← volver
CVE-2008-0063

CVE-2008-0063

EPSS 3.5%
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://docs.info.apple.com/article.html?artnum=307562http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-03/msg00006.htmlhttp://secunia.com/advisories/29420http://secunia.com/advisories/29423http://secunia.com/advisories/29424http://secunia.com/advisories/29428http://secunia.com/advisories/29435http://secunia.com/advisories/29438http://secunia.com/advisories/29450http://secunia.com/advisories/29451http://secunia.com/advisories/29457