MIT Kerberos kadmind RPC library gssrpc__svcauth_unix() integer conversion error

🗓️ 26 Jun 2007 00:00:00Reported by CERTType

cert

cert🔗 www.kb.cert.org👁 43 Views

MIT Kerberos kadmind has an integer conversion error allowing remote code execution or denial of service.

Reporter	Title	Published	Views	Family All 81
Tenable Nessus	CentOS 3 : krb5 (CESA-2007:0384)	27 Jun 200700:00	–	nessus
Tenable Nessus	CentOS 4 / 5 : krb5 (CESA-2007:0562)	27 Jun 200700:00	–	nessus
Tenable Nessus	Debian DSA-1323-1 : krb5 - several vulnerabilities	1 Jul 200700:00	–	nessus
Tenable Nessus	Fedora 7 : krb5-1.6.1-2.1.fc7 (2007-0740)	6 Nov 200700:00	–	nessus
Tenable Nessus	GLSA-200707-11 : MIT Kerberos 5: Arbitrary remote code execution	27 Jul 200700:00	–	nessus
Tenable Nessus	HP-UX PHSS_41166 : HP-UX Running Kerberos, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02544 SSRT100107 rev.1)	28 Jun 201000:00	–	nessus
Tenable Nessus	HP-UX PHSS_41167 : HP-UX Running Kerberos, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02544 SSRT100107 rev.1)	28 Jun 201000:00	–	nessus
Tenable Nessus	HP-UX PHSS_41168 : HP-UX Running Kerberos, Remote Denial of Service (DoS), Execution of Arbitrary Code (HPSBUX02544 SSRT100107 rev.1)	28 Jun 201000:00	–	nessus
Tenable Nessus	Mac OS X Multiple Vulnerabilities (Security Update 2007-007)	2 Aug 200700:00	–	nessus
Tenable Nessus	Mandrake Linux Security Advisory : krb5 (MDKSA-2007:137)	27 Jun 200700:00	–	nessus

Source	Link
web	www.web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt
ubuntu	www.ubuntu.com/usn/usn-477-1
mandriva	www.mandriva.com/security/advisories
secunia	www.secunia.com/advisories/25800/
secunia	www.secunia.com/advisories/26033/
docs	www.docs.info.apple.com/article.html

08 Aug 2007 16:52Current

10High risk

Vulners AI Score10

CVSS 28.3

EPSS0.32345

mit kerberos kadmind integer conversion error remote code execution denial of service vulnerability