FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

krb5 -- MITKRB5-SA-2011-003, KDC vulnerable to double-free when PKINIT enabled

Affected packages
1.7 <= krb5 < 1.7.2
1.8 <= krb5 < 1.8.4
krb5 = 1.9

Details

VuXML ID 7edac52a-66cd-11e0-9398-5d45f3aa24f0
Discovery 2011-03-15
Entry 2011-04-14

An advisory published by the MIT Kerberos team says:

The MIT Kerberos 5 Key Distribution Center (KDC) daemon is vulnerable to a double-free condition if the Public Key Cryptography for Initial Authentication (PKINIT) capability is enabled, resulting in daemon crash or arbitrary code execution (which is believed to be difficult).

An unauthenticated remote attacker can induce a double-free event, causing the KDC daemon to crash (denial of service), or to execute arbitrary code. Exploiting a double-free event to execute arbitrary code is believed to be difficult.

References

CVE Name CVE-2011-0284
URL http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-003.txt