{ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2003-0072", "STATE" : "PUBLIC" }, "affects" : { "vendor" : { "vendor_data" : [ { "product" : { "product_data" : [ { "product_name" : "n/a", "version" : { "version_data" : [ { "version_value" : "n/a" } ] } } ] }, "vendor_name" : "n/a" } ] } }, "data_format" : "MITRE", "data_type" : "CVE", "data_version" : "4.0", "description" : { "description_data" : [ { "lang" : "eng", "value" : "The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka \"array overrun\")." } ] }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "eng", "value" : "n/a" } ] } ] }, "references" : { "reference_data" : [ { "name" : "20030331 GLSA: krb5 & mit-krb5 (200303-28)", "refsource" : "BUGTRAQ", "url" : "http://www.securityfocus.com/archive/1/316960/30/25250/threaded" }, { "name" : "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt", "refsource" : "CONFIRM", "url" : "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt" }, { "name" : "DSA-266", "refsource" : "DEBIAN", "url" : "http://www.debian.org/security/2003/dsa-266" }, { "name" : "RHSA-2003:051", "refsource" : "REDHAT", "url" : "http://www.redhat.com/support/errata/RHSA-2003-051.html" }, { "name" : "RHSA-2003:052", "refsource" : "REDHAT", "url" : "http://www.redhat.com/support/errata/RHSA-2003-052.html" }, { "name" : "54042", "refsource" : "SUNALERT", "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-54042-1" }, { "name" : "7184", "refsource" : "BID", "url" : "http://www.securityfocus.com/bid/7184" } ] } }