CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-5972

Double free vulnerability in the krb5_def_store_mkey function in lib/kdb/kdb_default.c in MIT Kerberos 5 (krb5) 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store this key.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.017

EPSS Ranking 81.4%

CVSS Severity

CVSS v2 Score 9.0

References

http://bugs.gentoo.org/show_bug.cgi?id=199211
http://osvdb.org/44747
http://seclists.org/fulldisclosure/2007/Dec/0176.html
http://seclists.org/fulldisclosure/2007/Dec/0321.html
http://secunia.com/advisories/28636
http://secunia.com/advisories/39290
http://secunia.com/advisories/39784
http://ubuntu.com/usn/usn-924-1
http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
http://www.securityfocus.com/bid/26750
http://www.ubuntu.com/usn/USN-940-1
http://www.vupen.com/english/advisories/2010/1192
https://issues.rpath.com/browse/RPL-2012
http://bugs.gentoo.org/show_bug.cgi?id=199211
http://osvdb.org/44747
http://seclists.org/fulldisclosure/2007/Dec/0176.html
http://seclists.org/fulldisclosure/2007/Dec/0321.html
http://secunia.com/advisories/28636
http://secunia.com/advisories/39290
http://secunia.com/advisories/39784
http://ubuntu.com/usn/usn-924-1
http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
http://www.securityfocus.com/bid/26750
http://www.ubuntu.com/usn/USN-940-1
http://www.vupen.com/english/advisories/2010/1192
https://issues.rpath.com/browse/RPL-2012

Products affected by CVE-2007-5972

Mit » Kerberos 5 » Version: 1.5

cpe:2.3:a:mit:kerberos_5:1.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-5972

Products

Pricing

Contact Us