CVE-2006-5989

Off-by-one error in the der_get_oid function in mod_auth_kerb 5.0 allows remote attackers to cause a denial of service (crash) via a crafted Kerberos message that triggers a heap-based buffer overflow in the component array.

Date published : 2006-11-20

http://www.securityfocus.com/bid/21214

https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=136650