Ubuntu Security Notice 940-1 - It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service. Joel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos did not correctly verify certain packet structures. An unauthenticated remote attacker could send specially crafted traffic to cause the KDC or kadmind services to crash, leading to a denial of service.
3a1b15d7feb5baa1e9ef51b23ea5560f739645a55f3ec4b92a3235d5043a3820
Ubuntu Security Notice 924-1 - Sol Jerome discovered that the Kerberos kadmind service did not correctly free memory. An unauthenticated remote attacker could send specially crafted traffic to crash the kadmind process, leading to a denial of service. It was discovered that Kerberos did not correctly free memory in the GSSAPI library. If a remote attacker were able to manipulate an application using GSSAPI carefully, the service could crash, leading to a denial of service. It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service.
bc9bb711c2b8a35f6d930697ac516ed74fe77679f83777bc8331d5e84ba5e977
Gentoo Linux Security Advisory GLSA 200803-31 - Two vulnerabilities were found in the Kerberos 4 support in KDC: A global variable is not set for some incoming message types, leading to a NULL pointer dereference or a double free() and unused portions of a buffer are not properly cleared when generating an error message, which results in stack content being contained in a reply. Versions less than 1.6.3-r1 are affected.
687a1a18cfdf1045b45102f44dfce14c62dc95331cc6d0cad7c2e5ba130147ae
Mandriva Linux Security Advisory - Multiple memory management flaws, a Kerberos v4 protocol packet handling issue, and various other vulnerabilities relating to krb5 are addressed in this advisory.
fc277ea7c60148b444544fab9d8240618ecf77044de176d49396dda8e3ea9193
Mandriva Linux Security Advisory - Multiple memory management flaws, a Kerberos v4 protocol packet handling issue, and various other vulnerabilities relating to krb5 are addressed in this advisory.
b9c93daed1f0633ea2aa214260c2d51bcb53b668537703dd134574d341ceca5f
MIT Kerberos 5 suffers from multiple vulnerabilities including an integer overflow and some double-free flaws.
d412d721c9d589618860fd3f0f92f51298792b44d1eb88d7790031200454c494