Max CVSS 10.0 Min CVSS 6.9 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2007-5894 9.3
The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 (krb5) does not initialize the length variable when auth_type has a certain value, which has unknown impact and remote authenticated attack vectors. NOTE: the original disclosure misi
07-08-2024 - 16:15 06-12-2007 - 02:46
CVE-2007-5972 9.0
Double free vulnerability in the krb5_def_store_mkey function in lib/kdb/kdb_default.c in MIT Kerberos 5 (krb5) 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master ke
21-01-2020 - 15:45 06-12-2007 - 02:46
CVE-2007-5902 10.0
Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote attackers to have an unknown impact via a large length value for a GSS client name in an RPC request.
21-01-2020 - 15:44 06-12-2007 - 02:46
CVE-2007-5971 6.9
Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. Information from Apple: http://docs.info.apple.com/article.html?artnum=307562
15-10-2018 - 21:48 06-12-2007 - 02:46
CVE-2007-5901 6.9
Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code. Information from Apple
29-09-2017 - 01:29 06-12-2007 - 02:46
Back to Top Mark selected
Back to Top