CVE-2007-1216

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 06-04-2007 03:19

Last modified: - 19-10-2022 04:59

Total changes: - 3

Description

Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via a message with an "an invalid direction encoding".

Common Vulnerability Scoring System (CVSS)

AV:N/AC:L/Au:S/C:C/I:C/A:C

Low

Attack complexity

Network

Attack vector

High

Availability

High

Confidentiality

High

Integrity

Privileges required

Scope

User interaction

9.0

Base score

8.0

10.0

Exploitability score

Impact score

Verification logic

Reference

http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-003.txt
DSA-1276-Third Party Advisory
RHSA-2007:0095-Third Party Advisory
USN-449-1-Third Party Advisory
VU#419344-Third Party Advisory, US Government Resource
24706-Third Party Advisory
24736-Third Party Advisory
24757-Third Party Advisory
GLSA-200704-02-Third Party Advisory
20070401-01-P-Broken Link
SUSE-SA:2007:025-Broken Link
23282-Third Party Advisory, VDB Entry
1017852-Third Party Advisory, VDB Entry
24740-Third Party Advisory
24750-Third Party Advisory
24785-Third Party Advisory
24786-Third Party Advisory
24817-Third Party Advisory
24735-Third Party Advisory
http://docs.info.apple.com/article.html?artnum=305391
APPLE-SA-2007-04-19-Mailing List, Third Party Advisory
24966-Third Party Advisory
MDKSA-2007:077-Third Party Advisory
TA07-093B-Third Party Advisory, US Government Resource
TA07-109A-Third Party Advisory, US Government Resource
25388-Third Party Advisory
ADV-2007-1218-Third Party Advisory
ADV-2007-1916-Third Party Advisory
ADV-2007-1470-Third Party Advisory
HPSBUX02217-Broken Link
kerberos-kadmind-code-execution(33413)-Third Party Advisory, VDB Entry
oval:org.mitre.oval:def:11135-Broken Link, Third Party Advisory
20070405 FLEA-2007-0008-1: krb5-Third Party Advisory, VDB Entry
20070404 rPSA-2007-0063-1 krb5 krb5-server krb5-services krb5-test krb5-workstation-Third Party Advisory, VDB Entry
20070403 MITKRB5-SA-2007-003: double-free vulnerability in kadmind (via GSS-API library) [CVE-2007-1216]-Third Party Advisory, VDB Entry

Keywords

CVE-2007-1216

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2007-1216

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures