CyberSec.Space Logo
Back to CVE Browser

CVE-2007-5471

HIGH
7.8
CVSS Severity Score
EPSS Score0.1260%
EPSS Percentile3.33th
PublishedOct 16, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

libgssapi before 0.6-13.7, as used by the ISC BIND named daemon in SUSE Linux Enterprise Server 10 SP 1, terminates upon an initialization error, which allows remote attackers to cause a denial of service (daemon exit) via a GSS-TSIG request. NOTE: this issue probably affects other daemons that attempt to initialize this library within a chroot configuration or other invalid configuration.

Affected Platforms (CPE)

πŸ’»
Suse

Suse Linux

= 10

References & Advisories

πŸ”— http://osvdb.org/40935
πŸ”— http://secunia.com/advisories/27189
πŸ”— http://www.securityfocus.com/bid/26076
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/37233
πŸ”— https://secure-support.novell.com/KanisaPlatform/Publishing/936/3665923_f.SAL_Public.html
πŸ”— http://osvdb.org/40935
πŸ”— http://secunia.com/advisories/27189
πŸ”— http://www.securityfocus.com/bid/26076

Related Vulnerabilities

CVE-2000-080010.0

String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attack...

CVE-2000-104410.0

Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and possibly other Linux operating systems, allows an attacker to gain ...

CVE-2000-023310.0

SuSE Linux IMAP server allows remote attackers to bypass IMAP authentication and gain privileges.

CVE-2004-200410.0

The Live CD in SUSE LINUX 9.1 Personal edition is configured without a password for root, which allows remote attackers to gain pr...