Total vulnerabilities in the database
The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup.
| Software | From | Fixed in |
|---|---|---|
| mit / kerberos_5 | - | 1.6.1.x |
| debian / debian_linux | 3.1 | 3.1.x |
| debian / debian_linux | 4.0 | 4.0.x |
| canonical / ubuntu_linux | 7.04 | 7.04.x |
| canonical / ubuntu_linux | 6.10 | 6.10.x |
| canonical / ubuntu_linux | 6.06 | 6.06.x |