Unrated severityNVD Advisory· Published Nov 20, 2006· Updated Jun 16, 2026
CVE-2006-5989
CVE-2006-5989
Description
Off-by-one error in the der_get_oid function in mod_auth_kerb 5.0 allows remote attackers to cause a denial of service (crash) via a crafted Kerberos message that triggers a heap-based buffer overflow in the component array.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:mod_auth_kerb:mod_auth_kerb:5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mod_auth_kerb:mod_auth_kerb:5.0:*:*:*:*:*:*:*
- (no CPE)range: 5.0
Patches
Vulnerability mechanics
References
15- secunia.com/advisories/23023nvd
- secunia.com/advisories/23251nvd
- secunia.com/advisories/23681nvd
- secunia.com/advisories/23820nvd
- security.gentoo.org/glsa/glsa-200701-14.xmlnvd
- securitytracker.com/idnvd
- www.debian.org/security/2007/dsa-1247nvd
- www.mandriva.com/security/advisoriesnvd
- www.redhat.com/support/errata/RHSA-2006-0746.htmlnvd
- www.securityfocus.com/bid/21214nvd
- www.vupen.com/english/advisories/2006/4633nvd
- bugzilla.redhat.com/bugzilla/attachment.cginvd
- bugzilla.redhat.com/bugzilla/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/30456nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10051nvd
News mentions
0No linked articles in our index yet.