Skip to navigation

CVE Database

CVE-2007-2442

Impact: Important
Public: 2007-06-26
Bugzilla: 245547: CVE-2007-2442 krb5 RPC library unitialized pointer free

Details

The MITRE CVE dictionary describes this issue as:

The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup.

Find out more about CVE-2007-2442 from the MITRE CVE dictionary and NIST NVD.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux version 2.1 (krb5) RHSA-2007:0384 June 26, 2007
Red Hat Enterprise Linux version 3 (krb5) RHSA-2007:0384 June 26, 2007
Red Hat Enterprise Linux version 4 (krb5) RHSA-2007:0562 June 26, 2007
Red Hat Enterprise Linux version 5 (krb5) RHSA-2007:0562 June 26, 2007

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.