VDB

GCVE-110-CERTCC-2004-350792

GCVE-110-CERTCC-2004-350792
Advisory Published
Vulnetix · Advisory published August 31, 2004
The MIT Kerberos krb524d daemon does not securely deallocate heap memory when handling an error condition, resulting in a double-free vulnerability. An unauthenticated, remote attacker could execute arbitrary code on a system running krb524d, which in many cases is also a Kerberos Distribution Center (KDC). The compromise of a KDC system can lead to the compromise of an entire Kerberos realm. An attacker may also be able to cause a denial of service on a system running krb524d.

Risk Scores

certcc-cam
certcc-cam
impact20population9exploitation0widely_known15score_current10.276875ease_of_exploitation7

Aliases

Transitive aliases

EUVD-2004-0643GHSA-2288-xjpv-v6jhBDU:2015-08138EUVD-2002-1134DEBIAN-CVE-2003-0138CERTCC-2002-684563CVE-2003-0041BDU:2015-03374RHSA-2002:173CVE-2001-0554BDU:2015-08008DEBIAN-CVE-2004-0642ANCHORE-2003-0072CERTCC-2001-745371DSA-143BDU:2015-09453BDU:2015-08011BDU:2015-08136BDU:2015-07993ANCHORE-2001-0554DEBIAN-CVE-2002-0651RHSA-2002:197BDU:2015-08013RHSA-2003:052DEBIAN-CVE-2003-0059EUVD-2003-0054GHSA-29c9-5v6h-437jRHSA-2002:139DEBIAN-CVE-2003-0072BDU:2015-03369EUVD-2002-0645EUVD-2002-0397RHSA-2003:089BDU:2015-07908cisco-sa-20020903-vpn3k-vulnerabilityGHSA-2qf2-q2gj-r6v2BDU:2015-07995GHSA-h6r9-m8w5-h766CERTCC-2002-542971GHSA-7h7w-5gqf-34vmRHSA-2004:448CERTCC-2002-587579DEBIAN-CVE-2002-1235RHSA-2002:172GHSA-r94v-226p-r77gEUVD-2001-0546GHSA-5wqg-rq3v-7fw3GHSA-qcm3-q3pj-vw39CVE-2003-0028BDU:2015-03359DEBIAN-CVE-2002-0391BDU:2015-08010CVE-2003-0058GHSA-4hr3-85ww-cj5wCERTCC-2003-442569BDU:2015-08009CVE-2003-0689EUVD-2002-1219EUVD-2002-0388GHSA-844m-mj4w-qff2cisco-sa-20040831-krb5BDU:2015-03375RHSA-2002:242CVE-2003-0139BDU:2015-07998DSA-266RHSA-2002:167EUVD-2003-0135CVE-2002-1146BDU:2015-03366RHSA-2003:154GHSA-w4pr-xjh8-387gGHSA-235q-hvh2-g375CVE-2003-0859BDU:2015-03361GSD-2004-0644DEBIAN-CVE-2002-1146BDU:2015-08133CVE-2002-0684GSD-2002-0651GSD-2003-0689CVE-2004-0642DSA-269VAR-200108-0064BDU:2015-02178CERTCC-2002-803539CERTCC-2002-738331BDU:2015-08000DEBIAN-CVE-2004-0644GSD-2002-1235DSA-183BDU:2015-03360RHSA-2003:021BDU:2015-08007BDU:2015-07999GSD-2001-0169GHSA-3hqp-jxgp-f6jmBDU:2015-06282BDU:2015-08137RHSA-2003:168BDU:2015-03367BDU:2015-06289DSA-543-1RHSA-2001:100CERTCC-2004-866472BDU:2015-08143RHSA-2004:350BDU:2015-08141BDU:2015-08142BDU:2015-07997DEBIAN-CVE-2002-0684BDU:2015-08012EUVD-2004-0641BDU:2015-08146CVE-2002-1235BDU:2015-06293EUVD-2003-0055BDU:2015-03363CISA-2002-0391EUVD-2003-0850DEBIAN-CVE-2004-0772DEBIAN-CVE-2003-0139EUVD-2001-0169CVE-2003-0138EUVD-2004-0642GHSA-r4jv-xp6w-68qpGSD-2004-0643GHSA-49gw-mv8v-c8mpGHSA-mfh7-xj2q-5w6vBDU:2015-03362DSA-142RHSA-2003:325VAR-200312-0226EUVD-2003-0134cisco-sa-20020129-catos-telrcvCERTCC-2002-739123CVE-2002-0651BDU:2015-08132DEBIAN-CVE-2003-0082GSD-2001-0886BDU:2015-08144EUVD-2002-0036GSD-2003-0028BDU:2015-03371DSA-149CERTCC-2004-550464EUVD-2003-0068CVE-2002-0391BDU:2015-08001GSD-2002-1146DSA-184DSA-333GHSA-9vx5-gccr-9gr3RHSA-2002:250RHSA-2002:133GHSA-6w68-qf8p-27phCVE-2003-0072BDU:2015-08134CERTCC-2002-192995EUVD-2001-0869DSA-282BDU:2015-03370CVE-2001-0169GHSA-qxpj-m267-3648CERTCC-2003-623217BDU:2015-08005BDU:2015-07910DSA-146CERTCC-2001-386504BDU:2015-08003ANCHORE-2003-0082DSA-185BDU:2015-03364GSD-2003-0859DEBIAN-CVE-2003-0689EUVD-2004-0770CERTCC-2002-875073EUVD-2003-0040BDU:2015-08002BDU:2015-08135BDU:2015-08004DEBIAN-CVE-2004-0643GSD-2004-0642CVE-2001-0886BDU:2015-03713BDU:2015-07909GHSA-p9j8-4q5m-jqv4CERTCC-2002-661243RHSA-2003:212BDU:2015-03365BDU:2015-07996CERTCC-2004-795632BDU:2015-07911BDU:2015-08145CVE-2002-0400GHSA-gh6c-7j72-v6m8RHSA-2003:051BDU:2015-07994RHSA-2002:119RHSA-2003:020GHSA-cxg3-hwc8-9mx4GSD-2001-0554BDU:2015-08147BDU:2015-03368RHSA-2003:022DSA-273BDU:2015-06285BDU:2015-08139EUVD-2003-0078CERTCC-2003-516825BDU:2015-08006EUVD-2003-0028DEBIAN-CVE-2003-0028GHSA-q58h-j692-6gh6DEBIAN-CVE-2003-0058DSA-272BDU:2015-03372RHSA-2003:249CVE-2002-0036RHSA-2003:091BDU:2015-02971EUVD-2002-0678EUVD-2003-0680CVE-2003-0059GHSA-8wgq-vhc2-3cqcCVE-2004-0643CVE-2003-0082RHSA-2003:090BDU:2015-03373CVE-2004-0644

Browse GCVE Records

73,393 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›