CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
EPSS
Percentile
99.7%
The Kerberos administration daemon contains a buffer overflow that may allow a remote, authenticated attacker to execute arbitrary code or cause a denial of service.
A vulnerability exists in the way the krb5_klog_syslog()
function used by the Kerberos administration daemon handles specially crafted strings. This vulnerability may cause a buffer overflow that could allow a remote, authenticated user to execute arbitrary code. According to MIT krb5 Security Advisory MITKRB5-SA-2007-002:
krb5_klog_syslog() uses vsprintf() to format text into a fixed-length stack buffer. Format specifiers such as “%s” used in calls to krb5_klog_syslog() may allow formatting of strings of sufficient length to overwrite memory past the end of the stack buffer_._
_Certain strings received from the client by the kadmin daemon are not truncated prior to logging. Among these strings is the target principal for the kadmin operation.
The KDC truncates most client-originated strings prior to logging. One sort of string which is not truncated is a transited-realms string. A malicious KDC sharing a key with the target realm may issue tickets with specially-crafted transited-realms strings to exploit this vulnerability. There are other places where an authenticated user may cause the KDC to log a string which triggers the vulnerability._
Note that this issue affects all releases of MIT krb5 up to and including krb5-1.6. Other server applications that call the krb5_klog_syslog()
function provided with MIT krb5 may also be affected.
This vulnerability can be triggered by sending a specially crafted Kerberos message to a vulnerable system.
A remote, authenticated user may be able to execute arbitrary code on an affected system or cause the affected program to crash, resulting in a denial of service. Secondary impacts of code execution include complete compromise of the Kerberos key database.
Apply Patch
A patch can be obtained from MIT krb5 Security Advisory MITKRB5-SA-2007-002. MIT also states that this will be addressed in the upcoming krb5-1.6.1 release.
704024
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: April 04, 2007 Updated: April 20, 2007
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to Apple Security Update 2007-004.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23704024 Feedback>).
Updated: April 03, 2007
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to MITKRB5-SA-2007-002.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23704024 Feedback>).
Notified: April 04, 2007 Updated: April 05, 2007
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to MDKSA-2007:077.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23704024 Feedback>).
Notified: April 04, 2007 Updated: April 05, 2007
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to Novell Security Advisory 3618705.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23704024 Feedback>).
Updated: April 02, 2007
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to RHSA-2007-0095.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23704024 Feedback>).
Notified: April 04, 2007 Updated: April 05, 2007
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to SUSE-SA:2007:025.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23704024 Feedback>).
Notified: April 04, 2007 Updated: April 06, 2007
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to Trustix Secure Linux Security Advisory #2007-0012.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23704024 Feedback>).
Updated: April 05, 2007
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to rPSA-2007-0063-1.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23704024 Feedback>).
Updated: April 02, 2007
Not Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: April 02, 2007
Not Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: April 04, 2007
Not Affected
Kerberos is available for the AIX Operating System via Network Authentication Services for AIX. Network Authentication Services for AIX is not affected by the issues addressed in MITKRB5-SA-2007-002 [CVE-2007-0957, CERT/CC VU#704024].
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 06, 2007
Not Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Not Affected
Openwall GNU/*/Linux is not vulnerable. We don’t provide Kerberos.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 05, 2007
Not Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 04, 2007 Updated: April 04, 2007
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
View all 80 vendors __View less vendors __
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
This issue was reported in MIT krb5 Security Advisory MITKRB5-SA-2007-002. The MIT Kerberos Development Team credits iDefense Labs for reporting this issue.
This document was written by Chris Taschner.
CVE IDs: | CVE-2007-0957 |
---|---|
Severity Metric: | 16.96 Date Public: |
docs.info.apple.com/article.html?artnum=305391
secunia.com/advisories/24735/
secunia.com/advisories/24740/
secunia.com/advisories/24750/
secunia.com/advisories/24757/
secunia.com/advisories/24966/
secunia.com/advisories/25464/
securitytracker.com/alerts/2007/Apr/1017849.html
sunsolve.sun.com/search/document.do?assetkey=1-26-102930-1
web.mit.edu/kerberos/advisories/2007-002-patch.txt
web.mit.edu/kerberos/advisories/2007-002-patch.txt.asc
web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-002-syslog.txt
secure-support.novell.com/KanisaPlatform/Publishing/150/3618705_f.SAL_Public.html