Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2007-2443

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-26 Jun, 2007 | 22:00
Updated At-07 Aug, 2024 | 13:42
Rejected At-
Credits

Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:26 Jun, 2007 | 22:00
Updated At:07 Aug, 2024 | 13:42
Rejected At:
▼CVE Numbering Authority (CNA)

Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
mailing-list
x_refsource_FULLDISC
http://www.vupen.com/english/advisories/2007/2732
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/25894
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/25801
third-party-advisory
x_refsource_SECUNIA
http://www.ubuntu.com/usn/usn-477-1
vendor-advisory
x_refsource_UBUNTU
http://www.vupen.com/english/advisories/2007/3229
vdb-entry
x_refsource_VUPEN
http://www.securityfocus.com/archive/1/472507/30/5970/threaded
mailing-list
x_refsource_BUGTRAQ
http://secunia.com/advisories/25911
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/25888
third-party-advisory
x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11277
vdb-entry
signature
x_refsource_OVAL
http://www.redhat.com/support/errata/RHSA-2007-0384.html
vendor-advisory
x_refsource_REDHAT
https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html
x_refsource_CONFIRM
http://secunia.com/advisories/25890
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/2337
vdb-entry
x_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/35085
vdb-entry
x_refsource_XF
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
vendor-advisory
x_refsource_APPLE
http://www.vupen.com/english/advisories/2007/2491
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/26228
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2010/1574
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/26033
third-party-advisory
x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200707-11.xml
vendor-advisory
x_refsource_GENTOO
http://secunia.com/advisories/25800
third-party-advisory
x_refsource_SECUNIA
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427
vendor-advisory
x_refsource_HP
http://www.securityfocus.com/bid/24657
vdb-entry
x_refsource_BID
http://www.securitytracker.com/id?1018293
vdb-entry
x_refsource_SECTRACK
http://www.kb.cert.org/vuls/id/365313
third-party-advisory
x_refsource_CERT-VN
http://www.debian.org/security/2007/dsa-1323
vendor-advisory
x_refsource_DEBIAN
http://www.trustix.org/errata/2007/0021/
vendor-advisory
x_refsource_TRUSTIX
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt
x_refsource_CONFIRM
http://www.us-cert.gov/cas/techalerts/TA07-177A.html
third-party-advisory
x_refsource_CERT
http://www.novell.com/linux/security/advisories/2007_38_krb5.html
vendor-advisory
x_refsource_SUSE
http://secunia.com/advisories/25870
third-party-advisory
x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:137
vendor-advisory
x_refsource_MANDRIVA
http://secunia.com/advisories/26909
third-party-advisory
x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1499
x_refsource_CONFIRM
http://secunia.com/advisories/27706
third-party-advisory
x_refsource_SECUNIA
http://docs.info.apple.com/article.html?artnum=306172
x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2007-0562.html
vendor-advisory
x_refsource_REDHAT
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427
vendor-advisory
x_refsource_HP
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt
x_refsource_CONFIRM
http://www.securityfocus.com/archive/1/472432/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://www.securityfocus.com/bid/25159
vdb-entry
x_refsource_BID
http://osvdb.org/36597
vdb-entry
x_refsource_OSVDB
http://www.securityfocus.com/archive/1/472288/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://secunia.com/advisories/25814
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/25821
third-party-advisory
x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
vendor-advisory
x_refsource_SGI
http://secunia.com/advisories/40346
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/26235
third-party-advisory
x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7131
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
Resource:
mailing-list
x_refsource_FULLDISC
Hyperlink: http://www.vupen.com/english/advisories/2007/2732
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/25894
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/25801
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.ubuntu.com/usn/usn-477-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.vupen.com/english/advisories/2007/3229
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.securityfocus.com/archive/1/472507/30/5970/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://secunia.com/advisories/25911
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/25888
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11277
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0384.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/25890
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2007/2337
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/35085
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://www.vupen.com/english/advisories/2007/2491
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/26228
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2010/1574
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/26033
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://security.gentoo.org/glsa/glsa-200707-11.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://secunia.com/advisories/25800
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.securityfocus.com/bid/24657
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.securitytracker.com/id?1018293
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.kb.cert.org/vuls/id/365313
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.debian.org/security/2007/dsa-1323
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.trustix.org/errata/2007/0021/
Resource:
vendor-advisory
x_refsource_TRUSTIX
Hyperlink: http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA07-177A.html
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: http://www.novell.com/linux/security/advisories/2007_38_krb5.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://secunia.com/advisories/25870
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:137
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://secunia.com/advisories/26909
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://issues.rpath.com/browse/RPL-1499
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/27706
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://docs.info.apple.com/article.html?artnum=306172
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0562.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/archive/1/472432/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.securityfocus.com/bid/25159
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://osvdb.org/36597
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://www.securityfocus.com/archive/1/472288/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://secunia.com/advisories/25814
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/25821
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
Resource:
vendor-advisory
x_refsource_SGI
Hyperlink: http://secunia.com/advisories/40346
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/26235
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7131
Resource:
vdb-entry
signature
x_refsource_OVAL
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
mailing-list
x_refsource_FULLDISC
x_transferred
http://www.vupen.com/english/advisories/2007/2732
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/25894
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/25801
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.ubuntu.com/usn/usn-477-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.vupen.com/english/advisories/2007/3229
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.securityfocus.com/archive/1/472507/30/5970/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://secunia.com/advisories/25911
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/25888
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11277
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.redhat.com/support/errata/RHSA-2007-0384.html
vendor-advisory
x_refsource_REDHAT
x_transferred
https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/25890
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2007/2337
vdb-entry
x_refsource_VUPEN
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/35085
vdb-entry
x_refsource_XF
x_transferred
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://www.vupen.com/english/advisories/2007/2491
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/26228
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2010/1574
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/26033
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://security.gentoo.org/glsa/glsa-200707-11.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://secunia.com/advisories/25800
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427
vendor-advisory
x_refsource_HP
x_transferred
http://www.securityfocus.com/bid/24657
vdb-entry
x_refsource_BID
x_transferred
http://www.securitytracker.com/id?1018293
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.kb.cert.org/vuls/id/365313
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://www.debian.org/security/2007/dsa-1323
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.trustix.org/errata/2007/0021/
vendor-advisory
x_refsource_TRUSTIX
x_transferred
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt
x_refsource_CONFIRM
x_transferred
http://www.us-cert.gov/cas/techalerts/TA07-177A.html
third-party-advisory
x_refsource_CERT
x_transferred
http://www.novell.com/linux/security/advisories/2007_38_krb5.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://secunia.com/advisories/25870
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2007:137
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://secunia.com/advisories/26909
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://issues.rpath.com/browse/RPL-1499
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/27706
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://docs.info.apple.com/article.html?artnum=306172
x_refsource_CONFIRM
x_transferred
http://www.redhat.com/support/errata/RHSA-2007-0562.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427
vendor-advisory
x_refsource_HP
x_transferred
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/archive/1/472432/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.securityfocus.com/bid/25159
vdb-entry
x_refsource_BID
x_transferred
http://osvdb.org/36597
vdb-entry
x_refsource_OSVDB
x_transferred
http://www.securityfocus.com/archive/1/472288/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://secunia.com/advisories/25814
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/25821
third-party-advisory
x_refsource_SECUNIA
x_transferred
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
vendor-advisory
x_refsource_SGI
x_transferred
http://secunia.com/advisories/40346
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/26235
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7131
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
Resource:
mailing-list
x_refsource_FULLDISC
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/2732
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/25894
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/25801
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-477-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/3229
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/472507/30/5970/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://secunia.com/advisories/25911
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/25888
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11277
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0384.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/25890
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/2337
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/35085
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/2491
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/26228
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/1574
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/26033
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-200707-11.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://secunia.com/advisories/25800
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.securityfocus.com/bid/24657
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.securitytracker.com/id?1018293
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/365313
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.debian.org/security/2007/dsa-1323
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.trustix.org/errata/2007/0021/
Resource:
vendor-advisory
x_refsource_TRUSTIX
x_transferred
Hyperlink: http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA07-177A.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2007_38_krb5.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://secunia.com/advisories/25870
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:137
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://secunia.com/advisories/26909
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://issues.rpath.com/browse/RPL-1499
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/27706
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://docs.info.apple.com/article.html?artnum=306172
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0562.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/472432/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.securityfocus.com/bid/25159
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://osvdb.org/36597
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/472288/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://secunia.com/advisories/25814
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/25821
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
Resource:
vendor-advisory
x_refsource_SGI
x_transferred
Hyperlink: http://secunia.com/advisories/40346
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/26235
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7131
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:26 Jun, 2007 | 22:30
Updated At:02 Feb, 2021 | 18:28

Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.08.3HIGH
AV:A/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 8.3
Base severity: HIGH
Vector:
AV:A/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>Versions up to 1.6.1(inclusive)
cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>3.1
cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>4.0
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>6.06
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>6.10
cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>7.04
cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asccve@mitre.org
Broken Link
http://docs.info.apple.com/article.html?artnum=306172cve@mitre.org
Broken Link
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427cve@mitre.org
Broken Link
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.htmlcve@mitre.org
Mailing List
Third Party Advisory
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.htmlcve@mitre.org
Third Party Advisory
http://osvdb.org/36597cve@mitre.org
Broken Link
http://secunia.com/advisories/25800cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/25801cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/25814cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/25821cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/25870cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/25888cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/25890cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/25894cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/25911cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/26033cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/26228cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/26235cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/26909cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/27706cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/40346cve@mitre.org
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200707-11.xmlcve@mitre.org
Third Party Advisory
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txtcve@mitre.org
Patch
Vendor Advisory
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txtcve@mitre.org
Patch
Vendor Advisory
http://www.debian.org/security/2007/dsa-1323cve@mitre.org
Third Party Advisory
http://www.kb.cert.org/vuls/id/365313cve@mitre.org
Patch
Third Party Advisory
US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2007:137cve@mitre.org
Third Party Advisory
http://www.novell.com/linux/security/advisories/2007_38_krb5.htmlcve@mitre.org
Broken Link
http://www.redhat.com/support/errata/RHSA-2007-0384.htmlcve@mitre.org
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0562.htmlcve@mitre.org
Third Party Advisory
http://www.securityfocus.com/archive/1/472288/100/0/threadedcve@mitre.org
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/472432/100/0/threadedcve@mitre.org
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/472507/30/5970/threadedcve@mitre.org
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/24657cve@mitre.org
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/25159cve@mitre.org
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1018293cve@mitre.org
Third Party Advisory
VDB Entry
http://www.trustix.org/errata/2007/0021/cve@mitre.org
Broken Link
http://www.ubuntu.com/usn/usn-477-1cve@mitre.org
Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA07-177A.htmlcve@mitre.org
Patch
Third Party Advisory
US Government Resource
http://www.vupen.com/english/advisories/2007/2337cve@mitre.org
Third Party Advisory
http://www.vupen.com/english/advisories/2007/2491cve@mitre.org
Third Party Advisory
http://www.vupen.com/english/advisories/2007/2732cve@mitre.org
Third Party Advisory
http://www.vupen.com/english/advisories/2007/3229cve@mitre.org
Third Party Advisory
http://www.vupen.com/english/advisories/2010/1574cve@mitre.org
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/35085cve@mitre.org
Third Party Advisory
VDB Entry
https://issues.rpath.com/browse/RPL-1499cve@mitre.org
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11277cve@mitre.org
Broken Link
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7131cve@mitre.org
Broken Link
Third Party Advisory
https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.htmlcve@mitre.org
Broken Link
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://docs.info.apple.com/article.html?artnum=306172
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
Source: cve@mitre.org
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://osvdb.org/36597
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/25800
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25801
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25814
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25821
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25870
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25888
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25890
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25894
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25911
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/26033
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/26228
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/26235
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/26909
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/27706
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/40346
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-200707-11.xml
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.debian.org/security/2007/dsa-1323
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.kb.cert.org/vuls/id/365313
Source: cve@mitre.org
Resource:
Patch
Third Party Advisory
US Government Resource
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:137
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.novell.com/linux/security/advisories/2007_38_krb5.html
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0384.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0562.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/archive/1/472288/100/0/threaded
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/archive/1/472432/100/0/threaded
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/archive/1/472507/30/5970/threaded
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/bid/24657
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/bid/25159
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id?1018293
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.trustix.org/errata/2007/0021/
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.ubuntu.com/usn/usn-477-1
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA07-177A.html
Source: cve@mitre.org
Resource:
Patch
Third Party Advisory
US Government Resource
Hyperlink: http://www.vupen.com/english/advisories/2007/2337
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2007/2491
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2007/2732
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2007/3229
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/1574
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/35085
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://issues.rpath.com/browse/RPL-1499
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11277
Source: cve@mitre.org
Resource:
Broken Link
Third Party Advisory
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7131
Source: cve@mitre.org
Resource:
Broken Link
Third Party Advisory
Hyperlink: https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html
Source: cve@mitre.org
Resource:
Broken Link

Change History

0
Information is not available yet

Similar CVEs

4Records found
CVE-2010-3705
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.3||HIGH
EPSS-1.21% / 78.19%
||
7 Day CHG~0.00%
Published-26 Nov, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a crafted value in the last element of this array.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.Debian GNU/LinuxFedora Project
Product-linux_kernelfedoraubuntu_linuxdebian_linuxn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-28660
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.09% / 27.01%
||
7 Day CHG~0.00%
Published-17 Mar, 2021 | 00:00
Updated-03 Aug, 2024 | 21:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); however, system integrators may have situations in which a drivers/staging issue is relevant to their own customer base.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Fedora ProjectDebian GNU/Linux
Product-h300eh500scloud_backuph300s_firmwareh410sh300ssolidfire_baseboard_management_controllerh300e_firmwaredebian_linuxlinux_kernelh500eh410s_firmwarefedorah500s_firmwareh500e_firmwareh700s_firmwareh700eh700e_firmwaresolidfire_baseboard_management_controller_firmwareh700sn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-3846
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8||HIGH
EPSS-0.32% / 54.76%
||
7 Day CHG~0.00%
Published-03 Jun, 2019 | 18:25
Updated-04 Aug, 2024 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.

Action-Not Available
Vendor-n/aFedora ProjectopenSUSECanonical Ltd.Red Hat, Inc.Linux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-h610subuntu_linuxa700s_firmwaredebian_linuxlinux_kernelcn1610hci_management_nodeenterprise_linuxfedoraa700sh610s_firmwarecn1610_firmwareactive_iq_unified_manager_for_vmware_vspheresolidfireleapkernel
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-17666
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.28% / 50.91%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 01:47
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Details not found