CVE-2004-0643
EPSS 0.14%
Description
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
How to fix CVE-2004-0643
To remediate CVE-2004-0643, upgrade the affected package to a fixed version below.
- Debian/krb5—upgrade to 1.3.4-3 or later
Is CVE-2004-0643 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.3.4-3