CVE-2007-2443

Published: Jun 26, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player

mailing-list

x_refsource_FULLDISC

ADV-2007-2732

vdb-entry

x_refsource_VUPEN

25894

third-party-advisory

x_refsource_SECUNIA

25801

third-party-advisory

x_refsource_SECUNIA

USN-477-1

vendor-advisory

x_refsource_UBUNTU

ADV-2007-3229

vdb-entry

x_refsource_VUPEN

20070629 TSLSA-2007-0021 - kerberos5

mailing-list

x_refsource_BUGTRAQ

25911

third-party-advisory

x_refsource_SECUNIA

25888

third-party-advisory

x_refsource_SECUNIA

oval:org.mitre.oval:def:11277

vdb-entry

signature

x_refsource_OVAL

RHSA-2007:0384

vendor-advisory

x_refsource_REDHAT

https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html

x_refsource_CONFIRM

25890

third-party-advisory

x_refsource_SECUNIA

ADV-2007-2337

vdb-entry

x_refsource_VUPEN

kerberos-gssrpcsvcauthunix-bo(35085)

vdb-entry

x_refsource_XF

APPLE-SA-2007-07-31

vendor-advisory

x_refsource_APPLE

ADV-2007-2491

vdb-entry

x_refsource_VUPEN

26228

third-party-advisory

x_refsource_SECUNIA

ADV-2010-1574

vdb-entry

x_refsource_VUPEN

26033

third-party-advisory

x_refsource_SECUNIA

GLSA-200707-11

vendor-advisory

x_refsource_GENTOO

25800

third-party-advisory

x_refsource_SECUNIA

SSRT100107

vendor-advisory

x_refsource_HP

24657

vdb-entry

x_refsource_BID

1018293

vdb-entry

x_refsource_SECTRACK

VU#365313

third-party-advisory

x_refsource_CERT-VN

DSA-1323

vendor-advisory

x_refsource_DEBIAN

2007-0021

vendor-advisory

x_refsource_TRUSTIX

http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt

x_refsource_CONFIRM

TA07-177A

third-party-advisory

x_refsource_CERT

SUSE-SA:2007:038

vendor-advisory

x_refsource_SUSE

25870

third-party-advisory

x_refsource_SECUNIA

MDKSA-2007:137

vendor-advisory

x_refsource_MANDRIVA

26909

third-party-advisory

x_refsource_SECUNIA

https://issues.rpath.com/browse/RPL-1499

x_refsource_CONFIRM

27706

third-party-advisory

x_refsource_SECUNIA

http://docs.info.apple.com/article.html?artnum=306172

x_refsource_CONFIRM

RHSA-2007:0562

vendor-advisory

x_refsource_REDHAT

HPSBUX02544

vendor-advisory

x_refsource_HP

http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt

x_refsource_CONFIRM

20070628 FLEA-2007-0029-1: krb5 krb5-workstation

mailing-list

x_refsource_BUGTRAQ

25159

vdb-entry

x_refsource_BID

36597

vdb-entry

x_refsource_OSVDB

20070626 MITKRB5-SA-2007-004: kadmind multiple RPC lib vulnerabilities

mailing-list

x_refsource_BUGTRAQ

25814

third-party-advisory

x_refsource_SECUNIA

25821

third-party-advisory

x_refsource_SECUNIA

40346

third-party-advisory

x_refsource_SECUNIA

26235

third-party-advisory

x_refsource_SECUNIA

oval:org.mitre.oval:def:7131

vdb-entry

signature

x_refsource_OVAL

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-2443

Description

Affected Products

References