ID CVE-2004-0642
Summary Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code.
References
Vulnerable Configurations
  • cpe:2.3:a:mit:kerberos_5:-:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:-:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.0:-:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.0:-:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.0:patch_level1:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.0:patch_level1:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.0:patch_level2:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.0:patch_level2:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.0:patch_level3:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.0:patch_level3:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2:-:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2:-:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2:beta1:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2:beta2:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.3:-:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.3:-:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 02-02-2024 - 15:27)
Impact:
Exploitability:
CWE CWE-415
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
oval via4
  • accepted 2013-04-29T04:07:57.362-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    description Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code.
    family unix
    id oval:org.mitre.oval:def:10709
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code.
    version 29
  • accepted 2005-02-23T09:25:00.000-04:00
    class vulnerability
    contributors
    • name Brian Soby
      organization The MITRE Corporation
    • name Brian Soby
      organization The MITRE Corporation
    description Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code.
    family unix
    id oval:org.mitre.oval:def:4936
    status accepted
    submitted 2004-10-12T12:00:00.000-04:00
    title Kerberos 5 KDC ASN.1 Error Handling Double-free Vulnerabilities
    version 34
redhat via4
advisories
rhsa
id RHSA-2004:350
rpms
  • krb5-debuginfo-0:1.2.7-28
  • krb5-devel-0:1.2.7-28
  • krb5-libs-0:1.2.7-28
  • krb5-server-0:1.2.7-28
  • krb5-workstation-0:1.2.7-28
refmap via4
bid 11078
bugtraq 20040913 [OpenPKG-SA-2004.039] OpenPKG Security Advisory (kerberos)
cert TA04-247A
cert-vn VU#795632
conectiva CLA-2004:860
confirm http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt
debian DSA-543
gentoo GLSA-200409-09
trustix 2004-0045
xf kerberos-kdc-double-free(17157)
Last major update 02-02-2024 - 15:27
Published 28-09-2004 - 04:00
Last modified 02-02-2024 - 15:27
Back to Top