Rapid7 Vulnerability & Exploit Database

USN-511-2: Kerberos vulnerability

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

USN-511-2: Kerberos vulnerability

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

09/06/2007

Created

07/25/2018

Added

05/06/2013

Modified

07/09/2020

Description

The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and other applications that use krb5, does not correctly check the buffer length in some environments and architectures, which might allow remote attackers to conduct a buffer overflow attack.

Solution(s)

ubuntu-upgrade-libkadm55
ubuntu-upgrade-librpcsecgss3

References

https://attackerkb.com/topics/cve-2007-4743
APPLE-SA-2007-11-14
26444
TA07-319A
CVE - 2007-4743
DSA-1387
OVAL10239
RHSA-2007:0892
USN-511-2

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

USN-511-2: Kerberos vulnerability

USN-511-2: Kerberos vulnerability

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.