Home > Vulnerability Database > CVE-2006-6143

Mend.io Vulnerability Database

CVE-2006-6143

Date: January 9, 2007

The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

Severity Score

8.1

Related Resources (31)

Url: http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html

Url: http://www.vupen.com/english/advisories/2007/0111

Url: http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-002-rpc.txt

Url: https://nvd.nist.gov/vuln/detail/CVE-2006-6143

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2007:008

Url: http://securitytracker.com/id?1017493

Url: http://secunia.com/advisories/24966

Url: http://www.ubuntu.com/usn/usn-408-1

Url: http://www.kb.cert.org/vuls/id/481564

Url: http://security.gentoo.org/glsa/glsa-200701-21.xml

Url: http://secunia.com/advisories/23772

Url: http://secunia.com/advisories/23696

Url: http://www.securityfocus.com/bid/21970

Url: http://docs.info.apple.com/article.html?artnum=305391

Url: http://www.securityfocus.com/archive/1/456406/100/0/threaded

Url: http://secunia.com/advisories/23707

Url: http://secunia.com/advisories/23706

Url: http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.006.html

Url: http://www.vupen.com/english/advisories/2007/1470

Url: http://www.us-cert.gov/cas/techalerts/TA07-009B.html

Url: http://osvdb.org/31281

Url: http://secunia.com/advisories/23701

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/31422

Url: http://secunia.com/advisories/23667

Url: http://secunia.com/advisories/23903

Url: https://issues.rpath.com/browse/RPL-925

Url: http://lists.suse.com/archive/suse-security-announce/2007-Jan/0004.html

Url: http://fedoranews.org/cms/node/2375

Url: http://fedoranews.org/cms/node/2376

Url: http://www.us-cert.gov/cas/techalerts/TA07-109A.html

Url: https://www.mend.io/vulnerability-database/CVE-2006-6143

Severity Score

8.1

Weakness Type (CWE)

Access of Uninitialized Pointer

CWE-824

CVSS v3.1

Base Score:	8.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	9.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2006-6143

Date: January 9, 2007

Severity Score

Related Resources (31)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?