CVE-2007-1216

Name of the Vulnerable Software and Affected Versions: MIT krb5 versions prior to 1.6.1

Description: The issue is related to a double free vulnerability in the GSS-API library, specifically in the k5unseal.c file, which is used by the Kerberos administration daemon (kadmind) when the authentication method provided by the RPCSEC GSS RPC library is utilized. This vulnerability allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via a message with an invalid direction encoding.

Recommendations: For MIT krb5 versions prior to 1.6.1, update to version 1.6.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the kadmind daemon until a patch is applied.