CVE-2006-5989

Published: Nov 20, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Off-by-one error in the der_get_oid function in mod_auth_kerb 5.0 allows remote attackers to cause a denial of service (crash) via a crafted Kerberos message that triggers a heap-based buffer overflow in the component array.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=136650

x_refsource_CONFIRM

23251

third-party-advisory

x_refsource_SECUNIA

23681

third-party-advisory

x_refsource_SECUNIA

DSA-1247

vendor-advisory

x_refsource_DEBIAN

21214

vdb-entry

x_refsource_BID

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=206736

x_refsource_CONFIRM

23023

third-party-advisory

x_refsource_SECUNIA

23820

third-party-advisory

x_refsource_SECUNIA

RHSA-2006:0746

vendor-advisory

x_refsource_REDHAT

apache-modauthkerb-offbyone-bo(30456)

vdb-entry

x_refsource_XF

MDKSA-2006:218

vendor-advisory

x_refsource_MANDRIVA

1017348

vdb-entry

x_refsource_SECTRACK

ADV-2006-4633

vdb-entry

x_refsource_VUPEN

GLSA-200701-14

vendor-advisory

x_refsource_GENTOO

oval:org.mitre.oval:def:10051

vdb-entry

signature

x_refsource_OVAL

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2006-5989

Description

Affected Products

References