CVE-2005-1175
published 2005-07-18CVE-2005-1175: Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service…
PriorityP343high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
8.43%
94.3th percentile
Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP request.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | krb5 | < krb5 1.3.6-4 (bookworm) | krb5 1.3.6-4 (bookworm) |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | krb5 | >= 0 < 1.3.6-4 | 1.3.6-4 |
| mit | krb5 | >= 0 < 1.3.6-4 | 1.3.6-4 |
| mit | krb5 | >= 0 < 1.3.6-4 | 1.3.6-4 |
| mit | krb5 | >= 0 < 1.3.6-4 | 1.3.6-4 |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5MEDIUM
vendor_redhat7.5HIGH
vendor_ubuntu7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Kerberos vulnerabilities
vendor_ubuntu·2005-12-06·CVSS 7.5
CVE-2005-0468 [HIGH] Kerberos vulnerabilities
Title: Kerberos vulnerabilities
Summary: Kerberos vulnerabilities
Gaël Delalleau discovered a buffer overflow in the env_opt_add()
function of the Kerberos 4 and 5 telnet clients. By sending specially
crafted replies, a malicious telnet server could exploit this to
execute arbitrary code with the privileges of the user running the
telnet client. (CVE-2005-0468)
Gaël Delalleau discovered a buffer overflow in the handling of the
LINEMODE suboptions in the telnet clients of Kerberos 4 and 5. By
sending a specially constructed reply containing a large number of SLC
(Set Local Character) commands, a remote attacker (i. e. a malicious
telnet server) could execute arbitrary commands with the privileges of
the user running the telnet client. (CVE-2005-0469)
Daniel Wachdorf discovered two remot
Red Hat
security flaw
vendor_redhat·2005-07-12·CVSS 7.5
CVE-2005-1175 [HIGH] security flaw
security flaw
Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP request.
Debian
CVE-2005-1175: krb5 - Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos ...
vendor_debian·2005·CVSS 7.5
CVE-2005-1175 [HIGH] CVE-2005-1175: krb5 - Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos ...
Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP request.
Scope: local
bookworm: resolved (fixed in 1.3.6-4)
bullseye: resolved (fixed in 1.3.6-4)
forky: resolved (fixed in 1.3.6-4)
sid: resolved (fixed in 1.3.6-4)
trixie: resolved (fixed in 1.3.6-4)
GHSA
GHSA-5hv4-qhm2-g82w: Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1
ghsa_unreviewed·2022-05-03
CVE-2005-1175 [HIGH] GHSA-5hv4-qhm2-g82w: Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1
Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP request.
OSV
CVE-2005-1175: Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1
osv·2005-07-18·CVSS 7.5
CVE-2005-1175 [HIGH] CVE-2005-1175: Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1
Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP request.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2005-1175 security flaw
bugzilla·2018-08-16·CVSS 7.5
CVE-2005-1175 [HIGH] CVE-2005-1175 security flaw
CVE-2005-1175 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP request.
Bugzilla
CAN-2004-1009 Multiple mc issues (CAN-2004-1090 CAN-2004-1091 CAN-2004-1093 CAN-2004-1174 CAN-2004-1175 CAN-2005-0763)
bugzilla·2005-05-24
[MEDIUM] CAN-2004-1009 Multiple mc issues (CAN-2004-1090 CAN-2004-1091 CAN-2004-1093 CAN-2004-1174 CAN-2004-1175 CAN-2005-0763)
CAN-2004-1009 Multiple mc issues (CAN-2004-1090 CAN-2004-1091 CAN-2004-1093 CAN-2004-1174 CAN-2004-1175 CAN-2005-0763)
During the FC4 security audit, we came across a number of mc issues that have
not been fixed. The CVE id's in the Summary is all we know at the moment.
Jindrich, what do you think will be the easiest way to fix all these?
Discussion:
Hello Josh,
There's Fedora Legacy bug 152889, where some things related to these issues are
discussed and some of the patches might be ported to our RHEL-2.1 mc. I'm not
sure at the moment whether all the fixes are incorporated there. I'll have a
closer look into this.
---
*** Bug 153985 has been marked as a duplicate of this bug. ***
---
Josh,
I backported fixes for CAN-2004-1009, CAN-2004-1090, CAN-2004-1091,
CAN-2004-1093, CAN-200
ftp://patches.sgi.com/support/free/security/advisories/20050703-01-U.aschttp://lists.apple.com/archives/security-announce/2005//Aug/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2005/Aug/msg00000.htmlhttp://marc.info/?l=bugtraq&m=112122123211974&w=2http://secunia.com/advisories/16041http://secunia.com/advisories/17135http://secunia.com/advisories/17899http://secunia.com/advisories/20364http://securitytracker.com/id?1014460http://sunsolve.sun.com/search/document.do?assetkey=1-26-101809-1http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-002-kdc.txthttp://www-1.ibm.com/support/docview.wss?uid=swg1IY85474http://www.debian.org/security/2005/dsa-757http://www.kb.cert.org/vuls/id/885830http://www.novell.com/linux/security/advisories/2005_17_sr.htmlhttp://www.redhat.com/support/errata/RHSA-2005-562.htmlhttp://www.redhat.com/support/errata/RHSA-2005-567.htmlhttp://www.securityfocus.com/bid/14236http://www.trustix.org/errata/2005/0036http://www.turbolinux.com/security/2005/TLSA-2005-78.txthttp://www.vupen.com/english/advisories/2005/1066http://www.vupen.com/english/advisories/2006/2074https://exchange.xforce.ibmcloud.com/vulnerabilities/21328https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A736https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9902https://usn.ubuntu.com/224-1/ftp://patches.sgi.com/support/free/security/advisories/20050703-01-U.aschttp://lists.apple.com/archives/security-announce/2005//Aug/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2005/Aug/msg00000.htmlhttp://marc.info/?l=bugtraq&m=112122123211974&w=2http://secunia.com/advisories/16041http://secunia.com/advisories/17135http://secunia.com/advisories/17899http://secunia.com/advisories/20364http://securitytracker.com/id?1014460http://sunsolve.sun.com/search/document.do?assetkey=1-26-101809-1http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-002-kdc.txthttp://www-1.ibm.com/support/docview.wss?uid=swg1IY85474http://www.debian.org/security/2005/dsa-757http://www.kb.cert.org/vuls/id/885830http://www.novell.com/linux/security/advisories/2005_17_sr.htmlhttp://www.redhat.com/support/errata/RHSA-2005-562.htmlhttp://www.redhat.com/support/errata/RHSA-2005-567.htmlhttp://www.securityfocus.com/bid/14236http://www.trustix.org/errata/2005/0036http://www.turbolinux.com/security/2005/TLSA-2005-78.txthttp://www.vupen.com/english/advisories/2005/1066http://www.vupen.com/english/advisories/2006/2074https://exchange.xforce.ibmcloud.com/vulnerabilities/21328https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A736https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9902https://usn.ubuntu.com/224-1/
2005-07-18
Published