Computer Security
[EN] securityvulns.ru no-pyccku


RPC library / MIT Kerberos kadmind uninitialized function pointer
Published:09.01.2007
Source:
SecurityVulns ID:7025
Type:remote
Threat Level:
9/10
Description:Function call by uninitialized pointer in RPC server code allows code execution.
Affected:MIT : krb5 1.4
 MIT : krb5 1.5
CVE:CVE-2006-6143 (The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.)
Original documentdocumentMIT, MITKRB5-SA-2006-002: kadmind (via RPC lib) calls uninitialized function pointer (09.01.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod