Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-543-1
HistoryAug 31, 2004 - 12:00 a.m.

krb5 -- several vulnerabilities

2004-08-3100:00:00
Google
osv.dev
11

0.214 Low

EPSS

Percentile

96.5%

JSON

The MIT Kerberos Development Team has discovered a number of
vulnerabilities in the MIT Kerberos Version 5 software. The Common
Vulnerabilities and Exposures project identifies the following
vulnerabilities:

A double-free error may allow unauthenticated remote attackers to
execute arbitrary code on KDC or clients.

Several double-free errors may allow authenticated attackers to
execute arbitrary code on Kerberos application servers.

A remotely exploitable denial of service vulnerability has been
found in the KDC and libraries.

Several double-free errors may allow remote attackers to execute
arbitrary code on the server. This does not affect the version in
woody.

For the stable distribution (woody) these problems have been fixed in
version 1.2.4-5woody6.

For the unstable distribution (sid) these problems have been fixed in
version 1.3.4-3.

We recommend that you upgrade your krb5 packages.

Related

nessus 14
securityvulns 4
gentoo 1
openvas 8
redhat 3
debian 2
cisco 1
freebsd 2
cert 4
nvd 4
cve 4
debiancve 4
ubuntucve 4
cvelist 4
nessus
nessus
Fedora Core 1 : krb5-1.3.4-5 (2004-276)
2004-08-31 00:00:00
RHEL 3 : krb5 (RHSA-2004:350)
2004-09-01 00:00:00
GLSA-200409-09 : MIT krb5: Multiple vulnerabilities
2004-09-06 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 543-1] New krb5 packages fix several vulnerabilities
2004-09-01 00:00:00
US-CERT Technical Cyber Security Alert TA04-247A -- Vulnerabilities in MIT Kerberos 5
2004-09-04 00:00:00
MITKRB5-SA-2004-002: double-free vulnerabilities
2004-09-02 00:00:00
gentoo
gentoo
MIT krb5: Multiple vulnerabilities
2004-09-06 00:00:00
openvas
openvas
Debian Security Advisory DSA 543-1 (krb5)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200409-09 (mit-krb5)
2008-09-24 00:00:00
Debian: Security Advisory (DSA-543-1)
2008-01-17 00:00:00
redhat
redhat
(RHSA-2004:448) krb5 security update
2004-08-31 00:00:00
(RHSA-2004:350) krb5 security update
2004-08-31 00:00:00
(RHSA-2003:052) krb5 security update
2003-03-27 00:00:00
debian
debian
[SECURITY] [DSA 543-1] New krb5 packages fix several vulnerabilities
2004-08-31 17:11:20
[SECURITY] [DSA 543-1] New krb5 packages fix several vulnerabilities
2004-08-31 17:11:20
cisco
cisco
Vulnerabilities in Kerberos 5 Implementation
2004-08-31 18:30:00
freebsd
freebsd
krb5 -- double-free vulnerabilities
2004-08-31 00:00:00
krb5 -- ASN.1 decoder denial-of-service vulnerability
2004-08-31 00:00:00
cert
cert
MIT Kerberos 5 ASN.1 decoding functions insecurely deallocate memory (double-free)
2004-09-02 00:00:00
MIT Kerberos 5 ASN.1 decoding function krb5_rd_cred() insecurely deallocates memory (double-free)
2004-09-02 00:00:00
MIT Kerberos 5 ASN.1 decoding function asn1buf_skiptail() does not properly terminate loop
2004-09-02 00:00:00
nvd
nvd
CVE-2004-0643
2004-09-28 04:00:00
CVE-2004-0644
2004-09-28 04:00:00
CVE-2004-0642
2004-09-28 04:00:00
cve
cve
CVE-2004-0643
2004-09-28 04:00:00
CVE-2004-0644
2004-09-28 04:00:00
CVE-2004-0642
2004-09-28 04:00:00
debiancve
debiancve
CVE-2004-0642
2004-09-28 04:00:00
CVE-2004-0644
2004-09-28 04:00:00
CVE-2004-0643
2004-09-28 04:00:00
ubuntucve
ubuntucve
CVE-2004-0644
2004-09-28 00:00:00
CVE-2004-0643
2004-09-28 00:00:00
CVE-2004-0642
2004-09-28 00:00:00
cvelist
cvelist
CVE-2004-0643
2004-09-10 04:00:00
CVE-2004-0642
2004-09-10 04:00:00
CVE-2004-0644
2004-09-10 04:00:00

0.214 Low

EPSS

Percentile

96.5%

JSON
Related for OSV:DSA-543-1
nessus14securityvulns4gentoo1openvas8redhat3debian2cisco1freebsd2cert4nvd4cve4debiancve4ubuntucve4cvelist4