Back to search
CVE-2007-5972
Published: Dec 6, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Double free vulnerability in the krb5_def_store_mkey function in lib/kdb/kdb_default.c in MIT Kerberos 5 (krb5) 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store this key.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
39784
third-party-advisory
x_refsource_SECUNIA
USN-940-1
vendor-advisory
x_refsource_UBUNTU
SUSE-SR:2008:002
vendor-advisory
x_refsource_SUSE
26750
vdb-entry
x_refsource_BID
20071208 Venustech reports of MIT krb5 vulns [CVE-2007-5894 CVE-2007-5901 CVE-2007-5902 CVE-2007-5971 CVE-2007-5972]
mailing-list
x_refsource_FULLDISC
ADV-2010-1192
vdb-entry
x_refsource_VUPEN
44747
vdb-entry
x_refsource_OSVDB
20071208 MIT Kerberos 5: Multiple vulnerabilities
mailing-list
x_refsource_FULLDISC
39290
third-party-advisory
x_refsource_SECUNIA
USN-924-1
vendor-advisory
x_refsource_UBUNTU
28636
third-party-advisory
x_refsource_SECUNIA
http://bugs.gentoo.org/show_bug.cgi?id=199211
x_refsource_MISC
https://issues.rpath.com/browse/RPL-2012
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now