CVE-2005-1174
published 2005-07-18CVE-2005-1174: MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain…
PriorityP417medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
5.22%
91.5th percentile
MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | krb5 | < krb5 1.3.6-4 (bookworm) | krb5 1.3.6-4 (bookworm) |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | krb5 | >= 0 < 1.3.6-4 | 1.3.6-4 |
| mit | krb5 | >= 0 < 1.3.6-4 | 1.3.6-4 |
| mit | krb5 | >= 0 < 1.3.6-4 | 1.3.6-4 |
| mit | krb5 | >= 0 < 1.3.6-4 | 1.3.6-4 |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_ubuntu7.5HIGH
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-33qx-rqvh-638r: MIT Kerberos 5 (krb5) 1
ghsa_unreviewed·2022-05-03
CVE-2005-1174 [MEDIUM] GHSA-33qx-rqvh-638r: MIT Kerberos 5 (krb5) 1
MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory.
OSV
CVE-2005-1174: MIT Kerberos 5 (krb5) 1
osv·2005-07-18·CVSS 5.0
CVE-2005-1174 [MEDIUM] CVE-2005-1174: MIT Kerberos 5 (krb5) 1
MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory.
Ubuntu
Kerberos vulnerabilities
vendor_ubuntu·2005-12-06·CVSS 7.5
CVE-2005-0468 [HIGH] Kerberos vulnerabilities
Title: Kerberos vulnerabilities
Summary: Kerberos vulnerabilities
Gaël Delalleau discovered a buffer overflow in the env_opt_add()
function of the Kerberos 4 and 5 telnet clients. By sending specially
crafted replies, a malicious telnet server could exploit this to
execute arbitrary code with the privileges of the user running the
telnet client. (CVE-2005-0468)
Gaël Delalleau discovered a buffer overflow in the handling of the
LINEMODE suboptions in the telnet clients of Kerberos 4 and 5. By
sending a specially constructed reply containing a large number of SLC
(Set Local Character) commands, a remote attacker (i. e. a malicious
telnet server) could execute arbitrary commands with the privileges of
the user running the telnet client. (CVE-2005-0469)
Daniel Wachdorf discovered two remot
Red Hat
security flaw
vendor_redhat·2005-07-12·CVSS 5.0
CVE-2005-1174 [MEDIUM] security flaw
security flaw
MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory.
Debian
CVE-2005-1174: krb5 - MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows rem...
vendor_debian·2005·CVSS 5.0
CVE-2005-1174 [MEDIUM] CVE-2005-1174: krb5 - MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows rem...
MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory.
Scope: local
bookworm: resolved (fixed in 1.3.6-4)
bullseye: resolved (fixed in 1.3.6-4)
forky: resolved (fixed in 1.3.6-4)
sid: resolved (fixed in 1.3.6-4)
trixie: resolved (fixed in 1.3.6-4)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2005-1174 security flaw
bugzilla·2018-08-16·CVSS 5.0
CVE-2005-1174 [MEDIUM] CVE-2005-1174 security flaw
CVE-2005-1174 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory.
Bugzilla
CVE-2011-0284 krb5 (krb5kdc): Double-free flaw by handling error messages upon receiving certain AS_REQ's (MITKRB5-SA-2011-003)
bugzilla·2011-02-01·CVSS 5.0
CVE-2011-0284 [MEDIUM] CVE-2011-0284 krb5 (krb5kdc): Double-free flaw by handling error messages upon receiving certain AS_REQ's (MITKRB5-SA-2011-003)
CVE-2011-0284 krb5 (krb5kdc): Double-free flaw by handling error messages upon receiving certain AS_REQ's (MITKRB5-SA-2011-003)
A double-free flaw was found in the way the MIT Kerberos
KDC handled initial authentication requests (AS-REQ), when
the KDC was configured to provide the PKINIT capability.
A remote attacker could use this flaw to cause the KDC
daemon to abort by using a specially-crafted AS-REQ request.
Different vulnerability than CVE-2010-1320 and CVE-2005-1174.
Discussion:
Created attachment 476397
Proposed patch from Nalin Dahyabhai to fix the issue
---
This issue did NOT affect the versions of the krb5 package, as shipped
with Red Hat Enterprise Linux 3, 4, or 5.
This issue affects the version of the krb5 package, as shipped
with Red Hat Enterprise Linux 6.
--
This i
Bugzilla
CAN-2004-1009 Multiple mc issues (CAN-2004-1090 CAN-2004-1091 CAN-2004-1093 CAN-2004-1174 CAN-2004-1175 CAN-2005-0763)
bugzilla·2005-05-24
[MEDIUM] CAN-2004-1009 Multiple mc issues (CAN-2004-1090 CAN-2004-1091 CAN-2004-1093 CAN-2004-1174 CAN-2004-1175 CAN-2005-0763)
CAN-2004-1009 Multiple mc issues (CAN-2004-1090 CAN-2004-1091 CAN-2004-1093 CAN-2004-1174 CAN-2004-1175 CAN-2005-0763)
During the FC4 security audit, we came across a number of mc issues that have
not been fixed. The CVE id's in the Summary is all we know at the moment.
Jindrich, what do you think will be the easiest way to fix all these?
Discussion:
Hello Josh,
There's Fedora Legacy bug 152889, where some things related to these issues are
discussed and some of the patches might be ported to our RHEL-2.1 mc. I'm not
sure at the moment whether all the fixes are incorporated there. I'll have a
closer look into this.
---
*** Bug 153985 has been marked as a duplicate of this bug. ***
---
Josh,
I backported fixes for CAN-2004-1009, CAN-2004-1090, CAN-2004-1091,
CAN-2004-1093, CAN-200
ftp://patches.sgi.com/support/free/security/advisories/20050703-01-U.aschttp://lists.apple.com/archives/security-announce/2005//Aug/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2005/Aug/msg00000.htmlhttp://marc.info/?l=bugtraq&m=112122123211974&w=2http://secunia.com/advisories/16041http://secunia.com/advisories/17899http://secunia.com/advisories/20364http://securitytracker.com/id?1014460http://sunsolve.sun.com/search/document.do?assetkey=1-26-101809-1http://web.mit.edu/kerberos/advisories/2005-002-patch_1.4.1.txthttp://www-1.ibm.com/support/docview.wss?uid=swg1IY85474http://www.debian.org/security/2005/dsa-757http://www.kb.cert.org/vuls/id/259798http://www.novell.com/linux/security/advisories/2005_17_sr.htmlhttp://www.redhat.com/support/errata/RHSA-2005-567.htmlhttp://www.securityfocus.com/bid/14240http://www.trustix.org/errata/2005/0036http://www.turbolinux.com/security/2005/TLSA-2005-78.txthttp://www.vupen.com/english/advisories/2005/1066http://www.vupen.com/english/advisories/2006/2074https://exchange.xforce.ibmcloud.com/vulnerabilities/21327https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10229https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A397https://usn.ubuntu.com/224-1/ftp://patches.sgi.com/support/free/security/advisories/20050703-01-U.aschttp://lists.apple.com/archives/security-announce/2005//Aug/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2005/Aug/msg00000.htmlhttp://marc.info/?l=bugtraq&m=112122123211974&w=2http://secunia.com/advisories/16041http://secunia.com/advisories/17899http://secunia.com/advisories/20364http://securitytracker.com/id?1014460http://sunsolve.sun.com/search/document.do?assetkey=1-26-101809-1http://web.mit.edu/kerberos/advisories/2005-002-patch_1.4.1.txthttp://www-1.ibm.com/support/docview.wss?uid=swg1IY85474http://www.debian.org/security/2005/dsa-757http://www.kb.cert.org/vuls/id/259798http://www.novell.com/linux/security/advisories/2005_17_sr.htmlhttp://www.redhat.com/support/errata/RHSA-2005-567.htmlhttp://www.securityfocus.com/bid/14240http://www.trustix.org/errata/2005/0036http://www.turbolinux.com/security/2005/TLSA-2005-78.txthttp://www.vupen.com/english/advisories/2005/1066http://www.vupen.com/english/advisories/2006/2074https://exchange.xforce.ibmcloud.com/vulnerabilities/21327https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10229https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A397https://usn.ubuntu.com/224-1/
2005-07-18
Published