PT-2007-6837 · Mit+1 · Mit Kerberos 5+1
Published
2007-12-06
·
Updated
2017-09-29
·
CVE-2007-5901
CVSS v2.0
6.9
Medium
| Vector | AV:L/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
MIT Kerberos 5 (krb5) (affected versions not specified)
Description
A use-after-free issue exists in the
gss indicate mechs function, located in lib/gssapi/mechglue/g initialize.c. The impact and attack vectors of this issue are unknown. It is speculated that this might be due to a typo in the source code.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mit Kerberos 5
Red Hat