Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2007-2442HistoryJun 26, 2007 - 10:30 p.m.
CVE-2007-2442
2007-06-2622:30:00
Debian Security Bug Tracker
security-tracker.debian.org
11
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.965 High
EPSS
Percentile
99.6%
The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | krb5 | < 1.6.dfsg.1-5 | krb5_1.6.dfsg.1-5_all.deb |
| Debian | 11 | all | krb5 | < 1.6.dfsg.1-5 | krb5_1.6.dfsg.1-5_all.deb |
| Debian | 10 | all | krb5 | < 1.6.dfsg.1-5 | krb5_1.6.dfsg.1-5_all.deb |
| Debian | 999 | all | krb5 | < 1.6.dfsg.1-5 | krb5_1.6.dfsg.1-5_all.deb |
| Debian | 13 | all | krb5 | < 1.6.dfsg.1-5 | krb5_1.6.dfsg.1-5_all.deb |
Related
cve
cve
CVE-2007-2442
2007-06-26 22:30:00
cert
cert
prion
prion
Design/Logic Flaw
2007-06-26 22:30:00
nessus
nessus
Solaris 10 (x86) : 126837-01
2007-07-02 00:00:00
Solaris 10 (sparc) : 123809-02
2007-07-02 00:00:00
Solaris 10 (x86) : 126837-01
2018-03-12 00:00:00
ubuntucve
ubuntucve
CVE-2007-2442
2007-06-26 00:00:00
securityvulns
securityvulns
MITKRB5-SA-2007-004: kadmind multiple RPC lib vulnerabilities
2007-06-26 00:00:00
MIT Kerberos multiple security vulnerabilities
2007-06-27 00:00:00
oraclelinux
oraclelinux
Critical: krb5 security update
2007-06-27 00:00:00
Important: krb5 security update
2007-06-26 00:00:00
openvas
openvas
Mandriva Update for krb5 MDKSA-2007:137 (krb5)
2009-04-09 00:00:00
Gentoo Security Advisory GLSA 200707-11 (mit-krb5)
2008-09-24 00:00:00
Debian: Security Advisory (DSA-1323-1)
2008-01-17 00:00:00
ubuntu
ubuntu
krb5 vulnerabilities
2007-06-27 00:00:00
centos
centos
krb5 security update
2007-06-26 23:36:28
krb5 security update
2007-06-26 23:52:15
krb5 security update
2007-06-26 20:37:06
debian
debian
[SECURITY] [DSA 1323-1] New krb5 packages fix several vulnerabilities
2007-06-28 20:13:18
osv
osv
krb5
2007-06-28 00:00:00
suse
suse
remote code execution in krb5
2007-07-03 17:33:35
gentoo
gentoo
MIT Kerberos 5: Arbitrary remote code execution
2007-07-25 00:00:00
redhat
redhat
(RHSA-2007:0384) Critical: krb5 security update
2007-06-26 00:00:00
(RHSA-2007:0562) Important: krb5 security update
2007-06-26 00:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: krb5-1.5-21.1
2007-06-28 13:31:24
[SECURITY] Fedora 7 Update: krb5-1.6.1-2.1.fc7
2007-06-28 01:54:45
[SECURITY] Fedora 7 Update: krb5-1.6.1-3.fc7
2007-09-04 22:14:03
vmware
vmware
seebug
seebug
Mac OS X 2007-007更新修复多个安全漏洞
2007-08-02 00:00:00
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.965 High
EPSS
Percentile
99.6%
Related for DEBIANCVE:CVE-2007-2442