APP: Kerberos Heap Double Free
This signature detects attempts to exploit a known "double free" vulnerability in the Kerberos protocol. A successful attack can lead to remote arbitrary code execution. Note: this signature should not be utilized on a network running Kerberos 5 1.1 or higher.
Extended Description
MIT Kerberos 5 is prone to a remote double-free vulnerability. Remote attackers can trigger this issue prior to any authentication whatsoever. The issue exists in the 'revcauth_common()' helper function. Because of the code path taken in the vulnerable function, exploitation may be hindered. However, attackers may presumably leverage this issue to execute arbitrary code in the context of the affected service. Note that successful exploitation of this issue on a Kerberos Key Distribution Center (KDC) computer may result in the compromise of an entire Kerberos realm.
Affected Products
Mandriva corporate_server
References
BugTraq: 14239
CVE: CVE-2005-1689
URL: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-003-recvauth.txt http://www.kb.cert.org/vuls/id/623332
Short Name
APP:KERBEROS:DBLFREE
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
CVE-2005-1689 Double Free Heap Kerberos bid:14239
Release Date
07/18/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3727
Port
TCP/543
False Positive
Unknown
Vendors
Red_hat
Conectiva
Suse
Gentoo
Trustix
Sun
Hp
Turbolinux
Mit
Sgi
Ubuntu
Mandriva
Debian
Apple
CVSS Score
7.5