CVE-2006-6143
EPSS 25.1%
Description
The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
How to fix CVE-2006-6143
To remediate CVE-2006-6143, upgrade the affected package to a fixed version below.
- Debian/krb5—upgrade to 1.4.4-6 or later
Is CVE-2006-6143 being exploited?
Moderate — EPSS is 25.1%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 1.4.4-6