CVE-2007-2798 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-2798
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-2798

Description: Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/35080 UBUNTU http://www.ubuntu.com/usn/usn-477-1 TRUSTIX http://www.trustix.org/errata/2007/0021/ SUSE http://www.novell.com/linux/security/advisories/2007_38_krb5.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-102985-1 ST 1018295 SGI SAID Secunia Advisory: SA26228 Secunia Advisory: SA25911 Secunia Advisory: SA25888 Secunia Advisory: SA25814 Secunia Advisory: SA25801 Secunia Advisory: SA25800 Secunia Advisory: SA25894 Secunia Advisory: SA25890 Secunia Advisory: SA25875 Secunia Advisory: SA25821 Secunia Advisory: SA25870 Secunia Advisory: SA26235 Secunia Advisory: SA26033 Secunia Advisory: SA26909 Secunia Advisory: SA27706 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0562.html http://www.redhat.com/support/errata/RHSA-2007-0384.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1726 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:137 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=548 GENTOO http://security.gentoo.org/glsa/glsa-200707-11.xml FULLDISC http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html DEBIAN http://www.debian.org/security/2007/dsa-1323 CONFIRM http://docs.info.apple.com/article.html?artnum=306172 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-005.txt CERT-VN 554257 CERT http://www.us-cert.gov/cas/techalerts/TA07-177A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/472507/30/5970/threaded http://www.securityfocus.com/archive/1/archive/1/472432/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/472289/100/0/threaded BID 25159 24653 APPLE http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html

Return to the previous page.