Fedora Core 6 : krb5-1.5-22.fc6 (2007-690)

This update incorporates fixes for a stack overflow in the rpcsecgss implementation in libgssrpc CVE-2007-3999 and a potential write through an uninitialized pointer in kadmind CVE-2007-4000. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

RHEL 5 : krb5 (RHSA-2007:0858)

Updated krb5 packages that fix two security flaws are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authenticate to...

krb5 kadmind uninitialized pointer

No description is available for this CVE...

Important: Red Hat Security Advisory: krb5 security update

Updated krb5 packages that fix two security flaws are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Updated 07 Sep 2007 The initial fix for CVE-2007-3999 was found to be incomplete. Packages have...

Important: krb5 security update

1.5-28 - add preliminary patch to fix buffer overflow in rpcsecgss implementation in libgssrpc 250973, CVE-2007-3999 and write through uninitialized pointer in kadmind 250976, CVE-2007-4000...

CVE-2007-4639

EnterpriseDB Advanced Server 8.2 does not properly handle certain debugging function calls that occur before a call to pldbgcreatelistener, which allows remote authenticated users to cause a denial of service daemon crash and possibly execute arbitrary code via a SELECT statement that invokes a...

CVE-2007-4639

EnterpriseDB Advanced Server 8.2 does not properly handle certain debugging function calls that occur before a call to pldbgcreatelistener, which allows remote authenticated users to cause a denial of service daemon crash and possibly execute arbitrary code via a SELECT statement that invokes a...

EnterpriseDB Advanced Server 8.2 - Uninitialized Pointer

EnterpriseDB Advanced Server 8.2 - Uninitialized Pointer source: https://www.securityfocus.com/bid/25481/info EnterpriseDB Advanced Server is prone to an uninitialized-pointer vulnerability. Authenticated attackers can exploit this issue to cause denial-of-service conditions. Given the nature of...

EnterpriseDB Advanced Server 8.2 - Uninitialized Pointer

source: https://www.securityfocus.com/bid/25481/info EnterpriseDB Advanced Server is prone to an uninitialized-pointer vulnerability. Authenticated attackers can exploit this issue to cause denial-of-service conditions. Given the nature of this vulnerability, remote code execution may also be...

MIT Kerberos multiple security vulnerabilities

kadmind stack-based buffer overflow, buffer overflow and uninitialized pointer free in RPC library...

RHEL 2.1 / 3 : krb5 (RHSA-2007:0384)

Updated krb5 packages that fix several security flaws are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to...

Mandrake Linux Security Advisory : krb5 (MDKSA-2007:137)

David Coffey discovered an uninitialized pointer free flaw in the RPC library used by kadmind. A remote unauthenticated attacker who could access kadmind could trigger the flaw causing kadmind to crash or possibly execute arbitrary code CVE-2007-2442. David Coffey also discovered an overflow flaw...

CVE-2007-2442

The gssrpcsvcauthgssapi function in the RPC library in MIT Kerberos 5 krb5 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup...

Design/Logic Flaw

The gssrpcsvcauthgssapi function in the RPC library in MIT Kerberos 5 krb5 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup...

DEBIAN-CVE-2007-2442

The gssrpcsvcauthgssapi function in the RPC library in MIT Kerberos 5 krb5 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup...

CVE-2007-2442

The gssrpcsvcauthgssapi function in the RPC library in MIT Kerberos 5 krb5 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup...

krb5 RPC library unitialized pointer free

The gssrpcsvcauthgssapi function in the RPC library in MIT Kerberos 5 krb5 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup...

krb5 RPC library unitialized pointer free

The gssrpcsvcauthgssapi function in the RPC library in MIT Kerberos 5 krb5 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup...

MIT Kerberos kadmind RPC library gssrpc__svcauth_gssapi() uninitialized pointer free vulnerability

Overview The MIT Kerberos administration daemon kadmind can free an uninitialized pointer, which may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service. Description The gssrpcsvcauthgssapi function used by the Kerberos administration daemon can free an...

iDefense Security Advisory 03.23.07: Sun Java System Directory Server 5.2 Uninitialized Pointer Cleanup Design Error Vulnerability

Sun Java System Directory Server 5.2 Uninitialized Pointer Cleanup Design Error Vulnerability iDefense Security Advisory 03.23.07 http://labs.idefense.com/intelligence/vulnerabilities/ Mar 23, 2007 I. BACKGROUND Sun Java System Directory Server is an LDAP server distributed by Sun with multiple...