Heimdal : Security Vulnerabilities, CVEs, (Overflow)
The gss_userok function in appl/ftp/ftpd/gss_userok.c in Heimdal 0.7.2 does not allocate memory for the ticketfile pointer before calling free, which allows remote attackers to have an unknown impact via an invalid username. NOTE: the vulnerability was originally reported for ftpd.c, but this is incorrect.
Max CVSS
10.0
EPSS Score
1.64%
Published
2007-12-06
Updated
2008-11-15
1 vulnerabilities found