what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

CVE-2007-3999

Status Candidate

Overview

Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party applications that use krb5, allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long string in an RPC message.

Related Files

Debian Linux Security Advisory 1387-1
Posted Oct 15, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1387-1 - It has been discovered that the original patch for a buffer overflow in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (DSA-1368-1) was insufficient to protect from arbitrary code execution in some environments.

tags | advisory, overflow, arbitrary, code execution
systems | linux, debian
advisories | CVE-2007-4743, CVE-2007-3999
SHA-256 | 50340db3d4f805bcb3c5658fae5d3bac545c80c6847e50ed51e7ec67dc91cd72
Gentoo Linux Security Advisory 200710-1
Posted Oct 5, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-01 - A stack based buffer overflow has been discovered in the svcauth_gss_validate() function in file lib/rpc/svc_auth_gss.c when processing an overly long string in a RPC message. Versions less than 0.16 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-3999
SHA-256 | 5dcb345310412b72c5ee993c17657da7411898965c17fe4fe7957de2cfc7e000
Mandriva Linux Security Advisory 2007.181
Posted Sep 13, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A stack buffer overflow vulnerability was discovered in the RPCSEC_GSS RPC library by Tenable Network Security that could potentially allow for the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-3999
SHA-256 | fcb6d093bfd1297505d92ab2f4a3e29b414561911105c5fe46ae25a93ef65eaf
Zero Day Initiative Advisory 07-052
Posted Sep 13, 2007
Authored by Tipping Point, Tenable Network Security | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of MIT Kerberos. Authentication is not required to exploit this vulnerability. The specific flaw exists in the svcauth_gss_validate() function. By sending a large authentication context over RPC, a stack based buffer overflow occurs, resulting in a situation allowing for remote code execution.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2007-3999
SHA-256 | 4f27736766dd291c21626e29d205e6321ce49701a70947701679ef544a592165
Gentoo Linux Security Advisory 200709-1
Posted Sep 11, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200709-01 - A stack buffer overflow (CVE-2007-3999) has been reported in svcauth_gss_validate() of the RPC library of kadmind. Another vulnerability (CVE-2007-4000) has been found in kadm5_modify_policy_internal(), which does not check the return values of krb5_db_get_policy() correctly. Versions less than 1.5.3-r1 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-3999, CVE-2007-4000
SHA-256 | 069944d06e3a8b3634e84b6d6ae791d61b76bde151ac2d5c0ca18b8f9799be32
Mandriva Linux Security Advisory 2007.174
Posted Sep 8, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A stack buffer overflow vulnerability was discovered in the RPC library used by Kerberos' kadmind program by Tenable Network Security. A remote unauthenticated user who could access kadmind would be able to trigger the flaw and cause it to crash. This issue is only applicable to Kerberos 1.4 and higher. Garrett Wollman found an uninitialized pointer vulnerability in kadmind which a remote unauthenticated attacker able to access kadmind could exploit to cause kadmind to crash. This issue is only applicable to Kerberos 1.5 and higher. The MIT Kerberos Team found a problem with the originally published patch for CVE-2007-3999. A remote unauthenticated attacker able to access kadmind could trigger this flaw and cause kadmind to crash.

tags | advisory, remote, overflow
systems | linux, mandriva
advisories | CVE-2007-3999, CVE-2007-4000, CVE-2007-4743
SHA-256 | 419c6d6e4703fc5ed341977474f79acb6d9a9c8398ff622b03be2b6d07615035
Ubuntu Security Notice 511-2
Posted Sep 8, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 511-2 - USN-511-1 fixed vulnerabilities in krb5 and librpcsecgss. The fixes were incomplete, and only reduced the scope of the vulnerability, without fully solving it. It was discovered that the libraries handling RPCSEC_GSS did not correctly validate the size of certain packet structures. An unauthenticated remote user could send a specially crafted request and execute arbitrary code with root privileges.

tags | advisory, remote, arbitrary, root, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-3999
SHA-256 | 27c26c3a9ce917d976ca3105c865961730631a1995d3534b318b86cc5835fe0b
Mandriva Linux Security Advisory 2007.174
Posted Sep 7, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A stack buffer overflow vulnerability was discovered in the RPC library used by Kerberos' kadmind program by Tenable Network Security. A remote unauthenticated user who could access kadmind would be able to trigger the flaw and cause it to crash. This issue is only applicable to Kerberos 1.4 and higher. Garrett Wollman found an uninitialized pointer vulnerability in kadmind which a remote unauthenticated attacker able to access kadmind could exploit to cause kadmind to crash. This issue is only applicable to Kerberos 1.5 and higher.

tags | advisory, remote, overflow
systems | linux, mandriva
advisories | CVE-2007-3999, CVE-2007-4000
SHA-256 | 7839c4448b99e57a7f492e378a6ad5baca1dad3f52b9ef03b4aab569950e4949
Debian Linux Security Advisory 1367-2
Posted Sep 7, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1367-2 - It was discovered that a buffer overflow of the RPC library of the MIT Kerberos reference implementation allows the execution of arbitrary code. The original patch from DSA-1367-1 didn't address the problem fully.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2007-3999
SHA-256 | 02889d46694d4dd63e73b1eed3d5fd7953777711b963bc78658c5cf8d4d2a7c2
MITKRB5-SA-2007-006-2.txt
Posted Sep 6, 2007
Site web.mit.edu

MIT krb5 Security Advisory 2007-006 - The MIT krb5 Kerberos administration daemon (kadmind) is vulnerable to a stack buffer overflow in the RPCSEC_GSS authentication flavor of the RPC library. Third-party applications using the RPC library provided with MIT krb5 may also be affected. Updated version of the original advisory with a fixed patch.

tags | advisory, overflow
advisories | CVE-2007-3999, CVE-2007-4000
SHA-256 | c517f29d3963a74e5996d51015499a26393ca2069f0a85df1eae3889e291d2f7
Ubuntu Security Notice 511-1
Posted Sep 5, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 511-1 - It was discovered that the libraries handling RPCSEC_GSS did not correctly validate the size of certain packet structures. An unauthenticated remote user could send a specially crafted request and execute arbitrary code with root privileges.

tags | advisory, remote, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2007-3999
SHA-256 | f0d7e4ecea696f4102b26905f36c0d52aa0613151223915446ef7b82a70cd029
MITKRB5-SA-2007-006.txt
Posted Sep 5, 2007
Site web.mit.edu

MIT krb5 Security Advisory 2007-006 - The MIT krb5 Kerberos administration daemon (kadmind) is vulnerable to a stack buffer overflow in the RPCSEC_GSS authentication flavor of the RPC library. Third-party applications using the RPC library provided with MIT krb5 may also be affected.

tags | advisory, overflow
advisories | CVE-2007-3999, CVE-2007-4000
SHA-256 | 1a9330f6b961fff2fb28514f62dcab6e7a9f0930d3de7df2541edeccbfb12714
Debian Linux Security Advisory 1368-1
Posted Sep 5, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1368-1 - It was discovered that a buffer overflow of the library for secure RPC communication over the rpcsec_gss protocol allows the execution of arbitrary code.

tags | advisory, overflow, arbitrary, protocol
systems | linux, debian
advisories | CVE-2007-3999
SHA-256 | aed845c797f5025a8a4299c8252dd1d88db3a5b4bc75aac695af2eb6b8c500a1
Debian Linux Security Advisory 1367-1
Posted Sep 5, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1367-1 - It was discovered that a buffer overflow of the RPC library of the MIT Kerberos reference implementation allows the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2007-3999
SHA-256 | cd01caddd3a22f930c7f7473a213387fdb5b8eba41ab240f88b43be5cbdf4620
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close