Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2007-4000

The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy" privilege to execute arbitrary code via unspecified vectors that trigger a write to an uninitialized pointer.

Published

2007-09-05T10:17:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 8.5 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:S/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: SINGLE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

6.8

Impact Score

10.0

Weaknesses

Type: Primary
CWE-824

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	mit	kerberos_5	≤ 1.6.2	Yes
Operating System	fedoraproject	fedora	7	Yes

References

http://secunia.com/advisories/26676 Broken Link ([email protected])
http://secunia.com/advisories/26680 Broken Link ([email protected])
http://secunia.com/advisories/26700 Broken Link ([email protected])
http://secunia.com/advisories/26728 Broken Link ([email protected])
http://secunia.com/advisories/26783 Broken Link ([email protected])
http://secunia.com/advisories/26987 Broken Link ([email protected])
http://securityreason.com/securityalert/3092 Broken Link ([email protected])
http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt Vendor Advisory ([email protected])
http://www.gentoo.org/security/en/glsa/glsa-200709-01.xml Third Party Advisory ([email protected])
http://www.kb.cert.org/vuls/id/377544 Third Party Advisory, US Government Resource ([email protected])
http://www.mandriva.com/security/advisories?name=MDKSA-2007:174 Broken Link ([email protected])
http://www.novell.com/linux/security/advisories/2007_19_sr.html Broken Link ([email protected])
http://www.redhat.com/support/errata/RHSA-2007-0858.html Third Party Advisory ([email protected])
http://www.securityfocus.com/archive/1/478794/100/0/threaded Third Party Advisory, VDB Entry ([email protected])
http://www.securityfocus.com/bid/25533 Broken Link, Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id?1018647 Broken Link, Third Party Advisory, VDB Entry ([email protected])
http://www.vupen.com/english/advisories/2007/3051 Broken Link ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=250976 Issue Tracking ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/36438 Broken Link, VDB Entry ([email protected])
https://issues.rpath.com/browse/RPL-1696 Broken Link ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9278 Broken Link ([email protected])
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00087.html Mailing List ([email protected])
http://secunia.com/advisories/26676 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/26680 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/26700 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/26728 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/26783 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/26987 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://securityreason.com/securityalert/3092 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.gentoo.org/security/en/glsa/glsa-200709-01.xml Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/377544 Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2007:174 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2007_19_sr.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2007-0858.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/478794/100/0/threaded Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/25533 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1018647 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/3051 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=250976 Issue Tracking (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36438 Broken Link, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://issues.rpath.com/browse/RPL-1696 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9278 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00087.html Mailing List (af854a3a-2127-422b-91ae-364da2661108)