Sun Microsystems Inc. Information for VU#259798
MIT Kerberos 5 allows unauthenticated attacker to cause MIT krb5 Key Distribution Center to free unallocated memory
Sun is affected by the two Kerberos vulnerabilities described in MIT Advisory MITKRB5-SA-2005-002 and CERT VU#259798 and VU#885830. Sun has published Sun Alert 101809 which is available here:
for these issues.
The Sun Alert is currently unresolved but will be updated once either IDRs or T-patches are available on SunSolve. The Sun Alert will ultimately be updated with the released patch information for the final resolution.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.