Vulnerability Name:

CVE-2000-0392 (CCN-4522)

Assigned:2000-05-16
Published:2000-05-16
Updated:2020-01-21
Summary:Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges.
CVSS v3 Severity:9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Privileges
References:Source: CCN
Type: FreeBSD Security Advisory FreeBSD-SA-00:20
krb5 port contains remote and local root exploits.

Source: CCN
Type: FreeBSD Security Advisory FreeBSD-SA-00:33
kerberosIV distribution contains multiple vulnerabilities under FreeBSD 3.x

Source: BUGTRAQ
Type: UNKNOWN
20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS

Source: FREEBSD
Type: UNKNOWN
FreeBSD-SA-00:20

Source: MITRE
Type: CNA
CVE-2000-0392

Source: CCN
Type: RHSA-2000:025-08
Kerberos 5 packages

Source: CCN
Type: Kerberos Security Advisory
BUFFER OVERRUN VULNERABILITIES IN KERBEROS

Source: CCN
Type: Kerberos: The Network Authentication Protocol
Kerberos Distribution Authorization Form

Source: CCN
Type: CERT Advisory CA-2000-06
Multiple Buffer Overflows in Kerberos Authenticated Services

Source: CERT
Type: Third Party Advisory, US Government Resource
CA-2000-06

Source: CCN
Type: CIAC Information Bulletin K-043b
Buffer Overrun Vulnerabilities in Kerberos

Source: CCN
Type: US-CERT VU#38336
MIT Kerberos 5 ksu may allow either the `-r` or `-l` time-interval parameter to overflow the stack with the characters ``d`, `h`, `m`, or `s`

Source: CCN
Type: OSVDB ID: 4872
MIT Kerberos ksu Local Overflow

Source: REDHAT
Type: UNKNOWN
RHSA-2000:025

Source: BID
Type: UNKNOWN
1220

Source: CCN
Type: BID-1220
Multiple Vendor Kerberos 5/Kerberos 4 Compatibility krb_rd_req() Buffer Overflow Vulnerability

Source: XF
Type: UNKNOWN
kerberos-ksu-bo(4522)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:cygnus:cygnus_network_security:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cygnus:kerbnet:5.0:*:*:*:*:*:*:*
  • OR cpe:/a:mit:kerberos:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:mit:kerberos_5:1.0:-:*:*:*:*:*:*
  • OR cpe:/a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:redhat:linux:6.2:*:alpha:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.2:*:i386:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.2:*:sparc:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:mit:kerberos_5:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mit:kerberos_5:1.0:-:*:*:*:*:*:*
  • AND
  • cpe:/a:cygnus:kerbnet:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    cygnus cygnus network security 4.0
    cygnus kerbnet 5.0
    mit kerberos 4.0
    mit kerberos 5 1.0
    mit kerberos 5 1.1.1
    redhat linux 6.2
    redhat linux 6.2
    redhat linux 6.2
    mit kerberos 5 1.1
    mit kerberos 5 1.1.1
    mit kerberos 5 1.0 -
    cygnus kerbnet *