Candidate: CVE-2008-0062
References:
 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt
 https://ubuntu.com/security/notices/USN-587-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062
PublicDate: 2008-03-19 10:44:00 UTC
Description:
 KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some
 krb4 message types, which allows remote attackers to cause a denial of
 service (crash) and possibly execute arbitrary code via crafted messages
 that trigger a NULL pointer dereference or double-free.
Ubuntu-Description: 
Notes: 
Bugs: 
Priority: low
Discovered-by:
Assigned-to: kees
CVSS: 

Patches_krb5:
upstream_krb5: pending (1.6.4)
dapper_krb5: released (1.4.3-5ubuntu0.7)
edgy_krb5: released (1.4.3-9ubuntu1.6)
feisty_krb5: released (1.4.4-5ubuntu3.4)
gutsy_krb5: released (1.6.dfsg.1-7ubuntu0.1)
devel_krb5: released (1.6.dfsg.3~beta1-2ubuntu1)