Executive Summary

Informations
Name CVE-2007-1216 First vendor Publication 2007-04-05
Vendor Cve Last vendor Modification 2021-02-02

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:C/I:C/A:C)
Cvss Base Score 9 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via a message with an "an invalid direction encoding".

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-415 Double Free

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11135
 
Oval ID: oval:org.mitre.oval:def:11135
Title: Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via a message with an "an invalid direction encoding".
Description: Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via a message with an "an invalid direction encoding".
Family: unix Class: vulnerability
Reference(s): CVE-2007-1216
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18864
 
Oval ID: oval:org.mitre.oval:def:18864
Title: DSA-1276-1 krb5 - several vulnerabilities
Description: Several remote vulnerabilities have been discovered in the MIT reference implementation of the Kerberos network authentication protocol suite, which may lead to the execution of arbitrary code.
Family: unix Class: patch
Reference(s): DSA-1276-1
CVE-2007-0956
CVE-2007-0957
CVE-2007-1216
Version: 7
Platform(s): Debian GNU/Linux 4.0
Product(s): krb5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22677
 
Oval ID: oval:org.mitre.oval:def:22677
Title: ELSA-2007:0095: krb5 security update (Critical)
Description: Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via a message with an "an invalid direction encoding".
Family: unix Class: patch
Reference(s): ELSA-2007:0095-01
CVE-2007-0956
CVE-2007-0957
CVE-2007-1216
Version: 17
Platform(s): Oracle Linux 5
Product(s): krb5
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 35
Os 3
Os 2

OpenVAS Exploits

Date Description
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-05-05 Name : HP-UX Update for Kerberos HPSBUX02217
File : nvt/gb_hp_ux_HPSBUX02217.nasl
2009-04-09 Name : Mandriva Update for krb5 MDKSA-2007:077 (krb5)
File : nvt/gb_mandriva_MDKSA_2007_077.nasl
2009-04-09 Name : Mandriva Update for krb5 MDKSA-2007:077-1 (krb5)
File : nvt/gb_mandriva_MDKSA_2007_077_1.nasl
2009-03-23 Name : Ubuntu Update for krb5 vulnerabilities USN-449-1
File : nvt/gb_ubuntu_USN_449_1.nasl
2009-02-27 Name : Fedora Update for krb5 FEDORA-2007-0740
File : nvt/gb_fedora_2007_0740_krb5_fc7.nasl
2009-02-27 Name : Fedora Update for krb5 FEDORA-2007-2017
File : nvt/gb_fedora_2007_2017_krb5_fc7.nasl
2009-02-27 Name : Fedora Update for krb5 FEDORA-2007-2066
File : nvt/gb_fedora_2007_2066_krb5_fc7.nasl
2009-02-27 Name : Fedora Update for krb5 FEDORA-2007-408
File : nvt/gb_fedora_2007_408_krb5_fc6.nasl
2009-02-27 Name : Fedora Update for krb5 FEDORA-2007-409
File : nvt/gb_fedora_2007_409_krb5_fc5.nasl
2009-02-27 Name : Fedora Update for krb5 FEDORA-2007-620
File : nvt/gb_fedora_2007_620_krb5_fc5.nasl
2009-02-16 Name : Fedora Update for krb5 FEDORA-2008-2637
File : nvt/gb_fedora_2008_2637_krb5_fc7.nasl
2009-01-28 Name : SuSE Update for krb5 SUSE-SA:2007:025
File : nvt/gb_suse_2007_025.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200704-02 (mit-krb5)
File : nvt/glsa_200704_02.nasl
2008-01-17 Name : Debian Security Advisory DSA 1276-1 (krb5)
File : nvt/deb_1276_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
34105 MIT Kerberos 5 kadmind GSS-API Library Remote Key Database Manipulation

Nessus® Vulnerability Scanner

Date Description
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2007-0095.nasl - Type : ACT_GATHER_INFO
2007-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_krb5-3046.nasl - Type : ACT_GATHER_INFO
2007-11-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-449-1.nasl - Type : ACT_GATHER_INFO
2007-10-17 Name : The remote openSUSE host is missing a security update.
File : suse_krb5-3045.nasl - Type : ACT_GATHER_INFO
2007-09-25 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHSS_34991.nasl - Type : ACT_GATHER_INFO
2007-09-25 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHSS_36286.nasl - Type : ACT_GATHER_INFO
2007-09-25 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHSS_36361.nasl - Type : ACT_GATHER_INFO
2007-04-21 Name : The remote host is missing a Mac OS X update that fixes a security issue.
File : macosx_SecUpd2007-004.nasl - Type : ACT_GATHER_INFO
2007-04-10 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1276.nasl - Type : ACT_GATHER_INFO
2007-04-05 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2007-0095.nasl - Type : ACT_GATHER_INFO
2007-04-05 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200704-02.nasl - Type : ACT_GATHER_INFO
2007-04-05 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2007-077.nasl - Type : ACT_GATHER_INFO
2007-04-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2007-0095.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
APPLE http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html
BID http://www.securityfocus.com/bid/23282
BUGTRAQ http://www.securityfocus.com/archive/1/464591/100/0/threaded
http://www.securityfocus.com/archive/1/464666/100/0/threaded
http://www.securityfocus.com/archive/1/464814/30/7170/threaded
CERT http://www.us-cert.gov/cas/techalerts/TA07-093B.html
http://www.us-cert.gov/cas/techalerts/TA07-109A.html
CERT-VN http://www.kb.cert.org/vuls/id/419344
CONFIRM http://docs.info.apple.com/article.html?artnum=305391
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-003.txt
DEBIAN http://www.debian.org/security/2007/dsa-1276
GENTOO http://security.gentoo.org/glsa/glsa-200704-02.xml
HP http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=...
MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:077
OVAL https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
REDHAT http://www.redhat.com/support/errata/RHSA-2007-0095.html
SECTRACK http://www.securitytracker.com/id?1017852
SECUNIA http://secunia.com/advisories/24706
http://secunia.com/advisories/24735
http://secunia.com/advisories/24736
http://secunia.com/advisories/24740
http://secunia.com/advisories/24750
http://secunia.com/advisories/24757
http://secunia.com/advisories/24785
http://secunia.com/advisories/24786
http://secunia.com/advisories/24817
http://secunia.com/advisories/24966
http://secunia.com/advisories/25388
SGI ftp://patches.sgi.com/support/free/security/advisories/20070401-01-P.asc
SUSE http://lists.suse.com/archive/suse-security-announce/2007-Apr/0001.html
UBUNTU http://www.ubuntu.com/usn/usn-449-1
VUPEN http://www.vupen.com/english/advisories/2007/1218
http://www.vupen.com/english/advisories/2007/1470
http://www.vupen.com/english/advisories/2007/1916
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/33413

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
Date Informations
2021-02-02 21:23:17
  • Multiple Updates
2020-05-23 01:37:54
  • Multiple Updates
2020-05-23 00:19:22
  • Multiple Updates
2018-10-16 21:19:51
  • Multiple Updates
2018-09-25 12:06:29
  • Multiple Updates
2017-10-11 09:23:52
  • Multiple Updates
2017-07-29 12:02:04
  • Multiple Updates
2016-04-26 15:49:34
  • Multiple Updates
2014-02-17 10:39:18
  • Multiple Updates
2013-05-11 10:20:03
  • Multiple Updates