8.3

CVE-2007-2443

Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MitKerberos 5 Version <= 1.6.1
DebianDebian Linux Version3.1
DebianDebian Linux Version4.0
CanonicalUbuntu Linux Version6.06
CanonicalUbuntu Linux Version6.10
CanonicalUbuntu Linux Version7.04
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.48% 0.876
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.3 6.5 10
AV:A/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
Broken Link
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
Third Party Advisory
http://secunia.com/advisories/25894
Third Party Advisory
http://secunia.com/advisories/26909
Third Party Advisory
http://secunia.com/advisories/27706
Third Party Advisory
http://www.vupen.com/english/advisories/2007/3229
Third Party Advisory
http://docs.info.apple.com/article.html?artnum=306172
Broken Link
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/26235
Third Party Advisory
http://www.securityfocus.com/bid/25159
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2007/2732
Third Party Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427
Broken Link
http://secunia.com/advisories/25800
Third Party Advisory
http://secunia.com/advisories/25801
Third Party Advisory
http://secunia.com/advisories/25814
Third Party Advisory
http://secunia.com/advisories/25821
Third Party Advisory
http://secunia.com/advisories/25870
Third Party Advisory
http://secunia.com/advisories/25888
Third Party Advisory
http://secunia.com/advisories/25890
Third Party Advisory
http://secunia.com/advisories/25911
Third Party Advisory
http://secunia.com/advisories/26033
Third Party Advisory
http://secunia.com/advisories/26228
Third Party Advisory
http://secunia.com/advisories/40346
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200707-11.xml
Third Party Advisory
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt
Patch
Vendor Advisory
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt
Patch
Vendor Advisory
http://www.debian.org/security/2007/dsa-1323
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:137
Third Party Advisory
http://www.novell.com/linux/security/advisories/2007_38_krb5.html
Broken Link
http://www.redhat.com/support/errata/RHSA-2007-0384.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0562.html
Third Party Advisory
http://www.securityfocus.com/archive/1/472288/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/472432/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/472507/30/5970/threaded
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1018293
Third Party Advisory
VDB Entry
http://www.trustix.org/errata/2007/0021/
Broken Link
http://www.ubuntu.com/usn/usn-477-1
Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA07-177A.html
Patch
Third Party Advisory
US Government Resource
http://www.vupen.com/english/advisories/2007/2337
Third Party Advisory
http://www.vupen.com/english/advisories/2007/2491
Third Party Advisory
http://www.vupen.com/english/advisories/2010/1574
Third Party Advisory
https://issues.rpath.com/browse/RPL-1499
Broken Link
https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html
Broken Link
http://osvdb.org/36597
Broken Link
http://www.kb.cert.org/vuls/id/365313
Patch
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/24657
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/35085
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11277
Third Party Advisory
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7131
Third Party Advisory
Broken Link