CVE-2004-0434 : k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administ

k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow.

Published 2004-07-07 04:00:00

Updated 2024-02-02 03:05:48

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Exploit prediction scoring system (EPSS) score for CVE-2004-0434

Probability of exploitation activity in the next 30 days: 5.93%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 93 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2004-0434

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2004-0434

CWE-131 Incorrect Calculation of Buffer Size

The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.

Assigned by: nvd@nist.gov (Primary)
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2004-0434

http://security.gentoo.org/glsa/glsa-200405-23.xml

Heimdal: Kerberos 4 buffer overflow in kadmin (GLSA 200405-23) — Gentoo security
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/16071

Heimdal kadmind buffer overflow CVE-2004-0434 Vulnerability Report
Third Party Advisory;VDB Entry
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:09.kadmind.asc

Broken Link;Third Party Advisory
http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020998.html

[Full-Disclosure] Mailing List Charter
Broken Link;Third Party Advisory
http://marc.info/?l=bugtraq&m=108386148126457&w=2

'Advisory: Heimdal kadmind version4 remote heap overflow' - MARC
Mailing List
http://www.debian.org/security/2004/dsa-504

Debian -- The Universal Operating System
Broken Link;Patch;Third Party Advisory

Products affected by CVE-2004-0434

Debian » Debian Linux » Version: 3.0
cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
Matching versions
Heimdal Project » Heimdal
Versions before (<) 0.6.2
cpe:2.3:a:heimdal_project:heimdal:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2004-0434

Exploit prediction scoring system (EPSS) score for CVE-2004-0434

CVSS scores for CVE-2004-0434

CWE ids for CVE-2004-0434

References for CVE-2004-0434

Products affected by CVE-2004-0434