Unrated severityNVD Advisory· Published Sep 28, 2004· Updated Apr 16, 2026
CVE-2004-0642
CVE-2004-0642
Description
Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code.
Affected products
5- cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txtnvdPatchVendor Advisory
- marc.infonvdIssue TrackingThird Party Advisory
- rhn.redhat.com/errata/RHSA-2004-350.htmlnvdThird Party Advisory
- www.debian.org/security/2004/dsa-543nvdMailing ListThird Party Advisory
- www.gentoo.org/security/en/glsa/glsa-200409-09.xmlnvdMailing ListThird Party Advisory
- www.kb.cert.org/vuls/id/795632nvdThird Party AdvisoryUS Government Resource
- www.securityfocus.com/bid/11078nvdBroken LinkThird Party AdvisoryVDB Entry
- www.us-cert.gov/cas/techalerts/TA04-247A.htmlnvdBroken LinkThird Party AdvisoryUS Government Resource
- exchange.xforce.ibmcloud.com/vulnerabilities/17157nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10709nvdBroken LinkThird Party Advisory
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4936nvdBroken LinkThird Party Advisory
- distro.conectiva.com.br/atualizacoes/nvdBroken Link
- www.trustix.net/errata/2004/0045/nvdBroken Link
News mentions
0No linked articles in our index yet.