&m=103564944215101&w=2	Mailing List
http://marc.info/?l=bugtraq&m=103582517126392&w=2	Mailing List
http://marc.info/?l=bugtraq&m=103582805330339&w=2	Mailing List
http://www.iss.net/security_center/static/10430.php	Third Party Advisory
http://www.kb.cert.org/vuls/id/875073	Third Party Advisory
http://www.pdc.kth.se/heimdal	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
http://www.cert.org/advisories/CA-2002-29.html	2020-01-21
http://www.debian.org/security/2002/dsa-184	2020-01-21
http://www.securityfocus.com/bid/6024	2020-01-21

URL	Date	SRC
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-026.txt.asc	2020-01-21
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000534	2020-01-21
http://web.mit.edu/kerberos/www/advisories/2002-002-kadm4_attacksig.txt	2020-01-21
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2002-002-kadm4.txt	2020-01-21
http://www.debian.org/security/2002/dsa-183	2020-01-21
http://www.debian.org/security/2002/dsa-185	2020-01-21
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-073.php	2020-01-21
http://www.redhat.com/support/errata/RHSA-2002-242.html	2020-01-21
https://access.redhat.com/security/cve/CVE-2002-1235	2003-04-29
https://bugzilla.redhat.com/show_bug.cgi?id=1616862	2003-04-29

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Kth Search vendor "Kth"		Kth Kerberos 4 Search vendor "Kth" for product "Kth Kerberos 4"				< 1.2.1 Search vendor "Kth" for product "Kth Kerberos 4" and version " < 1.2.1"		-		Affected
Kth Search vendor "Kth"		Kth Kerberos 5 Search vendor "Kth" for product "Kth Kerberos 5"				< 0.5.1 Search vendor "Kth" for product "Kth Kerberos 5" and version " < 0.5.1"		-		Affected
Mit Search vendor "Mit"		Kerberos 5 Search vendor "Mit" for product "Kerberos 5"				>= 1.0 <= 1.2.6 Search vendor "Mit" for product "Kerberos 5" and version " >= 1.0 <= 1.2.6"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				3.0 Search vendor "Debian" for product "Debian Linux" and version "3.0"		-		Affected