Back to search
CVE-2007-0957
Published: Apr 6, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Kerberos administration daemon (kadmind) and Key Distribution Center (KDC), in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via crafted arguments, possibly involving certain format string specifiers.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
oval:org.mitre.oval:def:10757
vdb-entry
signature
x_refsource_OVAL
ADV-2007-1218
vdb-entry
x_refsource_VUPEN
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-002-syslog.txt
x_refsource_CONFIRM
20070403 MITKRB5-SA-2007-002: KDC, kadmind stack overflow in krb5_klog_syslog [CVE-2007-0957]
mailing-list
x_refsource_BUGTRAQ
24966
third-party-advisory
x_refsource_SECUNIA
24706
third-party-advisory
x_refsource_SECUNIA
24798
third-party-advisory
x_refsource_SECUNIA
24740
third-party-advisory
x_refsource_SECUNIA
RHSA-2007:0095
vendor-advisory
x_refsource_REDHAT
ADV-2007-1983
vdb-entry
x_refsource_VUPEN
24786
third-party-advisory
x_refsource_SECUNIA
102930
vendor-advisory
x_refsource_SUNALERT
http://docs.info.apple.com/article.html?artnum=305391
x_refsource_CONFIRM
TA07-093B
third-party-advisory
x_refsource_CERT
20070405 FLEA-2007-0008-1: krb5
mailing-list
x_refsource_BUGTRAQ
DSA-1276
vendor-advisory
x_refsource_DEBIAN
24735
third-party-advisory
x_refsource_SECUNIA
23285
vdb-entry
x_refsource_BID
TA07-109A
third-party-advisory
x_refsource_CERT
24750
third-party-advisory
x_refsource_SECUNIA
ADV-2007-1250
vdb-entry
x_refsource_VUPEN
24817
third-party-advisory
x_refsource_SECUNIA
24757
third-party-advisory
x_refsource_SECUNIA
kerberos-krb5klogsyslog-bo(33411)
vdb-entry
x_refsource_XF
VU#704024
third-party-advisory
x_refsource_CERT-VN
1017849
vdb-entry
x_refsource_SECTRACK
SUSE-SA:2007:025
vendor-advisory
x_refsource_SUSE
24785
third-party-advisory
x_refsource_SECUNIA
25464
third-party-advisory
x_refsource_SECUNIA
MDKSA-2007:077
vendor-advisory
x_refsource_MANDRIVA
USN-449-1
vendor-advisory
x_refsource_UBUNTU
APPLE-SA-2007-04-19
vendor-advisory
x_refsource_APPLE
ADV-2007-1470
vdb-entry
x_refsource_VUPEN
24736
third-party-advisory
x_refsource_SECUNIA
20070404 rPSA-2007-0063-1 krb5 krb5-server krb5-services krb5-test krb5-workstation
mailing-list
x_refsource_BUGTRAQ
GLSA-200704-02
vendor-advisory
x_refsource_GENTOO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now