1. CVE-Search
  2. CVE-2007-1216
ID CVE-2007-1216
Summary Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via a message with an "an invalid direction encoding".
References
Vulnerable Configurations
  • MIT Kerberos 5 1.6
    cpe:2.3:a:mit:kerberos:5-1.6
CVSS
Base: 8.5 (as of 09-04-2007 - 12:56)
Impact:
Exploitability:
CWE CWE-119
CAPEC
  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
  • Overflow Binary Resource File
    An attack of this type exploits a buffer overflow vulnerability in the handling of binary resources. Binary resources may include music files like MP3, image files like JPEG files, and any other binary file. These attacks may pass unnoticed to the client machine through normal usage of files, such as a browser loading a seemingly innocent JPEG file. This can allow the attacker access to the execution stack and execute arbitrary code in the target process. This attack pattern is a variant of standard buffer overflow attacks using an unexpected vector (binary files) to wrap its attack and open up a new attack vector. The attacker is required to either directly serve the binary content to the victim, or place it in a locale like a MP3 sharing application, for the victim to download. The attacker then is notified upon the download or otherwise locates the vulnerability opened up by the buffer overflow.
  • Buffer Overflow via Symbolic Links
    This type of attack leverages the use of symbolic links to cause buffer overflows. An attacker can try to create or manipulate a symbolic link file such that its contents result in out of bounds data. When the target software processes the symbolic link file, it could potentially overflow internal buffers with insufficient bounds checking.
  • Overflow Variables and Tags
    This type of attack leverages the use of tags or variables from a formatted configuration data to cause buffer overflow. The attacker crafts a malicious HTML page or configuration file that includes oversized strings, thus causing an overflow.
  • Buffer Overflow via Parameter Expansion
    In this attack, the target software is given input that the attacker knows will be modified and expanded in size during processing. This attack relies on the target software failing to anticipate that the expanded data may exceed some internal limit, thereby creating a buffer overflow.
  • Buffer Overflow in an API Call
    This attack targets libraries or shared code modules which are vulnerable to buffer overflow attacks. An attacker who has access to an API may try to embed malicious code in the API function call and exploit a buffer overflow vulnerability in the function's implementation. All clients that make use of the code library thus become vulnerable by association. This has a very broad effect on security across a system, usually affecting more than one software process.
  • Buffer Overflow in Local Command-Line Utilities
    This attack targets command-line utilities available in a number of shells. An attacker can leverage a vulnerability found in a command-line utility to escalate privilege to root.
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE_INSTANCE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_KRB5-3046.NASL
    description A bug in the function krb5_klog_syslog() leads to a buffer overflow which could be exploited to execute arbitrary code. (CVE-2007-0957) A double-free bug in the GSS-API library could crash kadmind. It's potentially also exploitable to execute arbitrary code. (CVE-2007-1216)
    last seen 2019-02-21
    modified 2013-03-30
    plugin id 29492
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29492
    title SuSE 10 Security Update : Kerberos 5 (ZYPP Patch Number 3046)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_KRB5-3045.NASL
    description A bug in the function krb5_klog_syslog() leads to a buffer overflow which could be exploited to execute arbitrary code (CVE-2007-0957). A double-free bug in the GSS-API library could crash kadmind. It's potentially also exploitable to execute arbitrary code (CVE-2007-1216).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27308
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27308
    title openSUSE 10 Security Update : krb5 (krb5-3045)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2007-004.NASL
    description The remote host is running a version of Mac OS X 10.4 that does not have Security Update 2007-004 applied. This update fixes security flaws in the following applications : AFP Client AirPort CarbonCore diskdev_cmds fetchmail ftpd gnutar Help Viewer HID Family Installer Kerberos Libinfo Login Window network_cmds SMB System Configuration URLMount Video Conference WebDAV
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 25081
    published 2007-04-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25081
    title Mac OS X Multiple Vulnerabilities (Security Update 2007-004)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_36286.NASL
    description s700_800 11.11 KRB5-Client Version 1.0 cumulative patch : A potential security vulnerability has been identified on HP-UX running Kerberos. The vulnerability could be exploited by remote authorized users to execute arbitrary code.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 26152
    published 2007-09-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26152
    title HP-UX PHSS_36286 : HP-UX running Kerberos, Remote Arbitrary Code Execution (HPSBUX02217 SSRT071337 rev.2)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200704-02.NASL
    description The remote host is affected by the vulnerability described in GLSA-200704-02 (MIT Kerberos 5: Arbitrary remote code execution) The Kerberos telnet daemon fails to properly handle usernames allowing unauthorized access to any account (CVE-2007-0956). The Kerberos administration daemon, the KDC and possibly other applications using the MIT Kerberos libraries are vulnerable to the following issues. The krb5_klog_syslog function from the kadm5 library fails to properly validate input leading to a stack overflow (CVE-2007-0957). The GSS-API library is vulnerable to a double-free attack (CVE-2007-1216). Impact : By exploiting the telnet vulnerability a remote attacker may obtain access with root privileges. The remaining vulnerabilities may allow an authenticated remote attacker to execute arbitrary code with root privileges. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 24935
    published 2007-04-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24935
    title GLSA-200704-02 : MIT Kerberos 5: Arbitrary remote code execution
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2007-0095.NASL
    description From Red Hat Security Advisory 2007:0095 : Updated krb5 packages that fix a number of issues are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. A flaw was found in the username handling of the MIT krb5 telnet daemon (telnetd). A remote attacker who can access the telnet port of a target machine could log in as root without requiring a password. (CVE-2007-0956) Note that the krb5 telnet daemon is not enabled by default in any version of Red Hat Enterprise Linux. In addition, the default firewall rules block remote access to the telnet port. This flaw does not affect the telnet daemon distributed in the telnet-server package. For users who have enabled the krb5 telnet daemon and have it accessible remotely, this update should be applied immediately. Whilst we are not aware at this time that the flaw is being actively exploited, we have confirmed that the flaw is very easily exploitable. This update also fixes two additional security issues : Buffer overflows were found which affect the Kerberos KDC and the kadmin server daemon. A remote attacker who can access the KDC could exploit this bug to run arbitrary code with the privileges of the KDC or kadmin server processes. (CVE-2007-0957) A double-free flaw was found in the GSSAPI library used by the kadmin server daemon. Red Hat Enterprise Linux 4 and 5 contain checks within glibc that detect double-free flaws. Therefore, on Red Hat Enterprise Linux 4 and 5 successful exploitation of this issue can only lead to a denial of service. Applications which use this library in earlier releases of Red Hat Enterprise Linux may also be affected. (CVE-2007-1216) All users are advised to update to these erratum packages which contain a backported fix to correct these issues. Red Hat would like to thank MIT and iDefense for reporting these vulnerabilities.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67458
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67458
    title Oracle Linux 3 / 4 / 5 : krb5 (ELSA-2007-0095)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-0095.NASL
    description Updated krb5 packages that fix a number of issues are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. A flaw was found in the username handling of the MIT krb5 telnet daemon (telnetd). A remote attacker who can access the telnet port of a target machine could log in as root without requiring a password. (CVE-2007-0956) Note that the krb5 telnet daemon is not enabled by default in any version of Red Hat Enterprise Linux. In addition, the default firewall rules block remote access to the telnet port. This flaw does not affect the telnet daemon distributed in the telnet-server package. For users who have enabled the krb5 telnet daemon and have it accessible remotely, this update should be applied immediately. Whilst we are not aware at this time that the flaw is being actively exploited, we have confirmed that the flaw is very easily exploitable. This update also fixes two additional security issues : Buffer overflows were found which affect the Kerberos KDC and the kadmin server daemon. A remote attacker who can access the KDC could exploit this bug to run arbitrary code with the privileges of the KDC or kadmin server processes. (CVE-2007-0957) A double-free flaw was found in the GSSAPI library used by the kadmin server daemon. Red Hat Enterprise Linux 4 and 5 contain checks within glibc that detect double-free flaws. Therefore, on Red Hat Enterprise Linux 4 and 5 successful exploitation of this issue can only lead to a denial of service. Applications which use this library in earlier releases of Red Hat Enterprise Linux may also be affected. (CVE-2007-1216) All users are advised to update to these erratum packages which contain a backported fix to correct these issues. Red Hat would like to thank MIT and iDefense for reporting these vulnerabilities.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 24948
    published 2007-04-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24948
    title RHEL 2.1 / 3 / 4 / 5 : krb5 (RHSA-2007:0095)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_36361.NASL
    description s700_800 11.31 KRB5-Client Version 1.3.5.03 Cumulative patch : A potential security vulnerability has been identified on HP-UX running Kerberos. The vulnerability could be exploited by remote authorized users to execute arbitrary code.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 26153
    published 2007-09-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26153
    title HP-UX PHSS_36361 : HP-UX running Kerberos, Remote Arbitrary Code Execution (HPSBUX02217 SSRT071337 rev.2)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1276.NASL
    description Several remote vulnerabilities have been discovered in the MIT reference implementation of the Kerberos network authentication protocol suite, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-0956 It was discovered that the krb5 telnet daemon performs insufficient validation of usernames, which might allow unauthorized logins or privilege escalation. - CVE-2007-0957 iDefense discovered that a buffer overflow in the logging code of the KDC and the administration daemon might lead to arbitrary code execution. - CVE-2007-1216 It was discovered that a double free in the RPCSEC_GSS part of the GSS library code might lead to arbitrary code execution.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 25010
    published 2007-04-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25010
    title Debian DSA-1276-1 : krb5 - several vulnerabilities
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-449-1.NASL
    description The krb5 telnet service did not appropriately verify user names. A remote attacker could log in as the root user by requesting a specially crafted user name. (CVE-2007-0956) The krb5 syslog library did not correctly verify the size of log messages. A remote attacker could send a specially crafted message and execute arbitrary code with root privileges. (CVE-2007-0957) The krb5 administration service was vulnerable to a double-free in the GSS RPC library. A remote attacker could send a specially crafted request and execute arbitrary code with root privileges. (CVE-2007-1216). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 28046
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=28046
    title Ubuntu 5.10 / 6.06 LTS / 6.10 : krb5 vulnerabilities (USN-449-1)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2007-077.NASL
    description A vulnerability was found in the username handling of the MIT krb5 telnet daemon. A remote attacker that could access the telnet port of a target machine could login as root without requiring a password (CVE-2007-0956). Buffer overflows in the kadmin server daemon were discovered that could be exploited by a remote attacker able to access the KDC. Successful exploitation could allow for the execution of arbitrary code with the privileges of the KDC or kadmin server processes (CVE-2007-0957). Finally, a double-free flaw was discovered in the GSSAPI library used by the kadmin server daemon, which could lead to a denial of service condition or the execution of arbitrary code with the privileges of the KDC or kadmin server processes (CVE-2007-1216). Updated packages have been patched to address this issue. Update : Packages for Mandriva Linux 2007.1 are now available.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 24943
    published 2007-04-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24943
    title Mandrake Linux Security Advisory : krb5 (MDKSA-2007:077-1)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2007-0095.NASL
    description Updated krb5 packages that fix a number of issues are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. A flaw was found in the username handling of the MIT krb5 telnet daemon (telnetd). A remote attacker who can access the telnet port of a target machine could log in as root without requiring a password. (CVE-2007-0956) Note that the krb5 telnet daemon is not enabled by default in any version of Red Hat Enterprise Linux. In addition, the default firewall rules block remote access to the telnet port. This flaw does not affect the telnet daemon distributed in the telnet-server package. For users who have enabled the krb5 telnet daemon and have it accessible remotely, this update should be applied immediately. Whilst we are not aware at this time that the flaw is being actively exploited, we have confirmed that the flaw is very easily exploitable. This update also fixes two additional security issues : Buffer overflows were found which affect the Kerberos KDC and the kadmin server daemon. A remote attacker who can access the KDC could exploit this bug to run arbitrary code with the privileges of the KDC or kadmin server processes. (CVE-2007-0957) A double-free flaw was found in the GSSAPI library used by the kadmin server daemon. Red Hat Enterprise Linux 4 and 5 contain checks within glibc that detect double-free flaws. Therefore, on Red Hat Enterprise Linux 4 and 5 successful exploitation of this issue can only lead to a denial of service. Applications which use this library in earlier releases of Red Hat Enterprise Linux may also be affected. (CVE-2007-1216) All users are advised to update to these erratum packages which contain a backported fix to correct these issues. Red Hat would like to thank MIT and iDefense for reporting these vulnerabilities.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 24919
    published 2007-04-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24919
    title CentOS 3 / 4 : krb5 (CESA-2007:0095)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_34991.NASL
    description s700_800 11.23 KRB5-Client Version 1.0 Cumulative patch : A potential security vulnerability has been identified on HP-UX running Kerberos. The vulnerability could be exploited by remote authorized users to execute arbitrary code.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 26144
    published 2007-09-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26144
    title HP-UX PHSS_34991 : HP-UX running Kerberos, Remote Arbitrary Code Execution (HPSBUX02217 SSRT071337 rev.2)
oval via4
accepted 2013-04-29T04:11:45.539-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via a message with an "an invalid direction encoding".
family unix
id oval:org.mitre.oval:def:11135
status accepted
submitted 2010-07-09T03:56:16-04:00
title Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via a message with an "an invalid direction encoding".
version 24
redhat via4
advisories
bugzilla
id 231537
title CVE-2007-1216 krb5 double free flaw
oval
OR
  • AND
    • comment Red Hat Enterprise Linux 3 is installed
      oval oval:com.redhat.rhsa:tst:20060015001
    • OR
      • AND
        • comment krb5-devel is earlier than 0:1.2.7-61
          oval oval:com.redhat.rhsa:tst:20070095006
        • comment krb5-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070095007
      • AND
        • comment krb5-libs is earlier than 0:1.2.7-61
          oval oval:com.redhat.rhsa:tst:20070095002
        • comment krb5-libs is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070095003
      • AND
        • comment krb5-server is earlier than 0:1.2.7-61
          oval oval:com.redhat.rhsa:tst:20070095008
        • comment krb5-server is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070095009
      • AND
        • comment krb5-workstation is earlier than 0:1.2.7-61
          oval oval:com.redhat.rhsa:tst:20070095004
        • comment krb5-workstation is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070095005
  • AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhsa:tst:20060016001
    • OR
      • AND
        • comment krb5-devel is earlier than 0:1.3.4-46
          oval oval:com.redhat.rhsa:tst:20070095011
        • comment krb5-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070095007
      • AND
        • comment krb5-libs is earlier than 0:1.3.4-46
          oval oval:com.redhat.rhsa:tst:20070095012
        • comment krb5-libs is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070095003
      • AND
        • comment krb5-server is earlier than 0:1.3.4-46
          oval oval:com.redhat.rhsa:tst:20070095014
        • comment krb5-server is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070095009
      • AND
        • comment krb5-workstation is earlier than 0:1.3.4-46
          oval oval:com.redhat.rhsa:tst:20070095013
        • comment krb5-workstation is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070095005
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment krb5-devel is earlier than 0:1.5-23
          oval oval:com.redhat.rhsa:tst:20070095020
        • comment krb5-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070095021
      • AND
        • comment krb5-libs is earlier than 0:1.5-23
          oval oval:com.redhat.rhsa:tst:20070095018
        • comment krb5-libs is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070095019
      • AND
        • comment krb5-server is earlier than 0:1.5-23
          oval oval:com.redhat.rhsa:tst:20070095022
        • comment krb5-server is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070095023
      • AND
        • comment krb5-workstation is earlier than 0:1.5-23
          oval oval:com.redhat.rhsa:tst:20070095016
        • comment krb5-workstation is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070095017
rhsa
id RHSA-2007:0095
released 2007-04-03
severity Critical
title RHSA-2007:0095: krb5 security update (Critical)
rpms
  • krb5-devel-0:1.2.7-61
  • krb5-libs-0:1.2.7-61
  • krb5-server-0:1.2.7-61
  • krb5-workstation-0:1.2.7-61
  • krb5-devel-0:1.3.4-46
  • krb5-libs-0:1.3.4-46
  • krb5-server-0:1.3.4-46
  • krb5-workstation-0:1.3.4-46
  • krb5-devel-0:1.5-23
  • krb5-libs-0:1.5-23
  • krb5-server-0:1.5-23
  • krb5-workstation-0:1.5-23
refmap via4
apple APPLE-SA-2007-04-19
bid 23282
bugtraq
  • 20070403 MITKRB5-SA-2007-003: double-free vulnerability in kadmind (via GSS-API library) [CVE-2007-1216]
  • 20070404 rPSA-2007-0063-1 krb5 krb5-server krb5-services krb5-test krb5-workstation
  • 20070405 FLEA-2007-0008-1: krb5
cert
  • TA07-093B
  • TA07-109A
cert-vn VU#419344
confirm
debian DSA-1276
gentoo GLSA-200704-02
hp
  • HPSBUX02217
  • SSRT071337
mandriva MDKSA-2007:077
sectrack 1017852
secunia
  • 24706
  • 24735
  • 24736
  • 24740
  • 24750
  • 24757
  • 24785
  • 24786
  • 24817
  • 24966
  • 25388
sgi 20070401-01-P
suse SUSE-SA:2007:025
ubuntu USN-449-1
vupen
  • ADV-2007-1218
  • ADV-2007-1470
  • ADV-2007-1916
xf kerberos-kadmind-code-execution(33413)
Last major update 07-03-2011 - 21:51
Published 05-04-2007 - 21:19
Last modified 16-10-2018 - 12:37
Back to Top