CVE-2001-0094

Description

Buffer overflow in kdc_reply_cipher of libkrb (Kerberos 4 authentication library) in NetBSD 1.5 and FreeBSD 4.2 and earlier, as used in Kerberised applications such as telnetd and login, allows local users to gain root privileges.

Affected Software
References

Software	From	Fixed in
freebsd / freebsd	1.5	1.5.x

ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:25.kerberosIV.asc
ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-017.txt.asc
https://exchange.xforce.ibmcloud.com/vulnerabilities/5734

Severity: High

CVE: CVE-2001-0094
Published: Feb 12, 2001
Updated: Apr 13, 2023
Exploit:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CVE-2001-0094

Description

Details

CVSS v2