The RPC library in Kerberos 5 1.4 up to and including 1.4.4, and 1.5 up to and including 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mit kerberos 5 1.4 |
||
mit kerberos 5 1.4.1 |
||
mit kerberos 5 1.4.2 |
||
mit kerberos 5 1.4.3 |
||
mit kerberos 5 1.4.4 |
||
mit kerberos 5 1.5 |
||
mit kerberos 5 1.5.1 |
||
canonical ubuntu linux 6.10 |
||
canonical ubuntu linux 6.06 |