Description
Kerberos 4 KDC program improperly frees memory twice (aka "double-free"), which allows remote attackers to cause a denial of service.
References (6)
Core 6
Core References
Various Sources x_refsource_confirm
http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt
Patch, Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert
http://www.cert.org/advisories/CA-2000-11.html
Various Sources third-party-advisory
government-resource
x_refsource_ciac
http://ciac.llnl.gov/ciac/bulletins/k-051.shtml
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2000-031.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/1465
Scores
EPSS
0.0307
EPSS Percentile
86.9%
Details
Status
published
Products (6)
cygnus/cygnus_network_security
4.0
cygnus/kerbnet
5.0
mit/kerberos
4.0
mit/kerberos_5
1.0
mit/kerberos_5
1.1
mit/kerberos_5
1.1.1
Published
Jun 09, 2000
Tracked Since
Feb 18, 2026