ID CVE-2006-6143
Summary The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
References
Vulnerable Configurations
  • cpe:2.3:a:mit:kerberos:5-1.4:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos:5-1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos:5-1.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos:5-1.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos:5-1.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos:5-1.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos:5-1.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos:5-1.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos:5-1.4.4:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos:5-1.4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos:5-1.5:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos:5-1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mit:kerberos:5-1.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:mit:kerberos:5-1.5.1:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 17-10-2018 - 21:46)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
refmap via4
apple APPLE-SA-2007-04-19
bid 21970
bugtraq 20070109 MITKRB5-SA-2006-002: kadmind (via RPC lib) calls uninitialized function pointer
cert
  • TA07-009B
  • TA07-109A
cert-vn VU#481564
confirm
fedora
  • FEDORA-2007-033
  • FEDORA-2007-034
gentoo GLSA-200701-21
mandriva MDKSA-2007:008
openpkg OpenPKG-SA-2007.006
osvdb 31281
sectrack 1017493
secunia
  • 23667
  • 23696
  • 23701
  • 23706
  • 23707
  • 23772
  • 23903
  • 24966
suse SUSE-SA:2007:004
ubuntu USN-408-1
vupen
  • ADV-2007-0111
  • ADV-2007-1470
xf kerberos-rpc-code-execution(31422)
statements via4
contributor Mark J Cox
lastmodified 2007-03-14
organization Red Hat
statement Not vulnerable. Red Hat Enterprise Linux 2.1, 3, and 4 ship with versions of Kerberos 5 prior to version 1.4 and are therefore not affected by these vulnerabilities. Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Last major update 17-10-2018 - 21:46
Published 31-12-2006 - 05:00
Back to Top