Ubuntu Security Notice 940-1 - It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service. Joel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos did not correctly verify certain packet structures. An unauthenticated remote attacker could send specially crafted traffic to cause the KDC or kadmind services to crash, leading to a denial of service.
3a1b15d7feb5baa1e9ef51b23ea5560f739645a55f3ec4b92a3235d5043a3820Ubuntu Security Notice 924-1 - Sol Jerome discovered that the Kerberos kadmind service did not correctly free memory. An unauthenticated remote attacker could send specially crafted traffic to crash the kadmind process, leading to a denial of service. It was discovered that Kerberos did not correctly free memory in the GSSAPI library. If a remote attacker were able to manipulate an application using GSSAPI carefully, the service could crash, leading to a denial of service. It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service.
bc9bb711c2b8a35f6d930697ac516ed74fe77679f83777bc8331d5e84ba5e977Gentoo Linux Security Advisory GLSA 200803-31 - Two vulnerabilities were found in the Kerberos 4 support in KDC: A global variable is not set for some incoming message types, leading to a NULL pointer dereference or a double free() and unused portions of a buffer are not properly cleared when generating an error message, which results in stack content being contained in a reply. Versions less than 1.6.3-r1 are affected.
687a1a18cfdf1045b45102f44dfce14c62dc95331cc6d0cad7c2e5ba130147aeMandriva Linux Security Advisory - Multiple memory management flaws, a Kerberos v4 protocol packet handling issue, and various other vulnerabilities relating to krb5 are addressed in this advisory.
fc277ea7c60148b444544fab9d8240618ecf77044de176d49396dda8e3ea9193Mandriva Linux Security Advisory - Multiple memory management flaws, a Kerberos v4 protocol packet handling issue, and various other vulnerabilities relating to krb5 are addressed in this advisory.
b9c93daed1f0633ea2aa214260c2d51bcb53b668537703dd134574d341ceca5fMIT Kerberos 5 suffers from multiple vulnerabilities including an integer overflow and some double-free flaws.
d412d721c9d589618860fd3f0f92f51298792b44d1eb88d7790031200454c494
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed