Vulnerabilities > CVE-1999-1296 - Unspecified vulnerability in MIT Kerberos 5 1.5.2

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

mit

NVD

Published: 1997-04-29

Updated: 2020-01-21

Summary

Buffer overflow in Kerberos IV compatibility libraries as used in Kerberos V allows local users to gain root privileges via a long line in a kerberos configuration file, which can be specified via the KRB_CONF environmental variable.

Vulnerable Configurations

Part	Description	Count
Application	Mit MIT Kerberos 5 1.5.2	1

References

http://marc.info/?l=bugtraq&m=87602167420878&w=2