Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2007-AVI-390
Vulnerability from certfr_avis
Deux vulnérabilités découvertes dans Kerberos 5 permettent l'exécution de code arbitraire à distance.
Description
Deux vulnérabilités ont été découvertes dans Kerberos 5 :
- un débordement de mémoire dans l'implémentation de RPCSEC_GSS permet l'exécution de code arbitraire à distance (référence CVE-2007-3999). D'autres applications utilisant la bibliothèque RPC fournie avec Kerberos 5 peuvent être affectées ;
- le serveur d'administration de Kerberos (kadmind) peut écrire des données dans un pointeur non initialisé (référence CVE-2007-4000). Cette vulnérabilité est spécifique à l'implémentation MIT de Kerberos.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Kerberos versions 5-1.4 à 5-1.6.2. La version 5-1.4 ainsi que la version déployée sur Sun Solaris ne sont pas concernées par la vulnérabilité référencée CVE-2007-4000.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003e\u003cSPAN class=\"textit\"\u003eKerberos\u003c/SPAN\u003e versions 5-1.4 \u00e0 5-1.6.2. La version 5-1.4 ainsi que la version d\u00e9ploy\u00e9e sur Sun Solaris ne sont pas concern\u00e9es par la vuln\u00e9rabilit\u00e9 r\u00e9f\u00e9renc\u00e9e CVE-2007-4000.\u003c/P\u003e",
"content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Kerberos 5 :\n\n- un d\u00e9bordement de m\u00e9moire dans l\u0027impl\u00e9mentation de RPCSEC_GSS permet\n l\u0027ex\u00e9cution de code arbitraire \u00e0 distance (r\u00e9f\u00e9rence CVE-2007-3999).\n D\u0027autres applications utilisant la biblioth\u00e8que RPC fournie avec\n Kerberos 5 peuvent \u00eatre affect\u00e9es ;\n- le serveur d\u0027administration de Kerberos (kadmind) peut \u00e9crire des\n donn\u00e9es dans un pointeur non initialis\u00e9 (r\u00e9f\u00e9rence CVE-2007-4000).\n Cette vuln\u00e9rabilit\u00e9 est sp\u00e9cifique \u00e0 l\u0027impl\u00e9mentation MIT de\n Kerberos.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2007-4000",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4000"
},
{
"name": "CVE-2007-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-3999"
}
],
"initial_release_date": "2007-09-06T00:00:00",
"last_revision_date": "2007-09-06T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Sun Solaris #103060 du 05 septembre 2007 :",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103060-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 du MIT MITKRB5-SA-2007-006 du 04 septembre 2007 :",
"url": "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-006.txt"
}
],
"reference": "CERTA-2007-AVI-390",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2007-09-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Deux vuln\u00e9rabilit\u00e9s d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eKerberos\u003c/span\u003e 5 permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans Kerberos",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 du MIT MITKRB5-SA-2007-006.txt du 04 septembre 2007",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Sun 103060 du 05 septembre 2007",
"url": null
}
]
}
CVE-2007-4000 (GCVE-0-2007-4000)
Vulnerability from cvelistv5
Published
2007-09-05 10:00
Modified
2024-08-07 14:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy" privilege to execute arbitrary code via unspecified vectors that trigger a write to an uninitialized pointer.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:05.906Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200709-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200709-01.xml"
},
{
"name": "FEDORA-2007-2017",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00087.html"
},
{
"name": "SUSE-SR:2007:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1696"
},
{
"name": "26680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26680"
},
{
"name": "26783",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26783"
},
{
"name": "1018647",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018647"
},
{
"name": "ADV-2007-3051",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3051"
},
{
"name": "26728",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26728"
},
{
"name": "26700",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26700"
},
{
"name": "25533",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25533"
},
{
"name": "20070907 FLEA-2007-0050-1 krb5 krb5-workstation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/478794/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=250976"
},
{
"name": "26987",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26987"
},
{
"name": "26676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26676"
},
{
"name": "kerberos-modifypolicy-code-execution(36438)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36438"
},
{
"name": "oval:org.mitre.oval:def:9278",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9278"
},
{
"name": "RHSA-2007:0858",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0858.html"
},
{
"name": "VU#377544",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/377544"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt"
},
{
"name": "3092",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3092"
},
{
"name": "MDKSA-2007:174",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:174"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the \"modify policy\" privilege to execute arbitrary code via unspecified vectors that trigger a write to an uninitialized pointer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200709-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200709-01.xml"
},
{
"name": "FEDORA-2007-2017",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00087.html"
},
{
"name": "SUSE-SR:2007:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1696"
},
{
"name": "26680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26680"
},
{
"name": "26783",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26783"
},
{
"name": "1018647",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018647"
},
{
"name": "ADV-2007-3051",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3051"
},
{
"name": "26728",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26728"
},
{
"name": "26700",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26700"
},
{
"name": "25533",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25533"
},
{
"name": "20070907 FLEA-2007-0050-1 krb5 krb5-workstation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/478794/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=250976"
},
{
"name": "26987",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26987"
},
{
"name": "26676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26676"
},
{
"name": "kerberos-modifypolicy-code-execution(36438)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36438"
},
{
"name": "oval:org.mitre.oval:def:9278",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9278"
},
{
"name": "RHSA-2007:0858",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0858.html"
},
{
"name": "VU#377544",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/377544"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt"
},
{
"name": "3092",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3092"
},
{
"name": "MDKSA-2007:174",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:174"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4000",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the \"modify policy\" privilege to execute arbitrary code via unspecified vectors that trigger a write to an uninitialized pointer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200709-01",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200709-01.xml"
},
{
"name": "FEDORA-2007-2017",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00087.html"
},
{
"name": "SUSE-SR:2007:019",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
},
{
"name": "https://issues.rpath.com/browse/RPL-1696",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1696"
},
{
"name": "26680",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26680"
},
{
"name": "26783",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26783"
},
{
"name": "1018647",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018647"
},
{
"name": "ADV-2007-3051",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3051"
},
{
"name": "26728",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26728"
},
{
"name": "26700",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26700"
},
{
"name": "25533",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25533"
},
{
"name": "20070907 FLEA-2007-0050-1 krb5 krb5-workstation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/478794/100/0/threaded"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=250976",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=250976"
},
{
"name": "26987",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26987"
},
{
"name": "26676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26676"
},
{
"name": "kerberos-modifypolicy-code-execution(36438)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36438"
},
{
"name": "oval:org.mitre.oval:def:9278",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9278"
},
{
"name": "RHSA-2007:0858",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0858.html"
},
{
"name": "VU#377544",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/377544"
},
{
"name": "http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt",
"refsource": "CONFIRM",
"url": "http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt"
},
{
"name": "3092",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3092"
},
{
"name": "MDKSA-2007:174",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:174"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4000",
"datePublished": "2007-09-05T10:00:00",
"dateReserved": "2007-07-25T00:00:00",
"dateUpdated": "2024-08-07T14:37:05.906Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3999 (GCVE-0-2007-3999)
Vulnerability from cvelistv5
Published
2007-09-05 10:00
Modified
2024-08-07 14:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party applications that use krb5, allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long string in an RPC message.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:05.912Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200709-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200709-01.xml"
},
{
"name": "FEDORA-2007-2017",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00087.html"
},
{
"name": "20070912 ZDI-07-052: Multiple Kerberos Implementations Authentication Context Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/479251/100/0/threaded"
},
{
"name": "26713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26713"
},
{
"name": "26822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26822"
},
{
"name": "27043",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27043"
},
{
"name": "ADV-2008-0803",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0803/references"
},
{
"name": "26699",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26699"
},
{
"name": "SUSE-SR:2007:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
},
{
"name": "ADV-2007-3060",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3060"
},
{
"name": "26680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26680"
},
{
"name": "26783",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26783"
},
{
"name": "1018647",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018647"
},
{
"name": "26444",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26444"
},
{
"name": "ADV-2007-3051",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3051"
},
{
"name": "27756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27756"
},
{
"name": "26684",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26684"
},
{
"name": "DSA-1367",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1367"
},
{
"name": "RHSA-2007:0951",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0951.html"
},
{
"name": "26728",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26728"
},
{
"name": "26700",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26700"
},
{
"name": "oval:org.mitre.oval:def:3162",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3162"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=250973"
},
{
"name": "26987",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26987"
},
{
"name": "2007-0026",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2007/0026/"
},
{
"name": "26676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26676"
},
{
"name": "oval:org.mitre.oval:def:9379",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9379"
},
{
"name": "APPLE-SA-2007-11-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=307041"
},
{
"name": "USN-511-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-511-1"
},
{
"name": "27081",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27081"
},
{
"name": "20070906 rPSA-2007-0179-1 krb5 krb5-server krb5-services krb5-test krb5-workstation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/478748/100/0/threaded"
},
{
"name": "SUSE-SR:2007:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
},
{
"name": "29270",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29270"
},
{
"name": "FEDORA-2008-1017",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00173.html"
},
{
"name": "201319",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201319-1"
},
{
"name": "ADV-2007-3868",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3868"
},
{
"name": "GLSA-200710-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200710-01.xml"
},
{
"name": "RHSA-2007:0913",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0913.html"
},
{
"name": "[security-announce] 20070906 rPSA-2007-0179-2 krb5 krb5-server krb5-services krb5-test krb5-workstation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.rpath.com/pipermail/security-announce/2007-September/000237.html"
},
{
"name": "DSA-1368",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1368"
},
{
"name": "RHSA-2007:0858",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0858.html"
},
{
"name": "MDKSA-2007:181",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:181"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-052.html"
},
{
"name": "26691",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26691"
},
{
"name": "26896",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26896"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt"
},
{
"name": "26697",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26697"
},
{
"name": "27146",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27146"
},
{
"name": "VU#883632",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/883632"
},
{
"name": "27643",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27643"
},
{
"name": "ADV-2007-3052",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3052"
},
{
"name": "kerberos-rpcsecgss-bo(36437)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36437"
},
{
"name": "25534",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25534"
},
{
"name": "TA07-319A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html"
},
{
"name": "26705",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26705"
},
{
"name": "3092",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3092"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-396.htm"
},
{
"name": "26792",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26792"
},
{
"name": "29247",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29247"
},
{
"name": "103060",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103060-1"
},
{
"name": "MDKSA-2007:174",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:174"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party applications that use krb5, allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long string in an RPC message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200709-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200709-01.xml"
},
{
"name": "FEDORA-2007-2017",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00087.html"
},
{
"name": "20070912 ZDI-07-052: Multiple Kerberos Implementations Authentication Context Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/479251/100/0/threaded"
},
{
"name": "26713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26713"
},
{
"name": "26822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26822"
},
{
"name": "27043",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27043"
},
{
"name": "ADV-2008-0803",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0803/references"
},
{
"name": "26699",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26699"
},
{
"name": "SUSE-SR:2007:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
},
{
"name": "ADV-2007-3060",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3060"
},
{
"name": "26680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26680"
},
{
"name": "26783",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26783"
},
{
"name": "1018647",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018647"
},
{
"name": "26444",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26444"
},
{
"name": "ADV-2007-3051",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3051"
},
{
"name": "27756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27756"
},
{
"name": "26684",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26684"
},
{
"name": "DSA-1367",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1367"
},
{
"name": "RHSA-2007:0951",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0951.html"
},
{
"name": "26728",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26728"
},
{
"name": "26700",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26700"
},
{
"name": "oval:org.mitre.oval:def:3162",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3162"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=250973"
},
{
"name": "26987",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26987"
},
{
"name": "2007-0026",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2007/0026/"
},
{
"name": "26676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26676"
},
{
"name": "oval:org.mitre.oval:def:9379",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9379"
},
{
"name": "APPLE-SA-2007-11-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=307041"
},
{
"name": "USN-511-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-511-1"
},
{
"name": "27081",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27081"
},
{
"name": "20070906 rPSA-2007-0179-1 krb5 krb5-server krb5-services krb5-test krb5-workstation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/478748/100/0/threaded"
},
{
"name": "SUSE-SR:2007:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
},
{
"name": "29270",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29270"
},
{
"name": "FEDORA-2008-1017",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00173.html"
},
{
"name": "201319",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201319-1"
},
{
"name": "ADV-2007-3868",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3868"
},
{
"name": "GLSA-200710-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200710-01.xml"
},
{
"name": "RHSA-2007:0913",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0913.html"
},
{
"name": "[security-announce] 20070906 rPSA-2007-0179-2 krb5 krb5-server krb5-services krb5-test krb5-workstation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.rpath.com/pipermail/security-announce/2007-September/000237.html"
},
{
"name": "DSA-1368",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1368"
},
{
"name": "RHSA-2007:0858",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0858.html"
},
{
"name": "MDKSA-2007:181",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:181"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-052.html"
},
{
"name": "26691",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26691"
},
{
"name": "26896",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26896"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt"
},
{
"name": "26697",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26697"
},
{
"name": "27146",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27146"
},
{
"name": "VU#883632",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/883632"
},
{
"name": "27643",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27643"
},
{
"name": "ADV-2007-3052",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3052"
},
{
"name": "kerberos-rpcsecgss-bo(36437)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36437"
},
{
"name": "25534",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25534"
},
{
"name": "TA07-319A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html"
},
{
"name": "26705",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26705"
},
{
"name": "3092",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3092"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-396.htm"
},
{
"name": "26792",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26792"
},
{
"name": "29247",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29247"
},
{
"name": "103060",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103060-1"
},
{
"name": "MDKSA-2007:174",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:174"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3999",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party applications that use krb5, allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long string in an RPC message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200709-01",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200709-01.xml"
},
{
"name": "FEDORA-2007-2017",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00087.html"
},
{
"name": "20070912 ZDI-07-052: Multiple Kerberos Implementations Authentication Context Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/479251/100/0/threaded"
},
{
"name": "26713",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26713"
},
{
"name": "26822",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26822"
},
{
"name": "27043",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27043"
},
{
"name": "ADV-2008-0803",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0803/references"
},
{
"name": "26699",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26699"
},
{
"name": "SUSE-SR:2007:019",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
},
{
"name": "ADV-2007-3060",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3060"
},
{
"name": "26680",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26680"
},
{
"name": "26783",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26783"
},
{
"name": "1018647",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018647"
},
{
"name": "26444",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26444"
},
{
"name": "ADV-2007-3051",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3051"
},
{
"name": "27756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27756"
},
{
"name": "26684",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26684"
},
{
"name": "DSA-1367",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1367"
},
{
"name": "RHSA-2007:0951",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0951.html"
},
{
"name": "26728",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26728"
},
{
"name": "26700",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26700"
},
{
"name": "oval:org.mitre.oval:def:3162",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3162"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=250973",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=250973"
},
{
"name": "26987",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26987"
},
{
"name": "2007-0026",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0026/"
},
{
"name": "26676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26676"
},
{
"name": "oval:org.mitre.oval:def:9379",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9379"
},
{
"name": "APPLE-SA-2007-11-14",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=307041",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=307041"
},
{
"name": "USN-511-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-511-1"
},
{
"name": "27081",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27081"
},
{
"name": "20070906 rPSA-2007-0179-1 krb5 krb5-server krb5-services krb5-test krb5-workstation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/478748/100/0/threaded"
},
{
"name": "SUSE-SR:2007:024",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
},
{
"name": "29270",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29270"
},
{
"name": "FEDORA-2008-1017",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00173.html"
},
{
"name": "201319",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201319-1"
},
{
"name": "ADV-2007-3868",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3868"
},
{
"name": "GLSA-200710-01",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200710-01.xml"
},
{
"name": "RHSA-2007:0913",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0913.html"
},
{
"name": "[security-announce] 20070906 rPSA-2007-0179-2 krb5 krb5-server krb5-services krb5-test krb5-workstation",
"refsource": "MLIST",
"url": "http://lists.rpath.com/pipermail/security-announce/2007-September/000237.html"
},
{
"name": "DSA-1368",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1368"
},
{
"name": "RHSA-2007:0858",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0858.html"
},
{
"name": "MDKSA-2007:181",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:181"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-052.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-052.html"
},
{
"name": "26691",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26691"
},
{
"name": "26896",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26896"
},
{
"name": "http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt",
"refsource": "CONFIRM",
"url": "http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt"
},
{
"name": "26697",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26697"
},
{
"name": "27146",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27146"
},
{
"name": "VU#883632",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/883632"
},
{
"name": "27643",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27643"
},
{
"name": "ADV-2007-3052",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3052"
},
{
"name": "kerberos-rpcsecgss-bo(36437)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36437"
},
{
"name": "25534",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25534"
},
{
"name": "TA07-319A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html"
},
{
"name": "26705",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26705"
},
{
"name": "3092",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3092"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-396.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-396.htm"
},
{
"name": "26792",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26792"
},
{
"name": "29247",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29247"
},
{
"name": "103060",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103060-1"
},
{
"name": "MDKSA-2007:174",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:174"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3999",
"datePublished": "2007-09-05T10:00:00",
"dateReserved": "2007-07-25T00:00:00",
"dateUpdated": "2024-08-07T14:37:05.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…