VYPR
Unrated severityNVD Advisory· Published Dec 6, 2007· Updated Jun 16, 2026

CVE-2007-5939

CVE-2007-5939

Description

The gss_userok function in appl/ftp/ftpd/gss_userok.c in Heimdal 0.7.2 does not allocate memory for the ticketfile pointer before calling free, which allows remote attackers to have an unknown impact via an invalid username. NOTE: the vulnerability was originally reported for ftpd.c, but this is incorrect.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Heimdal/Heimdal2 versions
    cpe:2.3:a:heimdal:heimdal:0.7.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:heimdal:heimdal:0.7.2:*:*:*:*:*:*:*
    • (no CPE)range: =0.7.2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.