• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

MIT Kerberos 5 Key Distribution Center Remote Single Byte Heap Overflow Vulnerability

The Kerberos 5 Key Distribution Center (KDC) implementation of the protocol is affected by a remote single-byte heap-overflow vulnerability.

A remote unauthenticated attacker can exploit this vulnerability by sending malformed data through a request over TCP or UDP to an affected computer. This may result in memory corruption and lead to an overflow condition.

If arbitrary code execution occurs, the attacker may gain complete access to an entire Kerberos realm.

All MIT Kerberos 5 releases up to and including krb5-1.4.1 are vulnerable. Third-party application servers employing Kerberos 5 may be affected as well.