|Date: (C)2007-12-05 (M)2017-11-18|| |
Double free vulnerability in the krb5_def_store_mkey function in lib/kdb/kdb_default.c in MIT Kerberos 5 (krb5) 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store this key.
|CVSS Score: 9.0||Access Vector: NETWORK|
|Exploit Score: 8.0||Access Complexity: LOW|
|Impact Score: 10.0||Authentication: SINGLE_INSTANCE|
| ||Confidentiality: COMPLETE|
| ||Integrity: COMPLETE|
| ||Availability: COMPLETE|