Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors.
Debian Bug report logs -
#454974
krb5: Venustech AD-LAB CVEs (not serious)
Package:
krb5;
Maintainer for krb5 is Sam Hartman <hartmans@debianorg>;
Reported by: Nico Golde <nion@debianorg>
Date: Sat, 8 Dec 2007 14:24:02 UTC
Severity: normal
Tags: fixed-upstream, upstream
Found in version 117-1
Fixed in version k ...
Sol Jerome discovered that the Kerberos kadmind service did not correctly
free memory An unauthenticated remote attacker could send specially
crafted traffic to crash the kadmind process, leading to a denial of
service (CVE-2010-0629) ...