CVE-2007-5972
Publication date 5 December 2007
Last updated 24 July 2024
Ubuntu priority
Double free vulnerability in the krb5_def_store_mkey function in lib/kdb/kdb_default.c in MIT Kerberos 5 (krb5) 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store this key.
Status
Package | Ubuntu Release | Status |
---|---|---|
krb5 | 10.04 LTS lucid |
Not affected
|
9.10 karmic |
Not affected
|
|
9.04 jaunty |
Not affected
|
|
8.10 intrepid |
Not affected
|
|
8.04 LTS hardy |
Fixed 1.6.dfsg.3~beta1-2ubuntu1.4
|
|
7.10 gutsy | Ignored end of life, was needed | |
7.04 feisty | Ignored end of life, was needed | |
6.10 edgy | Ignored end of life, was needed | |
6.06 LTS dapper |
Fixed 1.4.3-5ubuntu0.11
|
Notes
Patch details
Package | Patch details |
---|---|
krb5 |