CVE-2006-6143
published 2006-12-31CVE-2006-6143: The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this…
PriorityP336critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
7.93%
94.0th percentile
The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | krb5 | < krb5 1.4.4-6 (bookworm) | krb5 1.4.4-6 (bookworm) |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | kerberos_5 | — | — |
| mit | krb5 | >= 0 < 1.4.4-6 | 1.4.4-6 |
| mit | krb5 | >= 0 < 1.4.4-6 | 1.4.4-6 |
| mit | krb5 | >= 0 < 1.4.4-6 | 1.4.4-6 |
| mit | krb5 | >= 0 < 1.4.4-6 | 1.4.4-6 |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv9.3CRITICAL
vendor_debian9.3HIGH
vendor_redhat9.3CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-f6jg-x7x7-48f4: The RPC library in Kerberos 5 1
ghsa_unreviewed·2022-05-01
CVE-2006-6143 [HIGH] CWE-824 GHSA-f6jg-x7x7-48f4: The RPC library in Kerberos 5 1
The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
OSV
CVE-2006-6143: The RPC library in Kerberos 5 1
osv·2006-12-31·CVSS 9.3
CVE-2006-6143 [CRITICAL] CVE-2006-6143: The RPC library in Kerberos 5 1
The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
Ubuntu
krb5 vulnerability
vendor_ubuntu·2007-01-16
CVE-2006-6143 krb5 vulnerability
Title: krb5 vulnerability
Summary: krb5 vulnerability
The server-side portion of Kerberos' RPC library had a memory
management flaw which allowed users of that library to call a function
pointer located in unallocated memory. By doing specially crafted
calls to the kadmind server, a remote attacker could exploit this to
execute arbitrary code with root privileges on the target computer.
Instructions: In general, a standard system upgrade is sufficient to effect the
necessary changes.
Debian
CVE-2006-6143: krb5 - The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used ...
vendor_debian·2006·CVSS 9.3
CVE-2006-6143 [CRITICAL] CVE-2006-6143: krb5 - The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used ...
The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
Scope: local
bookworm: resolved (fixed in 1.4.4-6)
bullseye: resolved (fixed in 1.4.4-6)
forky: resolved (fixed in 1.4.4-6)
sid: resolved (fixed in 1.4.4-6)
trixie: resolved (fixed in 1.4.4-6)
Red Hat
CVE-2006-6143: The RPC library in Kerberos 5 1
vendor_redhat·CVSS 9.3
CVE-2006-6143 [CRITICAL] CVE-2006-6143: The RPC library in Kerberos 5 1
The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
Statement: Not vulnerable. Red Hat Enterprise Linux 2.1, 3, and 4 ship with versions of Kerberos 5 prior to version 1.4 and are therefore not affected by these vulnerabilities.
Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://docs.info.apple.com/article.html?artnum=305391http://fedoranews.org/cms/node/2375http://fedoranews.org/cms/node/2376http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.htmlhttp://lists.suse.com/archive/suse-security-announce/2007-Jan/0004.htmlhttp://osvdb.org/31281http://secunia.com/advisories/23667http://secunia.com/advisories/23696http://secunia.com/advisories/23701http://secunia.com/advisories/23706http://secunia.com/advisories/23707http://secunia.com/advisories/23772http://secunia.com/advisories/23903http://secunia.com/advisories/24966http://security.gentoo.org/glsa/glsa-200701-21.xmlhttp://securitytracker.com/id?1017493http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-002-rpc.txthttp://www.kb.cert.org/vuls/id/481564http://www.mandriva.com/security/advisories?name=MDKSA-2007:008http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.006.htmlhttp://www.securityfocus.com/archive/1/456406/100/0/threadedhttp://www.securityfocus.com/bid/21970http://www.ubuntu.com/usn/usn-408-1http://www.us-cert.gov/cas/techalerts/TA07-009B.htmlhttp://www.us-cert.gov/cas/techalerts/TA07-109A.htmlhttp://www.vupen.com/english/advisories/2007/0111http://www.vupen.com/english/advisories/2007/1470https://exchange.xforce.ibmcloud.com/vulnerabilities/31422https://issues.rpath.com/browse/RPL-925http://docs.info.apple.com/article.html?artnum=305391http://fedoranews.org/cms/node/2375http://fedoranews.org/cms/node/2376http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.htmlhttp://lists.suse.com/archive/suse-security-announce/2007-Jan/0004.htmlhttp://osvdb.org/31281http://secunia.com/advisories/23667http://secunia.com/advisories/23696http://secunia.com/advisories/23701http://secunia.com/advisories/23706http://secunia.com/advisories/23707http://secunia.com/advisories/23772http://secunia.com/advisories/23903http://secunia.com/advisories/24966http://security.gentoo.org/glsa/glsa-200701-21.xmlhttp://securitytracker.com/id?1017493http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-002-rpc.txthttp://www.kb.cert.org/vuls/id/481564http://www.mandriva.com/security/advisories?name=MDKSA-2007:008http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.006.htmlhttp://www.securityfocus.com/archive/1/456406/100/0/threadedhttp://www.securityfocus.com/bid/21970http://www.ubuntu.com/usn/usn-408-1http://www.us-cert.gov/cas/techalerts/TA07-009B.htmlhttp://www.us-cert.gov/cas/techalerts/TA07-109A.htmlhttp://www.vupen.com/english/advisories/2007/0111http://www.vupen.com/english/advisories/2007/1470https://exchange.xforce.ibmcloud.com/vulnerabilities/31422https://issues.rpath.com/browse/RPL-925
2006-12-31
Published