CyberSec.Space Logo
返回 CVE 浏览器

CVE-2002-0600

HIGH
7.5
CVSS Severity Score
EPSS Score0.0390%
EPSS Percentile44.79th
Published2002年6月18日
Last Modified2026年4月16日

Vulnerability Description

Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote malicious servers to execute arbitrary code on the client via a long response to a passive (PASV) mode request.

Affected Platforms (CPE)

📦
Kth

Kth Kerberos

= 4_1.0.2
📦
Kth

Kth Kerberos

= 4_1.0.3
📦
Kth

Kth Kerberos

= 4_1.0.4
📦
Kth

Kth Kerberos

= 4_1.1.1
📦
Luke Mewburn

Lukemftp

= 1.5

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2002-04/0339.html
🔗 http://www.iss.net/security_center/static/8938.php
🔗 http://www.securityfocus.com/bid/4592
🔗 http://archives.neohapsis.com/archives/bugtraq/2002-04/0339.html
🔗 http://www.iss.net/security_center/static/8938.php
🔗 http://www.securityfocus.com/bid/4592

相关漏洞威胁

CVE-2002-123510.0

The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1....

CVE-2001-14447.5

The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Kerberos V (Heimdal), does not encrypt authentication and encr...

CVE-2001-00347.2

KTH Kerberos IV allows local users to specify an alternate proxy using the krb4_proxy variable, which allows the user to generate ...

CVE-2001-00357.2

Buffer overflow in the kdc_reply_cipher function in KTH Kerberos IV allows remote attackers to cause a denial of service and possi...