CVE-2007-5471 Common Vulnerabilities and Exposures

Upstream information

CVE-2007-5471 at MITRE

Description

libgssapi before 0.6-13.7, as used by the ISC BIND named daemon in SUSE Linux Enterprise Server 10 SP 1, terminates upon an initialization error, which allows remote attackers to cause a denial of service (daemon exit) via a GSS-TSIG request. NOTE: this issue probably affects other daemons that attempt to initialize this library within a chroot configuration or other invalid configuration.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having important severity.

CVSS v2 Scores
	National Vulnerability Database
Base Score	7.8
Vector	AV:N/AC:L/Au:N/C:N/I:N/A:C
Access Vector	Network
Access Complexity	Low
Authentication	None
Confidentiality Impact	None
Integrity Impact	None
Availability Impact	Complete

SUSE Bugzilla entry: 290327 [RESOLVED / FIXED]

SUSE Security Advisories:

TID3665923, published Mo 24. Nov 17:13:25 CET 2014

SUSE Timeline for this CVE

CVE page created: Tue Jul 9 16:21:30 2013
CVE page last modified: Fri Oct 7 12:45:38 2022