7.5
CVSSv2

CVE-2005-1689

Published: 18/07/2005 Updated: 21/01/2020
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and previous versions allows remote malicious users to execute arbitrary code via certain error conditions.

Vulnerable Product Search on Vulmon Subscribe to Product

mit kerberos 5 1.3

mit kerberos 5 1.3.1

mit kerberos 5 1.3.2

mit kerberos 5 1.3.3

mit kerberos 5 1.3.4

mit kerberos 5 1.3.5

mit kerberos 5 1.3.6

mit kerberos 5 1.4

mit kerberos 5 1.4.1

Vendor Advisories

Synopsis krb5 security update Type/Severity Security Advisory: Important Topic Updated krb5 packages that fix multiple security issues are now availablefor Red Hat Enterprise Linux 4This update has been rated as having important security impact by the RedHat Security Response Team Description ...
Synopsis krb5 security update Type/Severity Security Advisory: Critical Topic Updated krb5 packages which fix multiple security issues are now availablefor Red Hat Enterprise Linux 21 and 3This update has been rated as having critical security impact by the RedHat Security Response Team[Updated 26 Sep 20 ...
Daniel Wachdorf reported two problems in the MIT krb5 distribution used for network authentication First, the KDC program from the krb5-kdc package can corrupt the heap by trying to free memory which has already been freed on receipt of a certain TCP connection This vulnerability can cause the KDC to crash, leading to a denial of service [CAN-20 ...
Ga´┐Żl Delalleau discovered a buffer overflow in the env_opt_add() function of the Kerberos 4 and 5 telnet clients By sending specially crafted replies, a malicious telnet server could exploit this to execute arbitrary code with the privileges of the user running the telnet client (CVE-2005-0468) ...

References

CWE-119ftp://patches.sgi.com/support/free/security/advisories/20050703-01-U.aschttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000993http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2005/Aug/msg00000.htmlhttp://marc.info/?l=bugtraq&m=112119974704542&w=2http://secunia.com/advisories/16041http://secunia.com/advisories/17135http://secunia.com/advisories/17899http://secunia.com/advisories/22090http://securitytracker.com/id?1014461http://sunsolve.sun.com/search/document.do?assetkey=1-26-101810-1http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-003-recvauth.txthttp://www.debian.org/security/2005/dsa-757http://www.gentoo.org/security/en/glsa/glsa-200507-11.xmlhttp://www.kb.cert.org/vuls/id/623332http://www.novell.com/linux/security/advisories/2005_17_sr.htmlhttp://www.redhat.com/support/errata/RHSA-2005-562.htmlhttp://www.redhat.com/support/errata/RHSA-2005-567.htmlhttp://www.securityfocus.com/archive/1/446940/100/0/threadedhttp://www.securityfocus.com/bid/14239http://www.trustix.org/errata/2005/0036http://www.turbolinux.com/security/2005/TLSA-2005-78.txthttp://www.vupen.com/english/advisories/2005/1066http://www.vupen.com/english/advisories/2006/3776https://exchange.xforce.ibmcloud.com/vulnerabilities/21055https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9819https://usn.ubuntu.com/224-1/https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2005-1689https://access.redhat.com/errata/RHSA-2005:567https://nvd.nist.govhttps://www.kb.cert.org/vuls/id/623332