CVE-2008-0063
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."
Date published : 2008-03-19
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html