Red Hat Inc. Information for VU#623332
MIT Kerberos 5 contains double free vulnerability in "krb5_recvauth()" function
- Vendor Information Help Date Notified: 06 Jun 2005
- Statement Date:
- Date Updated: 12 Jul 2005
Red Hat, Inc
This issue affects the Kerberos packages shipped with Red Hat Enterprise
Linux. For Red Hat Enterprise Linux 2.1 and Red Hat Enterprise Linux 3
this issue is critical severity. Please see our advisory for more
Red Hat Enterprise Linux 4 contains checks within glibc that detect
double-free flaws. Therefore on Red Hat Enterprise Linux 4 successful
exploitation of this issue can only lead to a denial of service (KDC
crash) which is important severity. Please see our advisory for more
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.