PT-2007-6899 · Mit · Mit Kerberos 5

Publicado

2007-12-06

Atualizado

2024-06-15

CVE-2007-5972

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions MIT Kerberos 5 (krb5) version 1.5

Description A double free vulnerability exists in the krb5 def store mkey function, which has unknown impact and can be exploited through remote authenticated attack vectors. The vulnerability is related to the storage of the krb5kdc master key, requiring the attacker to have privileges to store this key.

Recommendations For MIT Kerberos 5 (krb5) version 1.5, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2007-5972

OPENSUSE-SU-2024:10899-1

Produtos afetados

Mit Kerberos 5

PT-2007-6899 · Mit · Mit Kerberos 5

CVE-2007-5972

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 38