CVE-2008-0063 - CVE Reference - Advisories

Software Inspectors

	Scan Online

	Personal (PSI)

	Network (NSI 2.0)

Solutions For

	Security Professionals

	Security Vendors

Free Solutions For

	Open Communities

	Journalists & Media

Secunia Advisories

	Search

	Historic Advisories

	Listed By Product

	Listed By Vendor

	Statistics / Graphs

	Secunia Research

	Report Vulnerability

	About Advisories

Virus Information

	Chronological List

	Last 10 Virus Alerts

	About Virus Information

Secunia Customers

	Customer Area

CVE Reference: CVE-2008-0063

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-0063

Description: The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-587-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00006.html ST 1019627 SAID Secunia Advisory: SA29435 Secunia Advisory: SA29420 Secunia Advisory: SA29438 Secunia Advisory: SA29428 Secunia Advisory: SA29450 Secunia Advisory: SA29451 Secunia Advisory: SA29457 Secunia Advisory: SA29464 Secunia Advisory: SA29423 Secunia Advisory: SA29462 Secunia Advisory: SA29516 Secunia Advisory: SA29663 Secunia Advisory: SA29424 Secunia Advisory: SA30535 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0182.html http://www.redhat.com/support/errata/RHSA-2008-0181.html http://www.redhat.com/support/errata/RHSA-2008-0180.html http://www.redhat.com/support/errata/RHSA-2008-0164.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:070 http://www.mandriva.com/security/advisories?name=MDVSA-2008:071 http://www.mandriva.com/security/advisories?name=MDVSA-2008:069 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200803-31.xml FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1524 CONFIRM http://www.vmware.com/security/advisories/VMSA-2008-0009.html http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5022542.html http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5022520.html http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112 http://docs.info.apple.com/article.html?artnum=307562 http://wiki.rpath.com/Advisories:rPSA-2008-0112 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/493080/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/489883/100/0/threaded http://www.securityfocus.com/archive/1/489761 BID 28303 APPLE http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Microsoft Windows DNS Spoofing Vulnerabilities

2.	Microsoft Access Snapshot Viewer ActiveX Control Vulnerability

3.	Microsoft Windows Explorer Saved Search Vulnerability

4.	Microsoft SQL Server and MSDE Multiple Vulnerabilities

5.	Joomla Unauthorized Access Vulnerabilities

6.	Microsoft Outlook Web Access Script Insertion Vulnerabilities

7.	Mozilla Firefox Multiple Vulnerabilities

8.	Symantec Brightmail AntiSpam Notifier Denial of Service

9.	Poppler "pageWidgets" Uninitialized Memory Access

10.	Neutrino Atomic Edition Security Bypass Vulnerability