krb5: libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)
An information disclosure flaw was found in the way MIT Kerberos RPCSECGSS implementation libgssrpc handled certain requests. An attacker could send a specially crafted request to an application using libgssrpc to disclose a limited portion of uninitialized memory used by that application...