Description
Wei Wang discovered that the krb5 RPC library did not correctly handle
certain error conditions. A remote attacker could cause kadmind to free
an uninitialized pointer, leading to a denial of service or possibly
execution of arbitrary code with root privileges. (CVE-2007-2442)
Wei Wang discovered that the krb5 RPC library did not correctly check
the size of certain communications. A remote attacker could send a
specially crafted request to kadmind and execute arbitrary code with
root privileges. (CVE-2007-2443)
It was discovered that the kadmind service could be made to overflow its
stack. A remote attacker could send a specially crafted request and
execute arbitrary code with root privileges. (CVE-2007-2798)