CVE-2001-1323

Name: CVE-2001-1323
Creator: NVD / NIST
Published: 2001-05-16T04:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 4.05%

Last modified Jun 16, 2026

CVE-2001-1323 is a vulnerability of currently unknown severity. Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via base-64 encoded data, which is not properly handled when the radix_encode function processes file glob output from the ftpglob function.. EPSS estimates a 4.05% chance of exploitation in the next 30 days.

Description

Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via base-64 encoded data, which is not properly handled when the radix_encode function processes file glob output from the ftpglob function.

Metrics

EPSS Probability

4.05%

89.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-120

Affected Software

Vendor	Product	Versions
Mit	Kerberos 5	< 1.2.2

References

http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-022-01Third Party Advisory
http://marc.info/?l=bugtraq&m=98826223517788&w=2Issue Tracking, Third Party Advisory
http://web.mit.edu/kerberos/www/advisories/ftpbuf.txtPatch, Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2001-060.htmlThird Party Advisory
http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-022-01Third Party Advisory
http://marc.info/?l=bugtraq&m=98826223517788&w=2Issue Tracking, Third Party Advisory
http://web.mit.edu/kerberos/www/advisories/ftpbuf.txtPatch, Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2001-060.htmlThird Party Advisory

Timeline

Published: May 16, 2001
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2001-1323?

How severe is CVE-2001-1323?

Severity scoring for CVE-2001-1323 is pending analysis. The EPSS model estimates a 4.05% probability of exploitation in the next 30 days.

How do I fix CVE-2001-1323?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2001-1323?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST