Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2007-1216

Опубликовано: 06 апр. 2007
Источник: nvd
CVSS2: 9
EPSS Низкий

Описание

Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via a message with an "an invalid direction encoding".

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*
Версия до 1.6.1 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 93%
0.09651
Низкий

9 Critical

CVSS2

Дефекты

CWE-415

Связанные уязвимости

ubuntu логотип

CVE-2007-1216

ubuntu
около 18 лет назад

Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via a message with an "an invalid direction encoding".

redhat логотип

CVE-2007-1216

redhat
около 18 лет назад

Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via a message with an "an invalid direction encoding".

debian логотип

CVE-2007-1216

debian
около 18 лет назад

Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5un ...

github логотип

GHSA-5j9h-62w2-p327

github
около 3 лет назад

Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via a message with an "an invalid direction encoding".

oracle-oval логотип

ELSA-2007-0095

oracle-oval
около 18 лет назад

ELSA-2007-0095: Critical: krb5 security update (CRITICAL)

EPSS

Процентиль: 93%
0.09651
Низкий

9 Critical

CVSS2

Дефекты

CWE-415