Unauthenticated attacker can cause MIT krb5 Key Distribution Center (KDC) to overflow a heap buffer by one byte, possibly leading to arbitrary code execution.
Kerberos is a network authentication system which uses a trusted third party (a KDC) to authenticate clients and servers to each other. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. MIT Kerberos code is used in network applications from a variety of different vendors and is included in many UNIX and Linux distributions.
The MIT krb5 Security Advisory 2005-002 issued 2005 July 12, available from
An unauthenticated attacker may be able to use this vulnerability to execute arbitrary code on the KDC host, potentially compromising an entire Kerberos realm. No exploit code is known to exist at this time. According to the MIT krb5 Security Advisory 2005-002 this vulnerability affects KDC implementations and application servers in all MIT krb5 releases, up to and including krb5-1.4.1. Third-party application servers which use MIT krb5 are also affected.
Apply patches available from your vendor. Details of the patch are also available from
Red Hat Inc. Affected
Sun Microsystems Inc. Affected
F5 Networks Not Affected
Juniper Networks Not Affected
Microsoft Corporation Not Affected
Apple Computer Inc. Unknown
Cray Inc. Unknown
EMC Corporation Unknown
Ingrian Networks Unknown
KTH Kerberos Unknown
MontaVista Software Unknown
NEC Corporation Unknown
Openwall GNU/*/Linux Unknown
Sony Corporation Unknown
SuSE Inc. Unknown
Wind River Systems Inc. Unknown
This vulnerability was reported by the MIT Kerberos Development Team. The MIT Kerberos Development Team thank Daniel Wachdorf for reporting this vulnerability.
This document was written by Robert Mead based on information in the MIT krb5 Security Advisory 2005-002.
|Date First Published:||2005-07-13|
|Date Last Updated:||2005-07-13 15:15 UTC|