MidnightBSD

Advisories for cygnus

CVE-2000-0389 HIGH

Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mit kerberos_5 1.0
mit kerberos 4.0
mit kerberos_5 1.1.1
cygnus kerbnet 5.0
redhat linux 6.2
cygnus cygnus_network_security 4.0
CVE-2000-0390 HIGH

Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mit kerberos_5 1.0
mit kerberos 4.0
mit kerberos_5 1.1.1
cygnus kerbnet 5.0
redhat linux 6.2
cygnus cygnus_network_security 4.0
CVE-2000-0391 HIGH

Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mit kerberos_5 1.0
mit kerberos 4.0
mit kerberos_5 1.1.1
cygnus kerbnet 5.0
redhat linux 6.2
cygnus cygnus_network_security 4.0
CVE-2000-0392 HIGH

Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mit kerberos_5 1.0
mit kerberos 4.0
mit kerberos_5 1.1.1
cygnus kerbnet 5.0
redhat linux 6.2
cygnus cygnus_network_security 4.0
CVE-2000-0549 MEDIUM

Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mit kerberos_5 1.0
mit kerberos 4.0
mit kerberos_5 1.1
mit kerberos_5 1.1.1
cygnus kerbnet 5.0
cygnus cygnus_network_security 4.0
CVE-2000-0550 MEDIUM

Kerberos 4 KDC program improperly frees memory twice (aka "double-free"), which allows remote attackers to cause a denial of service.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mit kerberos_5 1.0
mit kerberos 4.0
mit kerberos_5 1.1
mit kerberos_5 1.1.1
cygnus kerbnet 5.0
cygnus cygnus_network_security 4.0