[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-2798

Date: (C)2007-06-26   (M)2017-10-12
 
CVSS Score: 7.4Access Vector: ADJACENT_NETWORK
Exploitability Subscore: 4.4Access Complexity: MEDIUM
Impact Subscore: 10.0Authentication: SINGLE_INSTANCE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE











Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.

Reference:
SECTRACK-1018295
SUNALERT-102985
20070602-01-P
http://www.securityfocus.com/archive/1/archive/1/472289/100/0/threaded
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=548
http://www.securityfocus.com/archive/1/archive/1/472432/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/472507/30/5970/threaded
BID-24653
BID-25159
SECUNIA-25800
SECUNIA-25801
SECUNIA-25814
SECUNIA-25821
SECUNIA-25870
SECUNIA-25875
SECUNIA-25888
SECUNIA-25890
SECUNIA-25894
SECUNIA-25911
SECUNIA-26033
SECUNIA-26228
SECUNIA-26235
SECUNIA-26909
SECUNIA-27706
OSVDB-36595
SECUNIA-40346
ADV-2007-2337
ADV-2007-2370
ADV-2007-2491
ADV-2007-2732
ADV-2007-3229
ADV-2010-1574
APPLE-SA-2007-07-31
DSA-1323
GLSA-200707-11
HPSBUX02544
MDKSA-2007:137
RHSA-2007:0384
RHSA-2007:0562
SUSE-SA:2007:038
TA07-177A
USN-477-1
VU#554257
http://docs.info.apple.com/article.html?artnum=306172
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-005.txt
https://issues.rpath.com/browse/RPL-1499
kerberos-renameprincipal2svc-bo(35080)

CPE    30
cpe:/a:mit:kerberos:5-1.2.2
cpe:/a:mit:kerberos:5-1.2.1
cpe:/a:mit:kerberos:5-1.2
cpe:/a:mit:kerberos:5-1.2.4
...
CWE    1
CWE-119

© 2013 SecPod Technologies