cve/2007/CVE-2007-2442.md

### [CVE-2007-2442](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2442)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup.

### POC

#### Reference
- http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt
- http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt
- http://www.kb.cert.org/vuls/id/356961

#### Github
No PoCs found on GitHub currently.