2 matches found
krb5: kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)
A double-free flaw was found in the way MIT Kerberos handled invalid External Data Representation XDR data. An authenticated user could use this flaw to crash the MIT Kerberos administration server kadmind, or other applications using Kerberos libraries, using specially crafted XDR packets...
krb5: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001)
A buffer overflow was found in the KADM5 administration server kadmind when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind...