[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-4000Date: (C)2007-09-05   (M)2024-02-16


The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy" privilege to execute arbitrary code via unspecified vectors that trigger a write to an uninitialized pointer.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 8.5
Exploit Score: 6.8
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: SINGLE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1018647
http://www.securityfocus.com/archive/1/478794/100/0/threaded
BID-25533
SECUNIA-26676
SECUNIA-26680
SECUNIA-26700
SECUNIA-26728
SECUNIA-26783
SECUNIA-26987
SREASON-3092
ADV-2007-3051
FEDORA-2007-2017
GLSA-200709-01
MDKSA-2007:174
RHSA-2007:0858
SUSE-SR:2007:019
VU#377544
http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt
https://bugzilla.redhat.com/show_bug.cgi?id=250976
https://issues.rpath.com/browse/RPL-1696
kerberos-modifypolicy-code-execution(36438)
oval:org.mitre.oval:def:9278

CWE    1
CWE-824

© SecPod Technologies