CVE-2006-6143

2006-12-3100:00:00

ubuntu.com

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.609 Medium

EPSS

Percentile

97.7%

JSON

The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as
used in Kerberos administration daemon (kadmind) and other products that
use this library, calls an uninitialized function pointer in freed memory,
which allows remote attackers to cause a denial of service (crash) and
possibly execute arbitrary code via unspecified vectors.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchkrb5< 1.4.3-5ubuntu0.6UNKNOWN
ubuntu6.10noarchkrb5< 1.4.3-9ubuntu1.5UNKNOWN
ubuntu7.04noarchkrb5< 1.4.4-5ubuntu3.3UNKNOWN