Vulnerability CVE-2003-0072 - CERT Civis.Net

Vulnerability Name:

CVE-2003-0072 (CCN-11582)

Assigned:

2003-03-19

Published:

2003-03-19

Updated:

2020-01-21

Summary:

The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka "array overrun").

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2003-0072

Source: CCN
Type: Conectiva Linux Security Announcement CLSA-2003:639
krb5

Source: CCN
Type: RHSA-2003-051
Updated kerberos packages fix various vulnerabilities

Source: CCN
Type: RHSA-2003-052
krb5 security update

Source: CCN
Type: RHSA-2003-091
Updated kerberos packages fix various vulnerabilities

Source: CCN
Type: RHSA-2003-168
Updated kerberos packages fix various vulnerabilities

Source: CCN
Type: Sun Alert ID: 54042
Solaris/SEAM Kerberos 5 Vulnerability due to Buffer Overflow/Underflow in Principal Name Handling

Source: SUNALERT
Type: UNKNOWN
54042

Source: CCN
Type: MIT krb5 Security Advisory 2003-005
Topic: Buffer overrun and underrun in principal name handling

Source: CONFIRM
Type: Patch, Vendor Advisory
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt

Source: CCN
Type: MIT krb5 Release 1.2 Web site
Kerberos 5 Release 1.2

Source: CCN
Type: CIAC Information Bulletin N-062
MIT krb5 Buffer overrun and underrun in Principal Name Handling

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-266

Source: DEBIAN
Type: DSA-266
krb5 -- several vulnerabilities

Source: CCN
Type: Immunix OS Security Advisory IMNX-2003-7+-007-01
Kerberos 5

Source: REDHAT
Type: UNKNOWN
RHSA-2003:051

Source: REDHAT
Type: UNKNOWN
RHSA-2003:052

Source: BUGTRAQ
Type: UNKNOWN
20030331 GLSA: krb5 & mit-krb5 (200303-28)

Source: BID
Type: UNKNOWN
7184

Source: CCN
Type: BID-7184
MIT Kerberos 5 Principal Name Buffer Overflow Vulnerability

Source: CCN
Type: TLSA-2003-29
Multiple vulnerabilities in krb5

Source: XF
Type: UNKNOWN
kerberos-principal-name-bo(11582)

Vulnerable Configuration:

Configuration 1:

cpe:/a:mit:kerberos:1.0:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos:1.2.2.beta1:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.1:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.2:-:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:mit:kerberos_5:1.1:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.2:-:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*

OR cpe:/a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*

AND

cpe:/o:sun:solaris:8::sparc:*:*:*:*:*

OR cpe:/o:redhat:linux:6.2:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:7:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*

OR cpe:/o:conectiva:linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*

OR cpe:/o:sun:solaris:9::sparc:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*

OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*

OR cpe:/a:sun:seam:1.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*

OR cpe:/o:redhat:linux:9.0:*:*:*:*:*:*:*

OR cpe:/a:sun:seam:1.0.1:*:*:*:*:*:*:*

OR cpe:/a:sun:seam:1.0.2:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:8.2::ppc:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:9.1::ppc:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.debian:def:266	V	several vulnerabilities	2003-03-24