Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2006-6143
HistoryJan 10, 2007 - 12:00 a.m.

CVE-2006-6143

2007-01-1000:00:00
CWE-824
mitre
web.nvd.nist.gov
32
rpc
kerberos 5
remote code execution
security vulnerability
nvd
cve-2006-6143

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.609

Percentile

97.8%

JSON

The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

Affected configurations

Nvd
Node
mitkerberos_5Match1.4
OR
mitkerberos_5Match1.4.1
OR
mitkerberos_5Match1.4.2
OR
mitkerberos_5Match1.4.3
OR
mitkerberos_5Match1.4.4
OR
mitkerberos_5Match1.5
OR
mitkerberos_5Match1.5.1
Node
canonicalubuntu_linuxMatch6.06
OR
canonicalubuntu_linuxMatch6.10
VendorProductVersionCPE
mitkerberos_51.5.1cpe:/a:mit:kerberos_5:1.5.1:::
mitkerberos_51.4cpe:/a:mit:kerberos_5:1.4:::
mitkerberos_51.4.3cpe:/a:mit:kerberos_5:1.4.3:::
mitkerberos_51.4.1cpe:/a:mit:kerberos_5:1.4.1:::
mitkerberos_51.5cpe:/a:mit:kerberos_5:1.5:::
mitkerberos_51.4.4cpe:/a:mit:kerberos_5:1.4.4:::
mitkerberos_51.4.2cpe:/a:mit:kerberos_5:1.4.2:::

References

Related

ubuntu 1
openvas 15
debiancve 1
cert 1
redhatcve 1
nessus 9
securityvulns 2
ubuntucve 1
nvd 1
cvelist 1
gentoo 1
fedora 4
suse 1
ubuntu
ubuntu
krb5 vulnerability
2007-01-16 00:00:00
openvas
openvas
Mandriva Update for krb5 MDKSA-2007:008 (krb5)
2009-04-09 00:00:00
Ubuntu: Security Advisory (USN-408-1)
2009-03-23 00:00:00
Mandriva Update for krb5 MDKSA-2007:008 (krb5)
2009-04-09 00:00:00
debiancve
debiancve
CVE-2006-6143
2007-01-10 00:00:00
cert
cert
Kerberos administration daemon fails to properly initialize function pointers
2007-01-09 00:00:00
redhatcve
redhatcve
CVE-2006-6143
2015-10-30 10:26:26
nessus
nessus
Mandrake Linux Security Advisory : krb5 (MDKSA-2007:008)
2007-02-18 00:00:00
Ubuntu 6.06 LTS / 6.10 : krb5 vulnerability (USN-408-1)
2007-11-10 00:00:00
openSUSE 10 Security Update : krb5 (krb5-2442)
2007-10-17 00:00:00
securityvulns
securityvulns
RPC library / MIT Kerberos kadmind uninitialized function pointer
2007-01-09 00:00:00
MITKRB5-SA-2006-002: kadmind (via RPC lib) calls uninitialized function pointer
2007-01-09 00:00:00
ubuntucve
ubuntucve
CVE-2006-6143
2006-12-31 00:00:00
nvd
nvd
CVE-2006-6143
2006-12-31 05:00:00
cvelist
cvelist
CVE-2006-6143
2007-01-10 00:00:00
gentoo
gentoo
MIT Kerberos 5: Arbitrary Remote Code Execution
2007-01-24 00:00:00
fedora
fedora
[SECURITY] Fedora Core 5 Update: krb5-1.4.3-5.3
2007-01-09 22:09:07
[SECURITY] Fedora Core 6 Update: krb5-1.5-13
2007-01-09 22:08:27
[SECURITY] Fedora Core 5 Update: krb5-1.4.3-5.4
2007-04-03 20:14:48
suse
suse
remote denial of service in krb5
2007-01-10 12:52:57

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.609

Percentile

97.8%

JSON
Related for CVE-2006-6143
ubuntu1openvas15debiancve1cert1redhatcve1nessus9securityvulns2ubuntucve1nvd1cvelist1gentoo1fedora4suse1