Bug 86768 - (CVE-2005-1689) VUL-0: CVE-2005-1689: krb5 double free() (CAN-2005-1689, MITKRB5-SA-2005-003)
VUL-0: CVE-2005-1689: krb5 double free() (CAN-2005-1689, MITKRB5-SA-2005-003)
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
Other All
: P5 - None : Normal
: ---
Assigned To: Security Team bot
Security Team bot
CVE-2005-1689: CVSS v2 Base Score: 7....
Depends on:
  Show dependency treegraph
Reported: 2005-06-02 09:13 UTC by Thomas Biege
Modified: 2021-10-04 08:50 UTC (History)
3 users (show)

See Also:
Found By: Other
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Patch for this security Bug (578 bytes, patch)
2005-06-03 08:10 UTC, Michael Calmer
Details | Diff
patchinfo-box.krb5 (1.07 KB, application/octet-stream)
2005-06-03 08:54 UTC, Thomas Biege

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Biege 2005-06-02 09:13:46 UTC
To: cert@cert.org, vendor-sec@lst.de
From: Tom Yu <tlyu@MIT.EDU>
Old-Content-Type: text/plain; charset=us-ascii
Subject: [vendor-sec] confidential - pending security advisory MITKRB5-SA-2005-003
Errors-To: vendor-sec-admin@lst.de
Date: Wed, 01 Jun 2005 15:31:47 -0400

[-- PGP Ausgabe folgt (aktuelle Zeit: Do 02 Jun 2005 11:02:44 CEST) --]
gpg: Unterschrift vom Mi 01 Jun 2005 21:31:50 CEST, DSA SchlÃŒssel ID 2E2F668E
gpg: Unterschrift kann nicht geprÃŒft werden: Ãffentlicher SchlÃŒssel nicht gefunden

[-- Ende der PGP-Ausgabe --]


The MIT Kerberos Development Team is aware of the following
vulnerability in the MIT krb5 software.  Please do not publicly
disseminate this information prior to our public disclosure.

Our current target date for public disclosure is 12 July 2005.
Vendors should contact tlyu@mit.edu via PGP-encrypted email for
details and patches.  Some vendors already known to the MIT Kerberos
Development Team have been notified previously.  This is a separate
vulnerability from those described in MITKRB5-SA-2005-002.

Please let me know if you have any concerns about the release date.

Advisory MITKRB5-SA-2005-003 concerns the following vulnerability:

CAN-2005-1689: Unauthenticated attacker can cause krb5_recvauth()
function to free a block of memory twice, possibly leading to
arbitrary code execution.

This vulnerability is classified as CRITICAL due to the potential to
compromise a KDC host.

Vendor Security mailing list
Comment 1 Thomas Biege 2005-06-02 09:14:51 UTC
would you like to contact them and ask for the patches? Thanks.
Comment 2 Michael Calmer 2005-06-02 14:30:22 UTC
The mail is out. 
Comment 3 Michael Calmer 2005-06-03 08:10:15 UTC
Created attachment 38580 [details]
Patch for this security Bug
Comment 4 Michael Calmer 2005-06-03 08:11:06 UTC
I got the patch from Tom Yu. It is attached. 
Comment 5 Thomas Biege 2005-06-03 08:18:04 UTC

I'll prepare the pinfo files and create a swamp id.
Comment 6 Michael Calmer 2005-06-03 08:29:48 UTC
> public disclosure is 12 July 2005 
The other security bug (Bug #80574) has a disclose date of 5 July. 
What do you think. Do we have to made two security updates. Or is one enough? 
Comment 7 Thomas Biege 2005-06-03 08:33:45 UTC
Let's just make one release.
Comment 8 Thomas Biege 2005-06-03 08:42:46 UTC
Comment 9 Thomas Biege 2005-06-03 08:54:38 UTC
Created attachment 38582 [details]
Comment 10 Thomas Biege 2005-06-07 09:08:42 UTC
Comment 11 Michael Calmer 2005-06-28 10:16:35 UTC
Package is submitted 
Comment 12 Ludwig Nussel 2005-07-13 07:33:13 UTC
updates released  
Comment 13 Thomas Biege 2009-10-13 21:25:44 UTC
CVE-2005-1689: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)