CVE-2007-5471 Information

Description

libgssapi before 0.6-13.7 as used by the ISC BIND named daemon in SUSE Linux Enterprise Server 10 SP 1 terminates upon an initialization error which allows remote attackers to cause a denial of service (daemon exit) via a GSS-TSIG request. NOTE: this issue probably affects other daemons that attempt to initialize this library within a chroot configuration or other invalid configuration.

Reference

http://osvdb.org/40935 http://secunia.com/advisories/27189 http://www.securityfocus.com/bid/26076 https://exchange.xforce.ibmcloud.com/vulnerabilities/37233 https://secure-support.novell.com/KanisaPlatform/Publishing/936/3665923_f.SAL_Public.html