|
|
CVE Reference: CVE-2006-5989 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-5989 |
|
|
Description: Off-by-one error in the der_get_oid function in mod_auth_kerb 5.0 allows remote attackers to cause a denial of service (crash) via a crafted Kerberos message that triggers a heap-based buffer overflow in the component array. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/30456 ST 1017348 SAID Secunia Advisory: SA23023 Secunia Advisory: SA23251 Secunia Advisory: SA23681 Secunia Advisory: SA23820 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0746.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10051 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2006:218 GENTOO http://security.gentoo.org/glsa/glsa-200701-14.xml DEBIAN http://www.debian.org/security/2007/dsa-1247 CONFIRM BID 21214 |
|
| Return to the previous page. |
