Описание
The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup.
Ссылки
- Broken Link
- Broken Link
- Broken Link
- Broken Link
- Mailing ListThird Party Advisory
- Third Party Advisory
- Broken Link
- Broken LinkThird Party Advisory
- Broken LinkThird Party Advisory
- Broken LinkThird Party Advisory
- Broken LinkThird Party Advisory
- Broken LinkThird Party Advisory
- Broken LinkThird Party Advisory
- Broken LinkThird Party Advisory
- Broken LinkThird Party Advisory
- Broken LinkThird Party Advisory
- Broken LinkThird Party Advisory
- Broken LinkThird Party Advisory
- Broken LinkThird Party Advisory
- Broken LinkThird Party Advisory
Уязвимые конфигурации
Одно из
Одно из
EPSS
10 Critical
CVSS2
Дефекты
Связанные уязвимости
The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup.
The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup.
The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos ...
The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup.
ELSA-2007-0562: Important: krb5 security update (IMPORTANT)
EPSS
10 Critical
CVSS2