CVE
- Id
- 30180
- CVE No.
- CVE-2008-0063
- Status
- Candidate
- Description
- The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."
- Phase
- Assigned (20080103)
- Votes
- None (candidate not yet proposed)
- Comments
Related CVE References
| Id | CVE Id | CVE No. | Reference | Actions |
|---|---|---|---|---|
| 319912 | 30180 | CVE-2008-0063 | BUGTRAQ:20080318 MITKRB5-SA-2008-001: double-free, uninitialized data vulnerabilities in krb5kdc | View |
| 319913 | 30180 | CVE-2008-0063 | URL:http://www.securityfocus.com/archive/1/489761 | View |
| 319914 | 30180 | CVE-2008-0063 | BUGTRAQ:20080319 rPSA-2008-0112-1 krb5 krb5-server krb5-services krb5-test krb5-workstation | View |
| 319915 | 30180 | CVE-2008-0063 | URL:http://www.securityfocus.com/archive/1/archive/1/489883/100/0/threaded | View |
| 319916 | 30180 | CVE-2008-0063 | BUGTRAQ:20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues | View |
| 319917 | 30180 | CVE-2008-0063 | URL:http://www.securityfocus.com/archive/1/archive/1/493080/100/0/threaded | View |
| 319918 | 30180 | CVE-2008-0063 | CONFIRM:http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt | View |
| 319919 | 30180 | CVE-2008-0063 | CONFIRM:http://docs.info.apple.com/article.html?artnum=307562 | View |
| 319920 | 30180 | CVE-2008-0063 | CONFIRM:http://wiki.rpath.com/Advisories:rPSA-2008-0112 | View |
| 319921 | 30180 | CVE-2008-0063 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112 | View |
| 319922 | 30180 | CVE-2008-0063 | CONFIRM:http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5022520.html | View |
| 319923 | 30180 | CVE-2008-0063 | CONFIRM:http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5022542.html | View |
| 319924 | 30180 | CVE-2008-0063 | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2008-0009.html | View |
| 319925 | 30180 | CVE-2008-0063 | APPLE:APPLE-SA-2008-03-18 | View |
| 319926 | 30180 | CVE-2008-0063 | URL:http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html | View |
| 319927 | 30180 | CVE-2008-0063 | DEBIAN:DSA-1524 | View |
| 319928 | 30180 | CVE-2008-0063 | URL:http://www.debian.org/security/2008/dsa-1524 | View |
| 319929 | 30180 | CVE-2008-0063 | FEDORA:FEDORA-2008-2637 | View |
| 319930 | 30180 | CVE-2008-0063 | URL:https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00537.html | View |
| 319931 | 30180 | CVE-2008-0063 | FEDORA:FEDORA-2008-2647 | View |
| 319932 | 30180 | CVE-2008-0063 | URL:https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00544.html | View |
| 319933 | 30180 | CVE-2008-0063 | GENTOO:GLSA-200803-31 | View |
| 319934 | 30180 | CVE-2008-0063 | URL:http://www.gentoo.org/security/en/glsa/glsa-200803-31.xml | View |
| 319935 | 30180 | CVE-2008-0063 | MANDRIVA:MDVSA-2008:070 | View |
| 319936 | 30180 | CVE-2008-0063 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:070 | View |
| 319937 | 30180 | CVE-2008-0063 | MANDRIVA:MDVSA-2008:071 | View |
| 319938 | 30180 | CVE-2008-0063 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:071 | View |
| 319939 | 30180 | CVE-2008-0063 | MANDRIVA:MDVSA-2008:069 | View |
| 319940 | 30180 | CVE-2008-0063 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:069 | View |
| 319941 | 30180 | CVE-2008-0063 | REDHAT:RHSA-2008:0164 | View |
| 319942 | 30180 | CVE-2008-0063 | URL:http://www.redhat.com/support/errata/RHSA-2008-0164.html | View |
| 319943 | 30180 | CVE-2008-0063 | REDHAT:RHSA-2008:0180 | View |
| 319944 | 30180 | CVE-2008-0063 | URL:http://www.redhat.com/support/errata/RHSA-2008-0180.html | View |
| 319945 | 30180 | CVE-2008-0063 | REDHAT:RHSA-2008:0181 | View |
| 319946 | 30180 | CVE-2008-0063 | URL:http://www.redhat.com/support/errata/RHSA-2008-0181.html | View |
| 319947 | 30180 | CVE-2008-0063 | REDHAT:RHSA-2008:0182 | View |
| 319948 | 30180 | CVE-2008-0063 | URL:http://www.redhat.com/support/errata/RHSA-2008-0182.html | View |
| 319949 | 30180 | CVE-2008-0063 | SUSE:SUSE-SA:2008:016 | View |
| 319950 | 30180 | CVE-2008-0063 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00006.html | View |
| 319951 | 30180 | CVE-2008-0063 | UBUNTU:USN-587-1 | View |
| 319952 | 30180 | CVE-2008-0063 | URL:http://www.ubuntu.com/usn/usn-587-1 | View |
| 319953 | 30180 | CVE-2008-0063 | BID:28303 | View |
| 319954 | 30180 | CVE-2008-0063 | URL:http://www.securityfocus.com/bid/28303 | View |
| 319955 | 30180 | CVE-2008-0063 | OVAL:oval:org.mitre.oval:def:8916 | View |
| 319956 | 30180 | CVE-2008-0063 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8916 | View |
| 319957 | 30180 | CVE-2008-0063 | VUPEN:ADV-2008-0922 | View |
| 319958 | 30180 | CVE-2008-0063 | URL:http://www.vupen.com/english/advisories/2008/0922/references | View |
| 319959 | 30180 | CVE-2008-0063 | VUPEN:ADV-2008-0924 | View |
| 319960 | 30180 | CVE-2008-0063 | URL:http://www.vupen.com/english/advisories/2008/0924/references | View |
| 319961 | 30180 | CVE-2008-0063 | VUPEN:ADV-2008-1102 | View |
| 319962 | 30180 | CVE-2008-0063 | URL:http://www.vupen.com/english/advisories/2008/1102/references | View |
| 319963 | 30180 | CVE-2008-0063 | VUPEN:ADV-2008-1744 | View |
| 319964 | 30180 | CVE-2008-0063 | URL:http://www.vupen.com/english/advisories/2008/1744 | View |
| 319965 | 30180 | CVE-2008-0063 | SECTRACK:1019627 | View |
| 319966 | 30180 | CVE-2008-0063 | URL:http://www.securitytracker.com/id?1019627 | View |
| 319967 | 30180 | CVE-2008-0063 | SECUNIA:29428 | View |
| 319968 | 30180 | CVE-2008-0063 | URL:http://secunia.com/advisories/29428 | View |
| 319969 | 30180 | CVE-2008-0063 | SECUNIA:29438 | View |
| 319970 | 30180 | CVE-2008-0063 | URL:http://secunia.com/advisories/29438 | View |
| 319971 | 30180 | CVE-2008-0063 | SECUNIA:29420 | View |
| 319972 | 30180 | CVE-2008-0063 | URL:http://secunia.com/advisories/29420 | View |
| 319973 | 30180 | CVE-2008-0063 | SECUNIA:29435 | View |
| 319974 | 30180 | CVE-2008-0063 | URL:http://secunia.com/advisories/29435 | View |
| 319975 | 30180 | CVE-2008-0063 | SECUNIA:29450 | View |
| 319976 | 30180 | CVE-2008-0063 | URL:http://secunia.com/advisories/29450 | View |
| 319977 | 30180 | CVE-2008-0063 | SECUNIA:29451 | View |
| 319978 | 30180 | CVE-2008-0063 | URL:http://secunia.com/advisories/29451 | View |
| 319979 | 30180 | CVE-2008-0063 | SECUNIA:29457 | View |
| 319980 | 30180 | CVE-2008-0063 | URL:http://secunia.com/advisories/29457 | View |
| 319981 | 30180 | CVE-2008-0063 | SECUNIA:29464 | View |
| 319982 | 30180 | CVE-2008-0063 | URL:http://secunia.com/advisories/29464 | View |
| 319983 | 30180 | CVE-2008-0063 | SECUNIA:29423 | View |
| 319984 | 30180 | CVE-2008-0063 | URL:http://secunia.com/advisories/29423 | View |
| 319985 | 30180 | CVE-2008-0063 | SECUNIA:29462 | View |
| 319986 | 30180 | CVE-2008-0063 | URL:http://secunia.com/advisories/29462 | View |
| 319987 | 30180 | CVE-2008-0063 | SECUNIA:29516 | View |
| 319988 | 30180 | CVE-2008-0063 | URL:http://secunia.com/advisories/29516 | View |
| 319989 | 30180 | CVE-2008-0063 | SECUNIA:29663 | View |
| 319990 | 30180 | CVE-2008-0063 | URL:http://secunia.com/advisories/29663 | View |
| 319991 | 30180 | CVE-2008-0063 | SECUNIA:29424 | View |
| 319992 | 30180 | CVE-2008-0063 | URL:http://secunia.com/advisories/29424 | View |
| 319993 | 30180 | CVE-2008-0063 | SECUNIA:30535 | View |
| 319994 | 30180 | CVE-2008-0063 | URL:http://secunia.com/advisories/30535 | View |
| 319995 | 30180 | CVE-2008-0063 | XF:krb5-kdc-kerberos4-info-disclosure(41277) | View |
Related JVN
| Id | JVN No. | Title | Summary | CVE No. | CVE Id | CVSS_v2 | CVSS_v3 | JVN URL | Actions |
|---|---|---|---|---|---|---|---|---|---|
| 40645 | JVNDB-2009-001651 | HP OpenView Network Node Manager (OV NNM) における複数のバッファオーバーフローの脆弱性 | HP OpenView Network Node Manager (OV NNM) には、スタック領域における複数のバッファオーバーフローの脆弱性が存在します。 | CVE-2008-0067 | 30180 | 10 | http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001651.html | View |
