The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an array index out-of-bounds error and may allow authenticated users to execute arbitrary code via a heap-based buffer overflow.
References
Configurations
History
No history.
Information
Published : 2004-12-31 05:00
Updated : 2024-02-04 16:31
NVD link : CVE-2004-1189
Mitre link : CVE-2004-1189
CVE.ORG link : CVE-2004-1189
JSON object : View
Products Affected
mit
- kerberos_5
CWE
CWE-787
Out-of-bounds Write