Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2007-5939

The gss_userok function in appl/ftp/ftpd/gss_userok.c in Heimdal 0.7.2 does not allocate memory for the ticketfile pointer before calling free, which allows remote attackers to have an unknown impact via an invalid username. NOTE: the vulnerability was originally reported for ftpd.c, but this is incorrect.

  • Published: Dec 6, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-5939
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 10
  • AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
heimdal / heimdal 0.7.2 0.7.2.x