CVE-2000-0390 - Vulnerability Details - OpenCVE

Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cygnus	Cygnus Network Security Kerbnet
Mit	Kerberos Kerberos 5
Redhat	Linux

Configuration 1 [-]

OR	cpe:2.3:a:cygnus:cygnus_network_security:4.0:::::::*
	cpe:2.3:a:cygnus:kerbnet:5.0:::::::*
	cpe:2.3:a:mit:kerberos:4.0:::::::*
	cpe:2.3:a:mit:kerberos_5:1.0:::::::*
	cpe:2.3:a:mit:kerberos_5:1.1.1:::::::*

Configuration 2 [-]

OR	cpe:2.3:o:redhat:linux:6.2::alpha:::::
	cpe:2.3:o:redhat:linux:6.2::i386:::::
	cpe:2.3:o:redhat:linux:6.2::sparc:::::

No data.

References

Link	Providers
http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html
http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html
http://www.cert.org/advisories/CA-2000-06.html
http://www.osvdb.org/4884
http://www.redhat.com/support/errata/RHSA-2000-025.html
http://www.securityfocus.com/bid/1220
https://www.cve.org/CVERecord?id=CVE-2000-0390

History

Wed, 28 May 2025 14:30:00 +0000

Type	Values Removed	Values Added
References		https://www.cve.org/CVERecord?id=CVE-2000-0390

Thu, 22 May 2025 04:15:00 +0000

Type	Values Removed	Values Added
References	https://nvd.nist.gov/vuln/detail/CVE-2000-0390 https://www.cve.org/CVERecord?id=CVE-2000-0390

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2000-07-12T04:00:00

Updated: 2024-08-08T05:14:21.484Z

Reserved: 2000-06-14T00:00:00

Link: CVE-2000-0390

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2000-05-16T04:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2000-0390

Redhat

Severity :

Publid Date: 2000-05-16T00:00:00Z

Links: CVE-2000-0390 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2000-05-16T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "FreeBSD-SA-00:20", "tags": ["vendor-advisory", "x_refsource_FREEBSD"], "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html"}, {"name": "RHSA-2000:025", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html"}, {"name": "4884", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/4884"}, {"name": "CA-2000-06", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.cert.org/advisories/CA-2000-06.html"}, {"name": "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html"}, {"name": "1220", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/1220"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0390", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "FreeBSD-SA-00:20", "refsource": "FREEBSD", "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html"}, {"name": "RHSA-2000:025", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html"}, {"name": "4884", "refsource": "OSVDB", "url": "http://www.osvdb.org/4884"}, {"name": "CA-2000-06", "refsource": "CERT", "url": "http://www.cert.org/advisories/CA-2000-06.html"}, {"name": "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html"}, {"name": "1220", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1220"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T05:14:21.484Z"}, "title": "CVE Program Container", "references": [{"name": "FreeBSD-SA-00:20", "tags": ["vendor-advisory", "x_refsource_FREEBSD", "x_transferred"], "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html"}, {"name": "RHSA-2000:025", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html"}, {"name": "4884", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/4884"}, {"name": "CA-2000-06", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.cert.org/advisories/CA-2000-06.html"}, {"name": "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html"}, {"name": "1220", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/1220"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0390", "datePublished": "2000-07-12T04:00:00", "dateReserved": "2000-06-14T00:00:00", "dateUpdated": "2024-08-08T05:14:21.484Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cygnus:cygnus_network_security:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "05857121-8827-45FD-886F-4269E0336036", "vulnerable": true}, {"criteria": "cpe:2.3:a:cygnus:kerbnet:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE1B0821-64F1-46E3-8DD3-12FFD1B037F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mit:kerberos:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "AFB8BD89-F049-4C3B-8744-E8D00D752DE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "08FA60A9-10E1-4ACD-819C-17801FAD7671", "vulnerable": true}, {"criteria": "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges."}], "id": "CVE-2000-0390", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2000-05-16T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html"}, {"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.cert.org/advisories/CA-2000-06.html"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/4884"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1220"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.cert.org/advisories/CA-2000-06.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/4884"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1220"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}