9

CVE-2007-2798

Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MitKerberos 5 Version <= 1.6.1
CanonicalUbuntu Linux Version6.06
CanonicalUbuntu Linux Version6.10
CanonicalUbuntu Linux Version7.04
DebianDebian Linux Version3.1
DebianDebian Linux Version4.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 7.52% 0.937
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9 8 10
AV:N/AC:L/Au:S/C:C/I:C/A:C
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
Broken Link
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
Third Party Advisory
http://secunia.com/advisories/25894
Third Party Advisory
http://secunia.com/advisories/26909
Third Party Advisory
http://secunia.com/advisories/27706
Third Party Advisory
http://www.vupen.com/english/advisories/2007/3229
Third Party Advisory
http://docs.info.apple.com/article.html?artnum=306172
Broken Link
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/26235
Third Party Advisory
http://www.securityfocus.com/bid/25159
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2007/2732
Third Party Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427
Broken Link
http://secunia.com/advisories/25800
Third Party Advisory
http://secunia.com/advisories/25801
Third Party Advisory
http://secunia.com/advisories/25814
Third Party Advisory
http://secunia.com/advisories/25821
Third Party Advisory
http://secunia.com/advisories/25870
Third Party Advisory
http://secunia.com/advisories/25888
Third Party Advisory
http://secunia.com/advisories/25890
Third Party Advisory
http://secunia.com/advisories/25911
Third Party Advisory
http://secunia.com/advisories/26033
Third Party Advisory
http://secunia.com/advisories/26228
Third Party Advisory
http://secunia.com/advisories/40346
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200707-11.xml
Third Party Advisory
http://www.debian.org/security/2007/dsa-1323
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:137
Third Party Advisory
http://www.novell.com/linux/security/advisories/2007_38_krb5.html
Broken Link
http://www.redhat.com/support/errata/RHSA-2007-0384.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0562.html
Third Party Advisory
http://www.securityfocus.com/archive/1/472432/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/472507/30/5970/threaded
Third Party Advisory
VDB Entry
http://www.trustix.org/errata/2007/0021/
Broken Link
http://www.ubuntu.com/usn/usn-477-1
Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA07-177A.html
Third Party Advisory
US Government Resource
http://www.vupen.com/english/advisories/2007/2337
Third Party Advisory
http://www.vupen.com/english/advisories/2007/2491
Third Party Advisory
http://www.vupen.com/english/advisories/2010/1574
Third Party Advisory
https://issues.rpath.com/browse/RPL-1499
Broken Link
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=548
Broken Link
http://osvdb.org/36595
Broken Link
http://secunia.com/advisories/25875
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102985-1
Broken Link
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-005.txt
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/554257
Patch
Third Party Advisory
US Government Resource
http://www.securityfocus.com/archive/1/472289/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/24653
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1018295
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2007/2370
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/35080
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1726
Third Party Advisory
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7550
Third Party Advisory
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9996
Third Party Advisory
https://secure-support.novell.com/KanisaPlatform/Publishing/327/3675615_f.SAL_Public.html
Broken Link