LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Highlights from the PostgreSQL 9.2 beta

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

krb5: double-free and ASN.1 parsing

Package(s):krb5 CVE #(s):CAN-2004-0642 CAN-2004-0643 CAN-2004-0644 CAN-2004-0772
Created:August 31, 2004 Updated:September 21, 2004
Description: Several double-free bugs were found in the Kerberos 5 KDC and libraries. A remote attacker could potentially exploit these flaws to execute arbitrary code. See CAN-2004-0642, CAN-2004-0643 and CAN-2004-0772. An infinite loop bug was found in the Kerberos 5 ASN.1 decoder library. A remote attacker may be able to trigger this flaw and cause a denial of service. See CAN-2004-0644. See this CERT advisory for additional information.
Alerts:
Whitebox WBSA-2004:350-01 2004-09-20
OpenPKG OpenPKG-SA-2004.039 2004-09-13
Conectiva CLA-2004:860 2004-09-09
Gentoo 200409-09 2004-09-06
Trustix TSLSA-2004-0045 2004-09-02
Mandrake MDKSA-2004:088 2004-08-31
Debian DSA-543-1 2004-08-31
Fedora FEDORA-2004-277 2004-08-31
Fedora FEDORA-2004-276 2004-08-31
Red Hat RHSA-2004:350-01 2004-08-31
Red Hat RHSA-2004:448-01 2004-08-31
(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds