CVE-2004-0643

 

Published at: - 28-09-2004 06:00

Last modified: - 19-10-2022 04:59

Total changes: - 3

Description

Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.

Common Vulnerability Scoring System (CVSS)

AV:L/AC:L/Au:N/C:P/I:P/A:P

 

Verification logic

 

Reference

• GLSA-200409-09-Vendor Advisory
• 2004-0045-Broken Link
• http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt
• TA04-247A-Third Party Advisory, US Government Resource
• VU#866472-Third Party Advisory, US Government Resource
• DSA-543-Third Party Advisory
• RHSA-2004:350-Third Party Advisory
• 11078-Third Party Advisory, VDB Entry
• CLA-2004:860-Broken Link
• 20040913 [OpenPKG-SA-2004.039] OpenPKG Security Advisory (kerberos)-Issue Tracking, Third Party Advisory
• kerberos-krb5rdcred-double-free(17159)-Third Party Advisory, VDB Entry
• oval:org.mitre.oval:def:3322-Broken Link, Third Party Advisory
• oval:org.mitre.oval:def:10267-Broken Link, Third Party Advisory

 

Keywords

NVD

 

CVE-2004-0643

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures