Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2007-4000HistorySep 05, 2007 - 10:17 a.m.
CVE-2007-4000
2007-09-0510:17:00
Debian Security Bug Tracker
security-tracker.debian.org
11
0.338 Low
EPSS
Percentile
97.1%
The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the βmodify policyβ privilege to execute arbitrary code via unspecified vectors that trigger a write to an uninitialized pointer.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | krb5 | <Β 1.6.dfsg.1-7 | krb5_1.6.dfsg.1-7_all.deb |
| Debian | 11 | all | krb5 | <Β 1.6.dfsg.1-7 | krb5_1.6.dfsg.1-7_all.deb |
| Debian | 10 | all | krb5 | <Β 1.6.dfsg.1-7 | krb5_1.6.dfsg.1-7_all.deb |
| Debian | 999 | all | krb5 | <Β 1.6.dfsg.1-7 | krb5_1.6.dfsg.1-7_all.deb |
| Debian | 13 | all | krb5 | <Β 1.6.dfsg.1-7 | krb5_1.6.dfsg.1-7_all.deb |
Related
prion
prion
Null pointer dereference
2007-09-05 10:17:00
cve
cve
CVE-2007-4000
2007-09-05 10:17:00
cvelist
cvelist
CVE-2007-4000
2007-09-05 10:00:00
seebug
seebug
MIT Kerberos 5 KAdminDζε‘η¨εΊζͺεε§εζιθΏη¨δ»£η ζ§θ‘ζΌζ΄
2007-09-06 00:00:00
ubuntucve
ubuntucve
CVE-2007-4000
2007-09-05 00:00:00
CVE-2007-4743
2007-09-06 00:00:00
cert
cert
MIT Kerberos 5 kadmind privilege escalation vulnerability
2007-09-04 00:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: krb5-1.5-22.fc6
2007-09-04 21:28:43
[SECURITY] Fedora 7 Update: krb5-1.6.1-3.fc7
2007-09-04 22:14:03
[SECURITY] Fedora 7 Update: krb5-1.6.1-4.fc7
2007-09-07 17:21:06
nessus
nessus
SuSE 10 Security Update : Kerberos (ZYPP Patch Number 4192)
2007-12-13 00:00:00
GLSA-200709-01 : MIT Kerberos 5: Multiple vulnerabilities
2007-09-14 00:00:00
openSUSE 10 Security Update : krb5 (krb5-4191)
2007-10-17 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200709-01 (mit-krb5)
2008-09-24 00:00:00
Mandriva Update for krb5 MDKSA-2007:174 (krb5)
2009-04-09 00:00:00
Fedora Update for krb5 FEDORA-2007-690
2009-02-27 00:00:00
redhat
redhat
(RHSA-2007:0858) Important: krb5 security update
2007-09-04 00:00:00
oraclelinux
oraclelinux
Important: krb5 security update
2007-09-04 00:00:00
gentoo
gentoo
MIT Kerberos 5: Multiple vulnerabilities
2007-09-11 00:00:00
centos
centos
krb5 security update
2007-09-05 00:50:27