Lucene search

K
cvelistMitreCVELIST:CVE-2007-5939
HistoryDec 06, 2007 - 3:00 p.m.

CVE-2007-5939

2007-12-0615:00:00
mitre
www.cve.org

6.5 Medium

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.4%

The gss_userok function in appl/ftp/ftpd/gss_userok.c in Heimdal 0.7.2 does not allocate memory for the ticketfile pointer before calling free, which allows remote attackers to have an unknown impact via an invalid username. NOTE: the vulnerability was originally reported for ftpd.c, but this is incorrect.

6.5 Medium

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.4%