CVE-2006-5989

Name of the Vulnerable Software and Affected Versions mod auth kerb version 5.0

Description The issue is caused by an off-by-one error in the der get oid function, which allows remote attackers to trigger a heap-based buffer overflow in the component array via a crafted Kerberos message, resulting in a denial of service (crash).

Recommendations For mod auth kerb version 5.0, consider applying a patch or fix that addresses the off-by-one error in the der get oid function to prevent the heap-based buffer overflow. At the moment, there is no information about a newer version that contains a fix for this vulnerability.