CVE-2004-0643
published 2004-09-28CVE-2004-0643: Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
PriorityP417medium4.6CVSS 2.0
AVLACLAuNCPIPAP
EPSS
1.43%
69.6th percentile
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | krb5 | < krb5 1.3.4-3 (bookworm) | krb5 1.3.4-3 (bookworm) |
| mit | kerberos_5 | <= 1.3.3 | — |
| mit | krb5 | >= 0 < 1.3.4-3 | 1.3.4-3 |
| mit | krb5 | >= 0 < 1.3.4-3 | 1.3.4-3 |
| mit | krb5 | >= 0 < 1.3.4-3 | 1.3.4-3 |
| mit | krb5 | >= 0 < 1.3.4-3 | 1.3.4-3 |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_workstation | — | — |
CVSS provenance
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
osv4.6MEDIUM
vendor_debian4.6MEDIUM
vendor_redhat4.6MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·2004-08-31·CVSS 4.6
CVE-2004-0643 [MEDIUM] security flaw
security flaw
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
Cisco
Vulnerabilities in Kerberos 5 Implementation
vendor_cisco·2004-08-31
CVE-2004-0642 Vulnerabilities in Kerberos 5 Implementation
Vulnerabilities in Kerberos 5 Implementation
Two vulnerabilities in the
Massachusetts Institute
of Technology (MIT) Kerberos 5
implementation that affect Cisco VPN 3000
Series Concentrators have been announced by the MIT Kerberos Team.
Cisco VPN 3000 Series Concentrators authenticating users against a
Kerberos Key Distribution Center (KDC) may be vulnerable to remote code
execution and to Denial of Service (DoS) attacks. Cisco has made free software
available to address these problems.
Cisco VPN 3000 Series Concentrators not authenticating users against a
Kerberos Key Distribution Center (KDC) are not impacted.
No exploitations of these vulnerabilities have been reported.
This advisory is available at
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa
Debian
CVE-2004-0643: krb5 - Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5)...
vendor_debian·2004·CVSS 4.6
CVE-2004-0643 [MEDIUM] CVE-2004-0643: krb5 - Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5)...
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
Scope: local
bookworm: resolved (fixed in 1.3.4-3)
bullseye: resolved (fixed in 1.3.4-3)
forky: resolved (fixed in 1.3.4-3)
sid: resolved (fixed in 1.3.4-3)
trixie: resolved (fixed in 1.3.4-3)
Cisco
Vulnerabilities in Kerberos 5 Implementation
vendor_cisco
CVE-2004-0643 Vulnerabilities in Kerberos 5 Implementation
CVE-2004-0643: Vulnerabilities in Kerberos 5 Implementation
Two vulnerabilities in the Massachusetts Institute of Technology (MIT) Kerberos 5 implementation that affect Cisco VPN 3000 Series Concentrators have been announced by the MIT Kerberos Team. Cisco VPN 3000 Series Concentrators authenticating users against a Kerberos Key Distribution Center (KDC) may be vulnerable to remote code execution and to Denial of Service (DoS) attacks. Cisco has made free software available to address these problems. Cisco VPN 3000 Series Concentrators not authenticating users against a Kerberos Key Distribution Center (KDC) are not impacted. No exploitations of these vulnerabilities have been reported. This advisory is available at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvis
GHSA
GHSA-2288-xjpv-v6jh: Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1
ghsa_unreviewed·2022-04-29
CVE-2004-0643 [MEDIUM] CWE-415 GHSA-2288-xjpv-v6jh: Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
OSV
CVE-2004-0643: Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1
osv·2004-09-28·CVSS 4.6
CVE-2004-0643 [MEDIUM] CVE-2004-0643: Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
No detection rules found.
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000860http://marc.info/?l=bugtraq&m=109508872524753&w=2http://rhn.redhat.com/errata/RHSA-2004-350.htmlhttp://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txthttp://www.debian.org/security/2004/dsa-543http://www.gentoo.org/security/en/glsa/glsa-200409-09.xmlhttp://www.kb.cert.org/vuls/id/866472http://www.securityfocus.com/bid/11078http://www.trustix.net/errata/2004/0045/http://www.us-cert.gov/cas/techalerts/TA04-247A.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/17159https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10267https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3322http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000860http://marc.info/?l=bugtraq&m=109508872524753&w=2http://rhn.redhat.com/errata/RHSA-2004-350.htmlhttp://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txthttp://www.debian.org/security/2004/dsa-543http://www.gentoo.org/security/en/glsa/glsa-200409-09.xmlhttp://www.kb.cert.org/vuls/id/866472http://www.securityfocus.com/bid/11078http://www.trustix.net/errata/2004/0045/http://www.us-cert.gov/cas/techalerts/TA04-247A.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/17159https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10267https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3322
2004-09-28
Published