Vulnerability Note VU#623332
MIT Kerberos 5 contains double free vulnerability in "krb5_recvauth()" function
An unauthenticated attacker can cause krb5_recvauth() function to free a block of memory twice, possibly leading to arbitrary code execution.
Kerberos is a network authentication system that uses a trusted third party (a KDC) to authenticate clients and servers to each other. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. MIT Kerberos code is used in network applications from a variety of different vendors and is included in many UNIX and Linux distributions.
MIT krb5 Security Advisory 2005-003 issued 2005 July 12, available from
An unauthenticated attacker may be able to execute arbitrary code in the context of a program calling krb5_recvauth(). This includes the kpropd program which typically runs on slave Key Distribution Center (KDC) hosts, potentially leading to compromise of an entire Kerberos realm. For more information please see the MIT krb5 Security Advisory 2005-003.
Apply patches available from your vendor. Details of the patch are also available from
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|MiT Kerberos Development Team||Affected||-||12 Jul 2005|
|Red Hat Inc.||Affected||06 Jun 2005||12 Jul 2005|
|Sun Microsystems Inc.||Affected||06 Jun 2005||13 Jul 2005|
|Check Point||Not Affected||06 Jun 2005||09 Jun 2005|
|F5 Networks||Not Affected||06 Jun 2005||06 Jun 2005|
|Force10 Networks Inc.||Not Affected||06 Jun 2005||07 Jun 2005|
|Hitachi||Not Affected||10 May 2005||12 Jul 2005|
|Juniper Networks||Not Affected||06 Jun 2005||12 Jul 2005|
|Microsoft Corporation||Not Affected||06 Jun 2005||06 Jun 2005|
|Netfilter||Not Affected||06 Jun 2005||09 Jun 2005|
|WatchGuard||Not Affected||06 Jun 2005||12 Jul 2005|
|Apple Computer Inc.||Unknown||06 Jun 2005||12 Jul 2005|
|Connectiva||Unknown||06 Jun 2005||12 Jul 2005|
|Cray Inc.||Unknown||06 Jun 2005||12 Jul 2005|
|Debian||Unknown||06 Jun 2005||12 Jul 2005|
CVSS Metrics (Learn More)
This vulnerability was reported by the MIT Kerberos Development Team. The MIT Kerberos Development Team thanks Magnus Hagander for reporting this vulnerability.
This document was written by Robert Mead based on information in the MIT krb5 Security Advisory 2005-003.
- CVE IDs: CAN-2005-1689
- Date Public: 12 Jul 2005
- Date First Published: 13 Jul 2005
- Date Last Updated: 08 Aug 2005
- Severity Metric: 13.01
- Document Revision: 19
If you have feedback, comments, or additional information about this vulnerability, please send us email.