Описание
Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.4.3-5ubuntu0.6 |
| devel | released | 1.6.dfsg.1-7 |
| edgy | released | 1.4.3-9ubuntu1.5 |
| feisty | released | 1.4.4-5ubuntu3.3 |
| upstream | needs-triage |
Показывать по
EPSS
8.3 High
CVSS2
Связанные уязвимости
Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.
Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.
Integer signedness error in the gssrpc__svcauth_unix function in svc_a ...
Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.
ELSA-2007-0562: Important: krb5 security update (IMPORTANT)
EPSS
8.3 High
CVSS2