A modified, unauthenticated server can send an
unterminated string during the establishment of Kerberos
transport encryption. When a libpq client application
has a Kerberos credential cache and doesn't explicitly
disable option gssencmode, a server can cause libpq to
over-read and report an error message containing
uninitialized bytes from and following its receive
buffer. If libpq's caller somehow makes that message
accessible to the attacker, this achieves a disclosure
of the over-read bytes. We have not confirmed or ruled
out viability of attacks that arrange for a crash or for
presence of notable, confidential information in
disclosed bytes.