Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9
CVSSv2

CVE-2007-5972

Published: 06/12/2007 Updated: 21/01/2020
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
VMScore: 801
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Subscribe to Mit

Vulnerability Summary

Double free vulnerability in the krb5_def_store_mkey function in lib/kdb/kdb_default.c in MIT Kerberos 5 (krb5) 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store this key.

Vulnerable Product Search on Vulmon Subscribe to Product

mit kerberos 5 1.5

Vendor Advisories

Debian CVElist Bug Report Logs: krb5: Venustech AD-LAB CVEs (not serious)
Debian Bug report logs - #454974 krb5: Venustech AD-LAB CVEs (not serious) Package: krb5; Maintainer for krb5 is Sam Hartman <hartmans@debianorg>; Reported by: Nico Golde <nion@debianorg> Date: Sat, 8 Dec 2007 14:24:02 UTC Severity: normal Tags: fixed-upstream, upstream Found in version 117-1 Fixed in version k ...
Ubuntu Security Notice: krb5 vulnerabilities
Unauthenticated remote attackers could cause Kerberos servers to crash, leading to a denial of service ...
Ubuntu Security Notice: krb5 vulnerabilities
Sol Jerome discovered that the Kerberos kadmind service did not correctly free memory An unauthenticated remote attacker could send specially crafted traffic to crash the kadmind process, leading to a denial of service (CVE-2010-0629) ...

References

CWE-119http://bugs.gentoo.org/show_bug.cgi?id=199211http://www.securityfocus.com/bid/26750http://www.novell.com/linux/security/advisories/suse_security_summary_report.htmlhttp://secunia.com/advisories/28636http://seclists.org/fulldisclosure/2007/Dec/0176.htmlhttp://seclists.org/fulldisclosure/2007/Dec/0321.htmlhttps://issues.rpath.com/browse/RPL-2012http://osvdb.org/44747http://ubuntu.com/usn/usn-924-1http://secunia.com/advisories/39290http://www.vupen.com/english/advisories/2010/1192http://secunia.com/advisories/39784http://www.ubuntu.com/usn/USN-940-1https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454974https://nvd.nist.govhttps://usn.ubuntu.com/940-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook