CVE-2007-2442

Priority
Description
The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5
(krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary
code via a zero-length RPC credential, which causes kadmind to free an
uninitialized pointer during cleanup.
Notes
Package
Source: krb5 (LP Ubuntu Debian)
Upstream:needs-triage
More Information

Updated: 2020-09-10 00:05:45 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)