The Kerberos administration daemon fails to properly initialize pointers. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service.
A vulnerability exists in the way the Kerberos administration daemon handles pointers that may allow a remote, unauthenticated user to execute arbitrary code. According to MIT krb5 Security Advisory 2006-002:
The Kerberos administration daemon, "kadmind", can execute arbitrary code by calling through a function pointer located in freed memory. This vulnerability results from bugs in the server-side portion of the RPC library.
A remote, unauthenticated user may be able to execute arbitrary code resulting in the compromise of the Kerberos key database or cause a denial of service.
This issue is addressed in MIT krb5 Security Advisory 2006-002. MIT credits Andrew Korty from Indiana University for reporting this issue.
This document was written by Chris Taschner.
|Date First Published:||2007-01-09|
|Date Last Updated:||2007-05-10 14:42 UTC|