Candidate: CVE-2008-0063
References: 
 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt
 https://ubuntu.com/security/notices/USN-587-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063
PublicDate: 2008-03-19 10:44:00 UTC
Description:
 The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly
 clear the unused portion of a buffer when generating an error message,
 which might allow remote attackers to obtain sensitive information, aka
 "Uninitialized stack values."
Ubuntu-Description: 
Notes: 
Bugs: 
Priority: low
Discovered-by:
Assigned-to: kees
CVSS: 

Patches_krb5:
upstream_krb5: pending (1.6.4)
dapper_krb5: released (1.4.3-5ubuntu0.7)
edgy_krb5: released (1.4.3-9ubuntu1.6)
feisty_krb5: released (1.4.4-5ubuntu3.4)
gutsy_krb5: released (1.6.dfsg.1-7ubuntu0.1)
devel_krb5: released (1.6.dfsg.3~beta1-2ubuntu1)