CVE-2004-1189

EPSS 0.09%

krb5 - buffer overflow

Published: 12/31/2004Modified: 3/9/2026

Also known as:DSA-629-1DEBIAN-CVE-2004-1189

Description

The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an array index out-of-bounds error and may allow authenticated users to execute arbitrary code via a heap-based buffer overflow.

Affected packages (2)

Debian/krb5from 0, < 1.3.6-1
Debian/krb5from 0, < 1.2.4-5woody7

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2004-1189