5 matches found
Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 : krb5 vulnerabilities (USN-940-1)
It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service. Only Ubuntu 6.06 LTS was affected. CVE-2007-5902,...
USN-924-1: Kerberos vulnerabilities
Sol Jerome discovered that the Kerberos kadmind service did not correctly free memory. An unauthenticated remote attacker could send specially crafted traffic to crash the kadmind process, leading to a denial of service. CVE-2010-0629 It was discovered that Kerberos did not correctly free memory ...
SuSE 10 Security Update : Kerberos (ZYPP Patch Number 4852)
This update fixes multiple vulnerabilities in krb5. It's unlikely that those vulnerabilities can actually be exploited. CVE-2007-5894 / CVE-2007-5902 / CVE-2007-5971 / CVE-2007-5972 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
CVE-2007-5972
Double free vulnerability in the krb5defstoremkey function in lib/kdb/kdbdefault.c in MIT Kerberos 5 krb5 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store...
CVE-2007-5972
Double free vulnerability in the krb5defstoremkey function in lib/kdb/kdbdefault.c in MIT Kerberos 5 krb5 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store...