CVE-2007-1216 (retired)

Priority
Description
Double free vulnerability in the GSS-API library
(lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon
(kadmind) in MIT krb5 before 1.6.1, when used with the authentication
method provided by the RPCSEC_GSS RPC library, allows remote authenticated
users to execute arbitrary code and modify the Kerberos key database via a
message with an "an invalid direction encoding".
Package
Source: krb5 (LP Ubuntu Debian)
Upstream:needs-triage
More Information

Updated: 2019-09-19 15:07:27 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)