Computer Security
[EN] securityvulns.ru no-pyccku


GSS-API library / MIT Kerberos kadmind (uninitialized pointer free)
Published:09.01.2007
Source:
SecurityVulns ID:7029
Type:remote
Threat Level:
8/10
Description:free() of unallocated memory pointer in mechglue GSS API layer.
Affected:MIT : krb5 1.5
CVE:CVE-2006-6144 (The "mechglue" abstraction interface of the GSS-API library for Kerberos 5 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, allows remote attackers to cause a denial of service (crash) via unspecified vectors that cause mechglue to free uninitialized pointers.)
Original documentdocumentMIT, MITKRB5-SA-2006-003: kadmind (via GSS-API lib) frees uninitialized pointers (09.01.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod