Bugzilla – Bug 86768
VUL-0: CVE-2005-1689: krb5 double free() (CAN-2005-1689, MITKRB5-SA-2005-003)
Last modified: 2021-10-04 08:50:07 UTC
To: firstname.lastname@example.org, email@example.com
From: Tom Yu <tlyu@MIT.EDU>
Old-Content-Type: text/plain; charset=us-ascii
Subject: [vendor-sec] confidential - pending security advisory MITKRB5-SA-2005-003
Date: Wed, 01 Jun 2005 15:31:47 -0400
[-- PGP Ausgabe folgt (aktuelle Zeit: Do 02 Jun 2005 11:02:44 CEST) --]
gpg: Unterschrift vom Mi 01 Jun 2005 21:31:50 CEST, DSA SchlÃŒssel ID 2E2F668E
gpg: Unterschrift kann nicht geprÃŒft werden: Ãffentlicher SchlÃŒssel nicht gefunden
[-- Ende der PGP-Ausgabe --]
[-- BEGIN PGP SIGNED MESSAGE --]
The MIT Kerberos Development Team is aware of the following
vulnerability in the MIT krb5 software. Please do not publicly
disseminate this information prior to our public disclosure.
Our current target date for public disclosure is 12 July 2005.
Vendors should contact firstname.lastname@example.org via PGP-encrypted email for
details and patches. Some vendors already known to the MIT Kerberos
Development Team have been notified previously. This is a separate
vulnerability from those described in MITKRB5-SA-2005-002.
Please let me know if you have any concerns about the release date.
Advisory MITKRB5-SA-2005-003 concerns the following vulnerability:
CAN-2005-1689: Unauthenticated attacker can cause krb5_recvauth()
function to free a block of memory twice, possibly leading to
arbitrary code execution.
This vulnerability is classified as CRITICAL due to the potential to
compromise a KDC host.
[-- END PGP SIGNED MESSAGE --]
Vendor Security mailing list
would you like to contact them and ask for the patches? Thanks.
The mail is out.
Created attachment 38580 [details]
Patch for this security Bug
I got the patch from Tom Yu. It is attached.
I'll prepare the pinfo files and create a swamp id.
> public disclosure is 12 July 2005
The other security bug (Bug #80574) has a disclose date of 5 July.
What do you think. Do we have to made two security updates. Or is one enough?
Let's just make one release.
Created attachment 38582 [details]
Package is submitted
CVE-2005-1689: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)