Sign in Get started

← All advisories

Unrated severityNVD Advisory· Published Sep 28, 2004· Updated Apr 16, 2026

CVE-2004-0643

CVE-2004-0643

Description

Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.

Affected products

5

Mit/Kerberos 5
cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*
Range: <=1.3.3
Debian/Debian Linux
cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Desktop
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Server
cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Workstation
cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

13

web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txtnvdPatchVendor Advisory
marc.infonvdIssue TrackingThird Party Advisory
rhn.redhat.com/errata/RHSA-2004-350.htmlnvdThird Party Advisory
www.debian.org/security/2004/dsa-543nvdThird Party Advisory
www.gentoo.org/security/en/glsa/glsa-200409-09.xmlnvdVendor Advisory
www.kb.cert.org/vuls/id/866472nvdThird Party AdvisoryUS Government Resource
www.securityfocus.com/bid/11078nvdThird Party AdvisoryVDB Entry
www.us-cert.gov/cas/techalerts/TA04-247A.htmlnvdThird Party AdvisoryUS Government Resource
exchange.xforce.ibmcloud.com/vulnerabilities/17159nvdThird Party AdvisoryVDB Entry
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10267nvdBroken LinkThird Party Advisory
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3322nvdBroken LinkThird Party Advisory
distro.conectiva.com.br/atualizacoes/nvdBroken Link
www.trustix.net/errata/2004/0045/nvdBroken Link

News mentions

0

No linked articles in our index yet.