mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 11:06:19 +00:00
795 B
795 B
CVE-2008-0063
Description
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."
POC
Reference
- http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt
- http://www.vmware.com/security/advisories/VMSA-2008-0009.html
Github
No PoCs found on GitHub currently.