CVE-2006-6144 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-6144
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-6144

Description: The "mechglue" abstraction interface of the GSS-API library for Kerberos 5 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, allows remote attackers to cause a denial of service (crash) via unspecified vectors that cause mechglue to free uninitialized pointers.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/31417 SUSE http://lists.suse.com/archive/suse-security-announce/2007-Jan/0004.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-201294-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102772-1 ST 1017494 SAID Secunia Advisory: SA23706 Secunia Advisory: SA23903 Secunia Advisory: SA35151 Secunia Advisory: SA23690 Secunia Advisory: SA23701 OSVDB 31280 OPENPKG http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.006.html GENTOO http://security.gentoo.org/glsa/glsa-200701-21.xml FEDORA http://fedoranews.org/cms/node/2375 CONFIRM http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-003-mechglue.txt CERT-VN 831452 CERT http://www.us-cert.gov/cas/techalerts/TA07-009B.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/456409/100/0/threaded BID 21975

Return to the previous page.