CVE-2007-5901 in Ubuntu

CVE-2007-5901

Priority

Description

Use-after-free vulnerability in the gss_indicate_mechs function in
lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown
impact and attack vectors. NOTE: this might be the result of a typo in the
source code.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901
https://usn.ubuntu.com/usn/usn-924-1

Notes

kees	upstream did not publish a security update for this issue

Package

Source: krb5 (LP Ubuntu Debian)

Upstream:

released

Patches:

Upstream:

http://src.mit.edu/fisheye/browse/krb5/trunk/src/lib/gssapi/mechglue/g_initialize.c?r1=19831&r2=20178

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2020-03-18 21:57:28 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)