Computer Security
[EN] no-pyccku

RPC library / MIT Kerberos kadmind uninitialized function pointer
SecurityVulns ID:7025
Threat Level:
Description:Function call by uninitialized pointer in RPC server code allows code execution.
Affected:MIT : krb5 1.4
 MIT : krb5 1.5
CVE:CVE-2006-6143 (The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.)
Original documentdocumentMIT, MITKRB5-SA-2006-002: kadmind (via RPC lib) calls uninitialized function pointer (09.01.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod