CVEs-PoC/2007/CVE-2007-2442.md

CVE-2007-2442

Description

The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup.

POC

Reference

• http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt
• http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt
• http://www.kb.cert.org/vuls/id/356961

Github

• https://github.com/Minakshi1030/Network-Penetration-Testing-