mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
153 lines
5.1 KiB
JSON
153 lines
5.1 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "cve@mitre.org",
|
|
"ID" : "CVE-2002-1235",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "n/a",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "20021023 MITKRB5-SA-2002-002: Buffer overflow in kadmind4",
|
|
"refsource" : "BUGTRAQ",
|
|
"url" : "http://marc.info/?l=bugtraq&m=103539530729206&w=2"
|
|
},
|
|
{
|
|
"name" : "20021027 Re: Buffer overflow in kadmind4",
|
|
"refsource" : "BUGTRAQ",
|
|
"url" : "http://marc.info/?l=bugtraq&m=103582805330339&w=2"
|
|
},
|
|
{
|
|
"name" : "20021026 Updated: MITKRB5-SA-2002-002: Buffer overflow in kadmind4",
|
|
"refsource" : "BUGTRAQ",
|
|
"url" : "http://marc.info/?l=bugtraq&m=103564944215101&w=2"
|
|
},
|
|
{
|
|
"name" : "CA-2002-29",
|
|
"refsource" : "CERT",
|
|
"url" : "http://www.cert.org/advisories/CA-2002-29.html"
|
|
},
|
|
{
|
|
"name" : "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2002-002-kadm4.txt",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2002-002-kadm4.txt"
|
|
},
|
|
{
|
|
"name" : "http://web.mit.edu/kerberos/www/advisories/2002-002-kadm4_attacksig.txt",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://web.mit.edu/kerberos/www/advisories/2002-002-kadm4_attacksig.txt"
|
|
},
|
|
{
|
|
"name" : "http://www.pdc.kth.se/heimdal/",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www.pdc.kth.se/heimdal/"
|
|
},
|
|
{
|
|
"name" : "VU#875073",
|
|
"refsource" : "CERT-VN",
|
|
"url" : "http://www.kb.cert.org/vuls/id/875073"
|
|
},
|
|
{
|
|
"name" : "MDKSA-2002:073",
|
|
"refsource" : "MANDRAKE",
|
|
"url" : "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-073.php"
|
|
},
|
|
{
|
|
"name" : "DSA-185",
|
|
"refsource" : "DEBIAN",
|
|
"url" : "http://www.debian.org/security/2002/dsa-185"
|
|
},
|
|
{
|
|
"name" : "DSA-184",
|
|
"refsource" : "DEBIAN",
|
|
"url" : "http://www.debian.org/security/2002/dsa-184"
|
|
},
|
|
{
|
|
"name" : "DSA-183",
|
|
"refsource" : "DEBIAN",
|
|
"url" : "http://www.debian.org/security/2002/dsa-183"
|
|
},
|
|
{
|
|
"name" : "CLA-2002:534",
|
|
"refsource" : "CONECTIVA",
|
|
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000534"
|
|
},
|
|
{
|
|
"name" : "RHSA-2002:242",
|
|
"refsource" : "REDHAT",
|
|
"url" : "http://www.redhat.com/support/errata/RHSA-2002-242.html"
|
|
},
|
|
{
|
|
"name" : "NetBSD-SA2002-026",
|
|
"refsource" : "NETBSD",
|
|
"url" : "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-026.txt.asc"
|
|
},
|
|
{
|
|
"name" : "20021027 KRB5-SORCERER2002-10-27 Security Update",
|
|
"refsource" : "BUGTRAQ",
|
|
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-10/0399.html"
|
|
},
|
|
{
|
|
"name" : "20021028 GLSA: krb5",
|
|
"refsource" : "BUGTRAQ",
|
|
"url" : "http://marc.info/?l=bugtraq&m=103582517126392&w=2"
|
|
},
|
|
{
|
|
"name" : "kerberos-kadmind-bo(10430)",
|
|
"refsource" : "XF",
|
|
"url" : "http://www.iss.net/security_center/static/10430.php"
|
|
},
|
|
{
|
|
"name" : "6024",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/6024"
|
|
}
|
|
]
|
|
}
|
|
}
|