Back to search
CVE-2006-6144
Published: Jan 10, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
The "mechglue" abstraction interface of the GSS-API library for Kerberos 5 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, allows remote attackers to cause a denial of service (crash) via unspecified vectors that cause mechglue to free uninitialized pointers.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
kerberos-gssapi-code-execution(31417)
vdb-entry
x_refsource_XF
102772
vendor-advisory
x_refsource_SUNALERT
201294
vendor-advisory
x_refsource_SUNALERT
TA07-009B
third-party-advisory
x_refsource_CERT
23690
third-party-advisory
x_refsource_SECUNIA
SUSE-SA:2007:004
vendor-advisory
x_refsource_SUSE
1017494
vdb-entry
x_refsource_SECTRACK
23706
third-party-advisory
x_refsource_SECUNIA
20070109 MITKRB5-SA-2006-003: kadmind (via GSS-API lib) frees uninitialized pointers
mailing-list
x_refsource_BUGTRAQ
23903
third-party-advisory
x_refsource_SECUNIA
GLSA-200701-21
vendor-advisory
x_refsource_GENTOO
OpenPKG-SA-2007.006
vendor-advisory
x_refsource_OPENPKG
FEDORA-2007-033
vendor-advisory
x_refsource_FEDORA
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-003-mechglue.txt
x_refsource_CONFIRM
https://issues.rpath.com/browse/RPL-925
x_refsource_CONFIRM
ADV-2007-0112
vdb-entry
x_refsource_VUPEN
31280
vdb-entry
x_refsource_OSVDB
35151
third-party-advisory
x_refsource_SECUNIA
21975
vdb-entry
x_refsource_BID
ADV-2007-0111
vdb-entry
x_refsource_VUPEN
VU#831452
third-party-advisory
x_refsource_CERT-VN
23701
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now