CVE-2006-6143

2006-12-3100:00:00

ubuntu.com

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.609

Percentile

97.8%

JSON

The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as
used in Kerberos administration daemon (kadmind) and other products that
use this library, calls an uninitialized function pointer in freed memory,
which allows remote attackers to cause a denial of service (crash) and
possibly execute arbitrary code via unspecified vectors.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchkrb5< 1.4.3-5ubuntu0.6UNKNOWN
ubuntu6.10noarchkrb5< 1.4.3-9ubuntu1.5UNKNOWN
ubuntu7.04noarchkrb5< 1.4.4-5ubuntu3.3UNKNOWN