CVE-2007-0957

Properties

Published:
04.04.2007
Updated:
21.08.2010
Patch available:
Severity:
High
CVSS vector:
(AV:N/AC:L/Au:S/C:C/I:C/A:C)
Product:
mit: kerberos

Vulnerability description

Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Kerberos administration daemon (kadmind) and Key Distribution Center (KDC), in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via crafted arguments, possibly involving certain format string specifiers.

References:

CERT-VN: http://www.kb.cert.org/vuls/id/704024
CERT: http://www.us-cert.gov/cas/techalerts/TA07-109A.html
CERT: http://www.us-cert.gov/cas/techalerts/TA07-093B.html
UBUNTU: http://www.ubuntu.com/usn/usn-449-1
REDHAT: http://www.redhat.com/support/errata/RHSA-2007-0095.html
DEBIAN: http://www.debian.org/security/2007/dsa-1276
CONFIRM: http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-002-syslog.txt
SECUNIA: http://secunia.com/advisories/24757
SECUNIA: http://secunia.com/advisories/24736
SECUNIA: http://secunia.com/advisories/24706
BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/464814/30/7170/threaded
OVAL: http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10757
XF: http://xforce.iss.net/xforce/xfdb/33411
SECTRACK: http://www.securitytracker.com/id?1017849
BID: http://www.securityfocus.com/bid/23285
BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/464666/100/0/threaded
BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/464592/100/0/threaded
MANDRIVA: http://www.mandriva.com/security/advisories?name=MDKSA-2007:077
VUPEN: http://www.frsirt.com/english/advisories/2007/1983
VUPEN: http://www.frsirt.com/english/advisories/2007/1470
VUPEN: http://www.frsirt.com/english/advisories/2007/1250
VUPEN: http://www.frsirt.com/english/advisories/2007/1218
SUNALERT: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102930-1
GENTOO: http://security.gentoo.org/glsa/glsa-200704-02.xml
SECUNIA: http://secunia.com/advisories/25464
SECUNIA: http://secunia.com/advisories/24966
SECUNIA: http://secunia.com/advisories/24817
SECUNIA: http://secunia.com/advisories/24798
SECUNIA: http://secunia.com/advisories/24786
SECUNIA: http://secunia.com/advisories/24785
SECUNIA: http://secunia.com/advisories/24750
SECUNIA: http://secunia.com/advisories/24740
SECUNIA: http://secunia.com/advisories/24735
SUSE: http://lists.suse.com/archive/suse-security-announce/2007-Apr/0001.html
APPLE: http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html
MANDRIVA: http://frontal2.mandriva.com/security/advisories?name=MDKSA-2007:077
CONFIRM: http://docs.info.apple.com/article.html?artnum=305391
SGI: ftp://patches.sgi.com/support/free/security/advisories/20070401-01-P.asc