Total vulnerabilities in the database
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."
| Software | From | Fixed in |
|---|---|---|
| mit / kerberos_5 | - | 1.6.3.x |
| apple / mac_os_x | - | 10.4.11 |
| apple / mac_os_x | 10.5.0 | 10.5.2 |
| apple / mac_os_x_server | - | 10.4.11 |
| apple / mac_os_x_server | 10.5.0 | 10.5.2 |
| opensuse / opensuse | 10.2 | 10.2.x |
| opensuse / opensuse | 10.3 | 10.3.x |
| suse / linux_enterprise_software_development_kit | 10-sp1 | 10-sp1.x |
| suse / linux_enterprise_server | 10-sp1 | 10-sp1.x |
| suse / linux_enterprise_desktop | 10-sp1 | 10-sp1.x |
| suse / linux | 10.1 | 10.1.x |
| debian / debian_linux | 3.1 | 3.1.x |
| debian / debian_linux | 4.0 | 4.0.x |
| canonical / ubuntu_linux | 7.04 | 7.04.x |
| canonical / ubuntu_linux | 7.10 | 7.10.x |
| canonical / ubuntu_linux | 6.10 | 6.10.x |
| canonical / ubuntu_linux | 6.06 | 6.06.x |
| fedoraproject / fedora | 8 | 8.x |
| fedoraproject / fedora | 7 | 7.x |