Search for vulnerabilities
Vulnerability details: VCID-fx5f-wxmt-aaah
Vulnerability ID VCID-fx5f-wxmt-aaah
Aliases CVE-2004-0523
Summary Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2004:236
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.13596 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.21148 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.25347 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.25347 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.25347 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.26142 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.26142 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.26142 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.26142 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.26142 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.26142 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.26142 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.26142 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.26142 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.26142 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
epss 0.26142 https://api.first.org/data/v1/epss?cve=CVE-2004-0523
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1617223
cvssv2 10.0 https://nvd.nist.gov/vuln/detail/CVE-2004-0523
Reference id Reference type URL
ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc
ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000860
http://lwn.net/Articles/88206/
http://marc.info/?l=bugtraq&m=108612325909496&w=2
http://marc.info/?l=bugtraq&m=108619161815320&w=2
http://marc.info/?l=bugtraq&m=108619250923790&w=2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0523.json
https://api.first.org/data/v1/epss?cve=CVE-2004-0523
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0523
https://exchange.xforce.ibmcloud.com/vulnerabilities/16268
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10295
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2002
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A724
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A991
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101512-1
http://www.debian.org/security/2004/dsa-520
http://www.gentoo.org/security/en/glsa/glsa-200406-21.xml
http://www.kb.cert.org/vuls/id/686862
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:056
http://www.redhat.com/support/errata/RHSA-2004-236.html
http://www.securityfocus.com/bid/10448
1617223 https://bugzilla.redhat.com/show_bug.cgi?id=1617223
cpe:2.3:a:mit:kerberos:1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos:1.0.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos:1.2.2.beta1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:1.2.2.beta1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2:beta1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2:beta1:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2:beta2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2:beta2:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*
cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*
cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:seam:1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:seam:1.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:seam:1.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:seam:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:sun:seam:1.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:seam:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:tinysofa:tinysofa_enterprise_server:1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tinysofa:tinysofa_enterprise_server:1.0:*:*:*:*:*:*:*
cpe:2.3:a:tinysofa:tinysofa_enterprise_server:1.0_u1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tinysofa:tinysofa_enterprise_server:1.0_u1:*:*:*:*:*:*:*
cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*
cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
CVE-2004-0523 https://nvd.nist.gov/vuln/detail/CVE-2004-0523
RHSA-2004:236 https://access.redhat.com/errata/RHSA-2004:236
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2004-0523
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.93629
EPSS Score 0.13596
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.