CVE - CVE-2007-5971

CVE-ID
CVE-2007-5971	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
APPLE:APPLE-SA-2008-03-18 URL:http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html BID:26750 URL:http://www.securityfocus.com/bid/26750 BUGTRAQ:20080319 rPSA-2008-0112-1 krb5 krb5-server krb5-services krb5-test krb5-workstation URL:http://www.securityfocus.com/archive/1/489883/100/0/threaded CONFIRM:http://docs.info.apple.com/article.html?artnum=307562 CONFIRM:http://wiki.rpath.com/Advisories:rPSA-2008-0112 CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112 CONFIRM:https://issues.rpath.com/browse/RPL-2012 FEDORA:FEDORA-2008-2637 URL:https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00537.html FEDORA:FEDORA-2008-2647 URL:https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00544.html FULLDISC:20071208 MIT Kerberos 5: Multiple vulnerabilities URL:http://seclists.org/fulldisclosure/2007/Dec/0176.html FULLDISC:20071208 Venustech reports of MIT krb5 vulns [CVE-2007-5894 CVE-2007-5901 CVE-2007-5902 CVE-2007-5971 CVE-2007-5972] URL:http://seclists.org/fulldisclosure/2007/Dec/0321.html GENTOO:GLSA-200803-31 URL:http://security.gentoo.org/glsa/glsa-200803-31.xml MANDRIVA:MDVSA-2008:069 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2008:069~~ (Obsolete source) MANDRIVA:MDVSA-2008:070 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2008:070~~ (Obsolete source) MISC:http://bugs.gentoo.org/show_bug.cgi?id=199212 OSVDB:43345 URL:~~http://osvdb.org/43345~~ (Obsolete source) OVAL:oval:org.mitre.oval:def:10296 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10296 REDHAT:RHSA-2008:0164 URL:http://www.redhat.com/support/errata/RHSA-2008-0164.html REDHAT:RHSA-2008:0180 URL:http://www.redhat.com/support/errata/RHSA-2008-0180.html SECUNIA:28636 URL:http://secunia.com/advisories/28636 SECUNIA:29420 URL:http://secunia.com/advisories/29420 SECUNIA:29450 URL:http://secunia.com/advisories/29450 SECUNIA:29451 URL:http://secunia.com/advisories/29451 SECUNIA:29457 URL:http://secunia.com/advisories/29457 SECUNIA:29462 URL:http://secunia.com/advisories/29462 SECUNIA:29464 URL:http://secunia.com/advisories/29464 SECUNIA:29516 URL:http://secunia.com/advisories/29516 SECUNIA:39290 URL:http://secunia.com/advisories/39290 SECUNIA:39784 URL:http://secunia.com/advisories/39784 SUSE:SUSE-SR:2008:002 URL:http://www.novell.com/linux/security/advisories/suse_security_summary_report.html UBUNTU:USN-924-1 URL:http://ubuntu.com/usn/usn-924-1 UBUNTU:USN-940-1 URL:http://www.ubuntu.com/usn/USN-940-1 VUPEN:ADV-2008-0924 URL:~~http://www.vupen.com/english/advisories/2008/0924/references~~ (Obsolete source) VUPEN:ADV-2010-1192 URL:~~http://www.vupen.com/english/advisories/2010/1192~~ (Obsolete source)
Assigning CNA
MITRE Corporation
Date Record Created
20071114	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20071114)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)