NVD

Id
57964  
Name
CVE-2007-5939  
Description
The gss_userok function in appl/ftp/ftpd/gss_userok.c in Heimdal 0.7.2 does not allocate memory for the ticketfile pointer before calling free, which allows remote attackers to have an unknown impact via an invalid username. NOTE: the vulnerability was originally reported for ftpd.c, but this is incorrect.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2007-12-06  
Modified Date
2008-11-15  
Seq
2007-5939  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
296775 57964 CVE-2007-5939 http://bugs.gentoo.org/show_bug.cgi?id=199207  View
296776 57964 CVE-2007-5939 20071207 Heimdal ftpd uninitialized vulnerability  View
296777 57964 CVE-2007-5939 1019057  View
296778 57964 CVE-2007-5939 MDKSA-2007:239  View
296779 57964 CVE-2007-5939 26758  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
55933 JVNDB-2007-004625 Heimdal の gss_userok 関数における脆弱性 Heimdal の appl/ftp/ftpd/gss_userok.c の gss_userok 関数は、解放コールする前に ticketfile ポインタにメモリを割り当てないため、不特定の影響を受ける脆弱性が存在します。 CVE-2007-5939 29294 CVE-2007-5939 57964 10 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-004625.html 2007-12-06 2012-09-25 View