VDB
CVE-2005-1175
CVE-2005-1175
PUBLISHED
CVSS 7.5 HIGH
Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP request.
EPSS 45.40% · 97.7th percentile
Risk Scores
CVSS v2.0
7.5
EPSS Score
45.40%
97.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| mit | kerberos_5 | 1.3, 1.3.1, 1.3.2 |
Timeline
- Jul 17, 2005 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 3, 2022 CVE Updated
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 1, 2023 EPSS Score
- May 24, 2023 EPSS Score
- Jul 15, 2023 EPSS Score
References
- kerberos-kdc-krb5-udp-tcp-bo(21328) vdb
- 20364 third-party-advisory
- RHSA-2005:567 vendor-advisory
- oval:org.mitre.oval:def:736 vdb
- SUSE-SR:2005:017 vendor-advisory
- 14236 vdb
- 20050712 MITKRB5-SA-2005-002: buffer overflow, heap corruption in KDC mailing-list
- 1014460 vdb
- ADV-2006-2074 vdb
- RHSA-2005:562 vendor-advisory
- 101809 vendor-advisory
- TLSA-2005-78 vendor-advisory
- IY85474 vendor-advisory
- oval:org.mitre.oval:def:9902 vdb
- 20050703-01-U vendor-advisory
- 16041 third-party-advisory
- USN-224-1 vendor-advisory
- http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-002-kdc.txt url
- DSA-757 vendor-advisory
- APPLE-SA-2005-08-15 vendor-advisory
…and 8 more