KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer dereference or double-free.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2008-03-19T10:00:00
Updated: 2018-10-15T20:57:01
Reserved: 2008-01-03T00:00:00
Link: CVE-2008-0062
JSON object: View
NVD Information
Status : Analyzed
Published: 2008-03-19T10:44:00.000
Modified: 2024-02-09T00:42:52.807
Link: CVE-2008-0062
JSON object: View
Redhat Information
No data.
CWE