• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

MIT Kerberos 5 kadmind Server Uninitialized Pointer Remote Code Execution Vulnerability

Kerberos 5 'kadmind' (Kerberos Administration Daemon) server is prone to a remote code-execution vulnerability because of an uninitialized pointer.

An authenticated attacker can exploit this issue to execute arbitrary code with superuser privileges. Successful exploits will completely compromise affected computers. Failed attacks will cause denial-of-service conditions.

All 'kadmind' servers run on the master Kerberos server. Since the master server holds the KDC principal and policy database, an attack may not only compromise the affected computer, but could also compromise multiple hosts that use the server for authentication.

Kerberos 5 'kadmind' 1.5 through 1.6.2 are vulnerable.