CVE-2006-6143 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-6143
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-6143

Description: The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/31422 UBUNTU http://www.ubuntu.com/usn/usn-408-1 SUSE http://lists.suse.com/archive/suse-security-announce/2007-Jan/0004.html ST 1017493 SAID Secunia Advisory: SA24966 Secunia Advisory: SA23903 Secunia Advisory: SA23772 Secunia Advisory: SA23667 Secunia Advisory: SA23707 Secunia Advisory: SA23706 Secunia Advisory: SA23696 Secunia Advisory: SA23701 OSVDB 31281 OPENPKG http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.006.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:008 GENTOO http://security.gentoo.org/glsa/glsa-200701-21.xml FEDORA http://fedoranews.org/cms/node/2375 http://fedoranews.org/cms/node/2376 CONFIRM http://docs.info.apple.com/article.html?artnum=305391 http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-002-rpc.txt CERT-VN 481564 CERT http://www.us-cert.gov/cas/techalerts/TA07-109A.html http://www.us-cert.gov/cas/techalerts/TA07-009B.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/456406/100/0/threaded BID 21970 APPLE http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html

Return to the previous page.