CVE-2007-2442 - Vulnerability Details

The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Canonical	Ubuntu Linux
Debian	Debian Linux
Mit	Kerberos 5
Redhat	Enterprise Linux

Configuration 1 [-]

cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:3.1:::::::*
	cpe:2.3:o:debian:debian_linux:4.0:::::::*

Configuration 3 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:6.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 2.1
krb5-0:1.2.2-47	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2007:0384	2007-06-26T00:00:00Z
Red Hat Enterprise Linux 3
krb5-0:1.2.7-66	cpe:/o:redhat:enterprise_linux:3	RHSA-2007:0384	2007-06-26T00:00:00Z
Red Hat Enterprise Linux 4
krb5-0:1.3.4-49	cpe:/o:redhat:enterprise_linux:4	RHSA-2007:0562	2007-06-26T00:00:00Z
Red Hat Enterprise Linux 5
krb5-0:1.5-26	cpe:/o:redhat:enterprise_linux:5	RHSA-2007:0562	2007-06-26T00:00:00Z

References

Link	Providers
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
http://docs.info.apple.com/article.html?artnum=306172
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
http://osvdb.org/36596
http://secunia.com/advisories/25800
http://secunia.com/advisories/25801
http://secunia.com/advisories/25814
http://secunia.com/advisories/25821
http://secunia.com/advisories/25841
http://secunia.com/advisories/25870
http://secunia.com/advisories/25888
http://secunia.com/advisories/25890
http://secunia.com/advisories/25894
http://secunia.com/advisories/25911
http://secunia.com/advisories/26033
http://secunia.com/advisories/26228
http://secunia.com/advisories/26235
http://secunia.com/advisories/26909
http://secunia.com/advisories/27706
http://secunia.com/advisories/40346
http://security.gentoo.org/glsa/glsa-200707-11.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102914-1
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt
http://www.debian.org/security/2007/dsa-1323
http://www.kb.cert.org/vuls/id/356961
http://www.mandriva.com/security/advisories?name=MDKSA-2007:137
http://www.novell.com/linux/security/advisories/2007_38_krb5.html
http://www.redhat.com/support/errata/RHSA-2007-0384.html
http://www.redhat.com/support/errata/RHSA-2007-0562.html
http://www.securityfocus.com/archive/1/472288/100/0/threaded
http://www.securityfocus.com/archive/1/472432/100/0/threaded
http://www.securityfocus.com/archive/1/472507/30/5970/threaded
http://www.securityfocus.com/bid/24655
http://www.securityfocus.com/bid/25159
http://www.securitytracker.com/id?1018293
http://www.trustix.org/errata/2007/0021/
http://www.ubuntu.com/usn/usn-477-1
http://www.us-cert.gov/cas/techalerts/TA07-177A.html
http://www.vupen.com/english/advisories/2007/2337
http://www.vupen.com/english/advisories/2007/2354
http://www.vupen.com/english/advisories/2007/2491
http://www.vupen.com/english/advisories/2007/2732
http://www.vupen.com/english/advisories/2007/3229
http://www.vupen.com/english/advisories/2010/1574
https://exchange.xforce.ibmcloud.com/vulnerabilities/35082
https://issues.rpath.com/browse/RPL-1499
https://nvd.nist.gov/vuln/detail/CVE-2007-2442
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10631
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7344
https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html
https://www.cve.org/CVERecord?id=CVE-2007-2442

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-06-26T22:00:00

Updated: 2024-08-07T13:42:32.340Z

Reserved: 2007-05-02T00:00:00

Link: CVE-2007-2442

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-06-26T22:30:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-2442

Redhat

Severity : Important

Publid Date: 2007-06-26T00:00:00Z

Links: CVE-2007-2442 - Bugzilla

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-06-26T00:00:00", "descriptions": [{"lang": "en", "value": "The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"}, {"name": "kerberos-gssrpcsvcauthgssapi-code-execution(35082)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35082"}, {"name": "ADV-2007-2732", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2732"}, {"name": "25894", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25894"}, {"name": "oval:org.mitre.oval:def:10631", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10631"}, {"name": "25801", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25801"}, {"name": "USN-477-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-477-1"}, {"name": "VU#356961", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/356961"}, {"name": "ADV-2007-3229", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/3229"}, {"name": "20070629 TSLSA-2007-0021 - kerberos5", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/472507/30/5970/threaded"}, {"name": "25911", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25911"}, {"name": "25888", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25888"}, {"name": "36596", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/36596"}, {"name": "RHSA-2007:0384", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0384.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html"}, {"name": "25890", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25890"}, {"name": "ADV-2007-2337", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2337"}, {"name": "APPLE-SA-2007-07-31", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"}, {"name": "ADV-2007-2491", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2491"}, {"name": "26228", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26228"}, {"name": "ADV-2010-1574", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/1574"}, {"name": "oval:org.mitre.oval:def:7344", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7344"}, {"name": "26033", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26033"}, {"name": "GLSA-200707-11", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200707-11.xml"}, {"name": "25800", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25800"}, {"name": "SSRT100107", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427"}, {"name": "1018293", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1018293"}, {"name": "DSA-1323", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2007/dsa-1323"}, {"name": "2007-0021", "tags": ["vendor-advisory", "x_refsource_TRUSTIX"], "url": "http://www.trustix.org/errata/2007/0021/"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt"}, {"name": "TA07-177A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-177A.html"}, {"name": "SUSE-SA:2007:038", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2007_38_krb5.html"}, {"name": "25870", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25870"}, {"name": "MDKSA-2007:137", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:137"}, {"name": "26909", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26909"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-1499"}, {"name": "27706", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27706"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://docs.info.apple.com/article.html?artnum=306172"}, {"name": "ADV-2007-2354", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2354"}, {"name": "RHSA-2007:0562", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0562.html"}, {"name": "HPSBUX02544", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt"}, {"name": "102914", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102914-1"}, {"name": "20070628 FLEA-2007-0029-1: krb5 krb5-workstation", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/472432/100/0/threaded"}, {"name": "25159", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/25159"}, {"name": "20070626 MITKRB5-SA-2007-004: kadmind multiple RPC lib vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/472288/100/0/threaded"}, {"name": "25814", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25814"}, {"name": "25821", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25821"}, {"name": "20070602-01-P", "tags": ["vendor-advisory", "x_refsource_SGI"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"}, {"name": "40346", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/40346"}, {"name": "25841", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25841"}, {"name": "26235", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26235"}, {"name": "24655", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/24655"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-2442", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"}, {"name": "kerberos-gssrpcsvcauthgssapi-code-execution(35082)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35082"}, {"name": "ADV-2007-2732", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2732"}, {"name": "25894", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25894"}, {"name": "oval:org.mitre.oval:def:10631", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10631"}, {"name": "25801", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25801"}, {"name": "USN-477-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-477-1"}, {"name": "VU#356961", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/356961"}, {"name": "ADV-2007-3229", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3229"}, {"name": "20070629 TSLSA-2007-0021 - kerberos5", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/472507/30/5970/threaded"}, {"name": "25911", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25911"}, {"name": "25888", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25888"}, {"name": "36596", "refsource": "OSVDB", "url": "http://osvdb.org/36596"}, {"name": "RHSA-2007:0384", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-0384.html"}, {"name": "https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html", "refsource": "CONFIRM", "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html"}, {"name": "25890", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25890"}, {"name": "ADV-2007-2337", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2337"}, {"name": "APPLE-SA-2007-07-31", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"}, {"name": "ADV-2007-2491", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2491"}, {"name": "26228", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26228"}, {"name": "ADV-2010-1574", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/1574"}, {"name": "oval:org.mitre.oval:def:7344", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7344"}, {"name": "26033", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26033"}, {"name": "GLSA-200707-11", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200707-11.xml"}, {"name": "25800", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25800"}, {"name": "SSRT100107", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427"}, {"name": "1018293", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018293"}, {"name": "DSA-1323", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2007/dsa-1323"}, {"name": "2007-0021", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2007/0021/"}, {"name": "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt", "refsource": "CONFIRM", "url": "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt"}, {"name": "TA07-177A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA07-177A.html"}, {"name": "SUSE-SA:2007:038", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2007_38_krb5.html"}, {"name": "25870", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25870"}, {"name": "MDKSA-2007:137", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:137"}, {"name": "26909", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26909"}, {"name": "https://issues.rpath.com/browse/RPL-1499", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-1499"}, {"name": "27706", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27706"}, {"name": "http://docs.info.apple.com/article.html?artnum=306172", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=306172"}, {"name": "ADV-2007-2354", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2354"}, {"name": "RHSA-2007:0562", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-0562.html"}, {"name": "HPSBUX02544", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427"}, {"name": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt", "refsource": "CONFIRM", "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt"}, {"name": "102914", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102914-1"}, {"name": "20070628 FLEA-2007-0029-1: krb5 krb5-workstation", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/472432/100/0/threaded"}, {"name": "25159", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25159"}, {"name": "20070626 MITKRB5-SA-2007-004: kadmind multiple RPC lib vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/472288/100/0/threaded"}, {"name": "25814", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25814"}, {"name": "25821", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25821"}, {"name": "20070602-01-P", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"}, {"name": "40346", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/40346"}, {"name": "25841", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25841"}, {"name": "26235", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26235"}, {"name": "24655", "refsource": "BID", "url": "http://www.securityfocus.com/bid/24655"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T13:42:32.340Z"}, "title": "CVE Program Container", "references": [{"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"}, {"name": "kerberos-gssrpcsvcauthgssapi-code-execution(35082)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35082"}, {"name": "ADV-2007-2732", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2732"}, {"name": "25894", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25894"}, {"name": "oval:org.mitre.oval:def:10631", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10631"}, {"name": "25801", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25801"}, {"name": "USN-477-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-477-1"}, {"name": "VU#356961", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/356961"}, {"name": "ADV-2007-3229", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/3229"}, {"name": "20070629 TSLSA-2007-0021 - kerberos5", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/472507/30/5970/threaded"}, {"name": "25911", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25911"}, {"name": "25888", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25888"}, {"name": "36596", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/36596"}, {"name": "RHSA-2007:0384", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0384.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html"}, {"name": "25890", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25890"}, {"name": "ADV-2007-2337", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2337"}, {"name": "APPLE-SA-2007-07-31", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"}, {"name": "ADV-2007-2491", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2491"}, {"name": "26228", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26228"}, {"name": "ADV-2010-1574", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/1574"}, {"name": "oval:org.mitre.oval:def:7344", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7344"}, {"name": "26033", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26033"}, {"name": "GLSA-200707-11", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200707-11.xml"}, {"name": "25800", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25800"}, {"name": "SSRT100107", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427"}, {"name": "1018293", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1018293"}, {"name": "DSA-1323", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2007/dsa-1323"}, {"name": "2007-0021", "tags": ["vendor-advisory", "x_refsource_TRUSTIX", "x_transferred"], "url": "http://www.trustix.org/errata/2007/0021/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt"}, {"name": "TA07-177A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-177A.html"}, {"name": "SUSE-SA:2007:038", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/2007_38_krb5.html"}, {"name": "25870", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25870"}, {"name": "MDKSA-2007:137", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:137"}, {"name": "26909", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26909"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.rpath.com/browse/RPL-1499"}, {"name": "27706", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27706"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://docs.info.apple.com/article.html?artnum=306172"}, {"name": "ADV-2007-2354", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2354"}, {"name": "RHSA-2007:0562", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0562.html"}, {"name": "HPSBUX02544", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt"}, {"name": "102914", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102914-1"}, {"name": "20070628 FLEA-2007-0029-1: krb5 krb5-workstation", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/472432/100/0/threaded"}, {"name": "25159", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/25159"}, {"name": "20070626 MITKRB5-SA-2007-004: kadmind multiple RPC lib vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/472288/100/0/threaded"}, {"name": "25814", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25814"}, {"name": "25821", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25821"}, {"name": "20070602-01-P", "tags": ["vendor-advisory", "x_refsource_SGI", "x_transferred"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"}, {"name": "40346", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/40346"}, {"name": "25841", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25841"}, {"name": "26235", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26235"}, {"name": "24655", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/24655"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-2442", "datePublished": "2007-06-26T22:00:00", "dateReserved": "2007-05-02T00:00:00", "dateUpdated": "2024-08-07T13:42:32.340Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2007-06-26T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2018-10-16T14:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

name : 20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_FULLDISC (string)

]

url : http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html (string)

}

1 : { »

name : kerberos-gssrpcsvcauthgssapi-code-execution(35082) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/35082 (string)

}

2 : { »

name : ADV-2007-2732 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

]

url : http://www.vupen.com/english/advisories/2007/2732 (string)

}

3 : { »

name : 25894 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/25894 (string)

}

4 : { »

name : oval:org.mitre.oval:def:10631 (string)

tags : [ »

0 : vdb-entry (string)

1 : signature (string)

2 : x_refsource_OVAL (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10631 (string)

}

5 : { »

name : 25801 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/25801 (string)

}

6 : { »

name : USN-477-1 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_UBUNTU (string)

]

url : http://www.ubuntu.com/usn/usn-477-1 (string)

}

7 : { »

name : VU#356961 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_CERT-VN (string)

]

url : http://www.kb.cert.org/vuls/id/356961 (string)

}

8 : { »

name : ADV-2007-3229 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

]

url : http://www.vupen.com/english/advisories/2007/3229 (string)

}

9 : { »

name : 20070629 TSLSA-2007-0021 - kerberos5 (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

]

url : http://www.securityfocus.com/archive/1/472507/30/5970/threaded (string)

}

10 : { »

name : 25911 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/25911 (string)

}

11 : { »

name : 25888 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/25888 (string)

}

12 : { »

name : 36596 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

]

url : http://osvdb.org/36596 (string)

}

13 : { »

name : RHSA-2007:0384 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

url : http://www.redhat.com/support/errata/RHSA-2007-0384.html (string)

}

14 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html (string)

}

15 : { »

name : 25890 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/25890 (string)

}

16 : { »

name : ADV-2007-2337 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

]

url : http://www.vupen.com/english/advisories/2007/2337 (string)

}

17 : { »

name : APPLE-SA-2007-07-31 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_APPLE (string)

]

url : http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html (string)

}

18 : { »

name : ADV-2007-2491 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

]

url : http://www.vupen.com/english/advisories/2007/2491 (string)

}

19 : { »

name : 26228 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/26228 (string)

}

20 : { »

name : ADV-2010-1574 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

]

url : http://www.vupen.com/english/advisories/2010/1574 (string)

}

21 : { »

name : oval:org.mitre.oval:def:7344 (string)

tags : [ »

0 : vdb-entry (string)

1 : signature (string)

2 : x_refsource_OVAL (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7344 (string)

}

22 : { »

name : 26033 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/26033 (string)

}

23 : { »

name : GLSA-200707-11 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_GENTOO (string)

]

url : http://security.gentoo.org/glsa/glsa-200707-11.xml (string)

}

24 : { »

name : 25800 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/25800 (string)

}

25 : { »

name : SSRT100107 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_HP (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427 (string)

}

26 : { »

name : 1018293 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://www.securitytracker.com/id?1018293 (string)

}

27 : { »

name : DSA-1323 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_DEBIAN (string)

]

url : http://www.debian.org/security/2007/dsa-1323 (string)

}

28 : { »

name : 2007-0021 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_TRUSTIX (string)

]

url : http://www.trustix.org/errata/2007/0021/ (string)

}

29 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt (string)

}

30 : { »

name : TA07-177A (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_CERT (string)

]

url : http://www.us-cert.gov/cas/techalerts/TA07-177A.html (string)

}

31 : { »

name : SUSE-SA:2007:038 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

url : http://www.novell.com/linux/security/advisories/2007_38_krb5.html (string)

}

32 : { »

name : 25870 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/25870 (string)

}

33 : { »

name : MDKSA-2007:137 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_MANDRIVA (string)

]

url : http://www.mandriva.com/security/advisories?name=MDKSA-2007:137 (string)

}

34 : { »

name : 26909 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/26909 (string)

}

35 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://issues.rpath.com/browse/RPL-1499 (string)

}

36 : { »

name : 27706 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/27706 (string)

}

37 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://docs.info.apple.com/article.html?artnum=306172 (string)

}

38 : { »

name : ADV-2007-2354 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

]

url : http://www.vupen.com/english/advisories/2007/2354 (string)

}

39 : { »

name : RHSA-2007:0562 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

url : http://www.redhat.com/support/errata/RHSA-2007-0562.html (string)

}

40 : { »

name : HPSBUX02544 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_HP (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427 (string)

}

41 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt (string)

}

42 : { »

name : 102914 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUNALERT (string)

]

url : http://sunsolve.sun.com/search/document.do?assetkey=1-26-102914-1 (string)

}

43 : { »

name : 20070628 FLEA-2007-0029-1: krb5 krb5-workstation (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

]

url : http://www.securityfocus.com/archive/1/472432/100/0/threaded (string)

}

44 : { »

name : 25159 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/25159 (string)

}

45 : { »

name : 20070626 MITKRB5-SA-2007-004: kadmind multiple RPC lib vulnerabilities (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

]

url : http://www.securityfocus.com/archive/1/472288/100/0/threaded (string)

}

46 : { »

name : 25814 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/25814 (string)

}

47 : { »

name : 25821 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/25821 (string)

}

48 : { »

name : 20070602-01-P (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SGI (string)

]

url : ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc (string)

}

49 : { »

name : 40346 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/40346 (string)

}

50 : { »

name : 25841 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/25841 (string)

}

51 : { »

name : 26235 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/26235 (string)

}

52 : { »

name : 24655 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/24655 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2007-2442 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player (string)

refsource : FULLDISC (string)

url : http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html (string)

}

1 : { »

name : kerberos-gssrpcsvcauthgssapi-code-execution(35082) (string)

refsource : XF (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/35082 (string)

}

2 : { »

name : ADV-2007-2732 (string)

refsource : VUPEN (string)

url : http://www.vupen.com/english/advisories/2007/2732 (string)

}

3 : { »

name : 25894 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/25894 (string)

}

4 : { »

name : oval:org.mitre.oval:def:10631 (string)

refsource : OVAL (string)

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10631 (string)

}

5 : { »

name : 25801 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/25801 (string)

}

6 : { »

name : USN-477-1 (string)

refsource : UBUNTU (string)

url : http://www.ubuntu.com/usn/usn-477-1 (string)

}

7 : { »

name : VU#356961 (string)

refsource : CERT-VN (string)

url : http://www.kb.cert.org/vuls/id/356961 (string)

}

8 : { »

name : ADV-2007-3229 (string)

refsource : VUPEN (string)

url : http://www.vupen.com/english/advisories/2007/3229 (string)

}

9 : { »

name : 20070629 TSLSA-2007-0021 - kerberos5 (string)

refsource : BUGTRAQ (string)

url : http://www.securityfocus.com/archive/1/472507/30/5970/threaded (string)

}

10 : { »

name : 25911 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/25911 (string)

}

11 : { »

name : 25888 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/25888 (string)

}

12 : { »

name : 36596 (string)

refsource : OSVDB (string)

url : http://osvdb.org/36596 (string)

}

13 : { »

name : RHSA-2007:0384 (string)

refsource : REDHAT (string)

url : http://www.redhat.com/support/errata/RHSA-2007-0384.html (string)

}

14 : { »

name : https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html (string)

refsource : CONFIRM (string)

url : https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html (string)

}

15 : { »

name : 25890 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/25890 (string)

}

16 : { »

name : ADV-2007-2337 (string)

refsource : VUPEN (string)

url : http://www.vupen.com/english/advisories/2007/2337 (string)

}

17 : { »

name : APPLE-SA-2007-07-31 (string)

refsource : APPLE (string)

url : http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html (string)

}

18 : { »

name : ADV-2007-2491 (string)

refsource : VUPEN (string)

url : http://www.vupen.com/english/advisories/2007/2491 (string)

}

19 : { »

name : 26228 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/26228 (string)

}

20 : { »

name : ADV-2010-1574 (string)

refsource : VUPEN (string)

url : http://www.vupen.com/english/advisories/2010/1574 (string)

}

21 : { »

name : oval:org.mitre.oval:def:7344 (string)

refsource : OVAL (string)

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7344 (string)

}

22 : { »

name : 26033 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/26033 (string)

}

23 : { »

name : GLSA-200707-11 (string)

refsource : GENTOO (string)

url : http://security.gentoo.org/glsa/glsa-200707-11.xml (string)

}

24 : { »

name : 25800 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/25800 (string)

}

25 : { »

name : SSRT100107 (string)

refsource : HP (string)

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427 (string)

}

26 : { »

name : 1018293 (string)

refsource : SECTRACK (string)

url : http://www.securitytracker.com/id?1018293 (string)

}

27 : { »

name : DSA-1323 (string)

refsource : DEBIAN (string)

url : http://www.debian.org/security/2007/dsa-1323 (string)

}

28 : { »

name : 2007-0021 (string)

refsource : TRUSTIX (string)

url : http://www.trustix.org/errata/2007/0021/ (string)

}

29 : { »

name : http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt (string)

refsource : CONFIRM (string)

url : http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt (string)

}

30 : { »

name : TA07-177A (string)

refsource : CERT (string)

url : http://www.us-cert.gov/cas/techalerts/TA07-177A.html (string)

}

31 : { »

name : SUSE-SA:2007:038 (string)

refsource : SUSE (string)

url : http://www.novell.com/linux/security/advisories/2007_38_krb5.html (string)

}

32 : { »

name : 25870 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/25870 (string)

}

33 : { »

name : MDKSA-2007:137 (string)

refsource : MANDRIVA (string)

url : http://www.mandriva.com/security/advisories?name=MDKSA-2007:137 (string)

}

34 : { »

name : 26909 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/26909 (string)

}

35 : { »

name : https://issues.rpath.com/browse/RPL-1499 (string)

refsource : CONFIRM (string)

url : https://issues.rpath.com/browse/RPL-1499 (string)

}

36 : { »

name : 27706 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/27706 (string)

}

37 : { »

name : http://docs.info.apple.com/article.html?artnum=306172 (string)

refsource : CONFIRM (string)

url : http://docs.info.apple.com/article.html?artnum=306172 (string)

}

38 : { »

name : ADV-2007-2354 (string)

refsource : VUPEN (string)

url : http://www.vupen.com/english/advisories/2007/2354 (string)

}

39 : { »

name : RHSA-2007:0562 (string)

refsource : REDHAT (string)

url : http://www.redhat.com/support/errata/RHSA-2007-0562.html (string)

}

40 : { »

name : HPSBUX02544 (string)

refsource : HP (string)

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427 (string)

}

41 : { »

name : http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt (string)

refsource : CONFIRM (string)

url : http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt (string)

}

42 : { »

name : 102914 (string)

refsource : SUNALERT (string)

url : http://sunsolve.sun.com/search/document.do?assetkey=1-26-102914-1 (string)

}

43 : { »

name : 20070628 FLEA-2007-0029-1: krb5 krb5-workstation (string)

refsource : BUGTRAQ (string)

url : http://www.securityfocus.com/archive/1/472432/100/0/threaded (string)

}

44 : { »

name : 25159 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/25159 (string)

}

45 : { »

name : 20070626 MITKRB5-SA-2007-004: kadmind multiple RPC lib vulnerabilities (string)

refsource : BUGTRAQ (string)

url : http://www.securityfocus.com/archive/1/472288/100/0/threaded (string)

}

46 : { »

name : 25814 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/25814 (string)

}

47 : { »

name : 25821 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/25821 (string)

}

48 : { »

name : 20070602-01-P (string)

refsource : SGI (string)

url : ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc (string)

}

49 : { »

name : 40346 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/40346 (string)

}

50 : { »

name : 25841 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/25841 (string)

}

51 : { »

name : 26235 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/26235 (string)

}

52 : { »

name : 24655 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/24655 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-07T13:42:32.340Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_FULLDISC (string)

2 : x_transferred (string)

]

url : http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html (string)

}

1 : { »

name : kerberos-gssrpcsvcauthgssapi-code-execution(35082) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

2 : x_transferred (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/35082 (string)

}

2 : { »

name : ADV-2007-2732 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

2 : x_transferred (string)

]

url : http://www.vupen.com/english/advisories/2007/2732 (string)

}

3 : { »

name : 25894 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/25894 (string)

}

4 : { »

name : oval:org.mitre.oval:def:10631 (string)

tags : [ »

0 : vdb-entry (string)

1 : signature (string)

2 : x_refsource_OVAL (string)

3 : x_transferred (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10631 (string)

}

5 : { »

name : 25801 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/25801 (string)

}

6 : { »

name : USN-477-1 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_UBUNTU (string)

2 : x_transferred (string)

]

url : http://www.ubuntu.com/usn/usn-477-1 (string)

}

7 : { »

name : VU#356961 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_CERT-VN (string)

2 : x_transferred (string)

]

url : http://www.kb.cert.org/vuls/id/356961 (string)

}

8 : { »

name : ADV-2007-3229 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

2 : x_transferred (string)

]

url : http://www.vupen.com/english/advisories/2007/3229 (string)

}

9 : { »

name : 20070629 TSLSA-2007-0021 - kerberos5 (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/archive/1/472507/30/5970/threaded (string)

}

10 : { »

name : 25911 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/25911 (string)

}

11 : { »

name : 25888 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/25888 (string)

}

12 : { »

name : 36596 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

2 : x_transferred (string)

]

url : http://osvdb.org/36596 (string)

}

13 : { »

name : RHSA-2007:0384 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

url : http://www.redhat.com/support/errata/RHSA-2007-0384.html (string)

}

14 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html (string)

}

15 : { »

name : 25890 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/25890 (string)

}

16 : { »

name : ADV-2007-2337 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

2 : x_transferred (string)

]

url : http://www.vupen.com/english/advisories/2007/2337 (string)

}

17 : { »

name : APPLE-SA-2007-07-31 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_APPLE (string)

2 : x_transferred (string)

]

url : http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html (string)

}

18 : { »

name : ADV-2007-2491 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

2 : x_transferred (string)

]

url : http://www.vupen.com/english/advisories/2007/2491 (string)

}

19 : { »

name : 26228 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/26228 (string)

}

20 : { »

name : ADV-2010-1574 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

2 : x_transferred (string)

]

url : http://www.vupen.com/english/advisories/2010/1574 (string)

}

21 : { »

name : oval:org.mitre.oval:def:7344 (string)

tags : [ »

0 : vdb-entry (string)

1 : signature (string)

2 : x_refsource_OVAL (string)

3 : x_transferred (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7344 (string)

}

22 : { »

name : 26033 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/26033 (string)

}

23 : { »

name : GLSA-200707-11 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_GENTOO (string)

2 : x_transferred (string)

]

url : http://security.gentoo.org/glsa/glsa-200707-11.xml (string)

}

24 : { »

name : 25800 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/25800 (string)

}

25 : { »

name : SSRT100107 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_HP (string)

2 : x_transferred (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427 (string)

}

26 : { »

name : 1018293 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://www.securitytracker.com/id?1018293 (string)

}

27 : { »

name : DSA-1323 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_DEBIAN (string)

2 : x_transferred (string)

]

url : http://www.debian.org/security/2007/dsa-1323 (string)

}

28 : { »

name : 2007-0021 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_TRUSTIX (string)

2 : x_transferred (string)

]

url : http://www.trustix.org/errata/2007/0021/ (string)

}

29 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt (string)

}

30 : { »

name : TA07-177A (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_CERT (string)

2 : x_transferred (string)

]

url : http://www.us-cert.gov/cas/techalerts/TA07-177A.html (string)

}

31 : { »

name : SUSE-SA:2007:038 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

url : http://www.novell.com/linux/security/advisories/2007_38_krb5.html (string)

}

32 : { »

name : 25870 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/25870 (string)

}

33 : { »

name : MDKSA-2007:137 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_MANDRIVA (string)

2 : x_transferred (string)

]

url : http://www.mandriva.com/security/advisories?name=MDKSA-2007:137 (string)

}

34 : { »

name : 26909 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/26909 (string)

}

35 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://issues.rpath.com/browse/RPL-1499 (string)

}

36 : { »

name : 27706 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/27706 (string)

}

37 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://docs.info.apple.com/article.html?artnum=306172 (string)

}

38 : { »

name : ADV-2007-2354 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

2 : x_transferred (string)

]

url : http://www.vupen.com/english/advisories/2007/2354 (string)

}

39 : { »

name : RHSA-2007:0562 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

url : http://www.redhat.com/support/errata/RHSA-2007-0562.html (string)

}

40 : { »

name : HPSBUX02544 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_HP (string)

2 : x_transferred (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427 (string)

}

41 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt (string)

}

42 : { »

name : 102914 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUNALERT (string)

2 : x_transferred (string)

]

url : http://sunsolve.sun.com/search/document.do?assetkey=1-26-102914-1 (string)

}

43 : { »

name : 20070628 FLEA-2007-0029-1: krb5 krb5-workstation (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/archive/1/472432/100/0/threaded (string)

}

44 : { »

name : 25159 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/25159 (string)

}

45 : { »

name : 20070626 MITKRB5-SA-2007-004: kadmind multiple RPC lib vulnerabilities (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/archive/1/472288/100/0/threaded (string)

}

46 : { »

name : 25814 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/25814 (string)

}

47 : { »

name : 25821 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/25821 (string)

}

48 : { »

name : 20070602-01-P (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SGI (string)

2 : x_transferred (string)

]

url : ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc (string)

}

49 : { »

name : 40346 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/40346 (string)

}

50 : { »

name : 25841 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/25841 (string)

}

51 : { »

name : 26235 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/26235 (string)

}

52 : { »

name : 24655 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/24655 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2007-2442 (string)

datePublished : 2007-06-26T22:00:00 (string)

dateReserved : 2007-05-02T00:00:00 (string)

dateUpdated : 2024-08-07T13:42:32.340Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "matchCriteriaId": "5012F249-04E4-4558-8F22-54567626FE25", "versionEndIncluding": "1.6.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*", "matchCriteriaId": "23E304C9-F780-4358-A58D-1E4C93977704", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup."}, {"lang": "es", "value": "La funci\u00f3n gssrpc__svcauth_gssapi en la librer\u00eda RPC de MIT Kerberos 5 (krb5) 1.6.1 y anteriores podr\u00eda permitir a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante credenciales RPC de longitud cero, lo cual provoca que kadmind libere un puntero no inicializado durante la limpieza."}], "id": "CVE-2007-2442", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-06-26T22:30:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://docs.info.apple.com/article.html?artnum=306172"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://osvdb.org/36596"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/25800"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/25801"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/25814"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/25821"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/25841"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/25870"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/25888"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/25890"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/25894"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/25911"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/26033"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/26228"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/26235"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/26909"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/27706"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/40346"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://security.gentoo.org/glsa/glsa-200707-11.xml"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102914-1"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2007/dsa-1323"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/356961"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:137"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.novell.com/linux/security/advisories/2007_38_krb5.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0384.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0562.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/472288/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/472432/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/472507/30/5970/threaded"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/24655"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/25159"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1018293"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.trustix.org/errata/2007/0021/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/usn-477-1"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Patch", "Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-177A.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/2337"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/2354"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/2491"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/2732"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/3229"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2010/1574"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35082"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://issues.rpath.com/browse/RPL-1499"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10631"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7344"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://docs.info.apple.com/article.html?artnum=306172"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://osvdb.org/36596"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/25800"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/25801"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/25814"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/25821"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/25841"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/25870"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/25888"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/25890"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/25894"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/25911"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/26033"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/26228"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/26235"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/26909"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/27706"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/40346"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://security.gentoo.org/glsa/glsa-200707-11.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102914-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2007/dsa-1323"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/356961"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:137"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.novell.com/linux/security/advisories/2007_38_krb5.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0384.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0562.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/472288/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/472432/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/472507/30/5970/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/24655"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/25159"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1018293"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.trustix.org/errata/2007/0021/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/usn-477-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Patch", "Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-177A.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/2337"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/2354"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/2491"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/2732"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/3229"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2010/1574"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35082"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://issues.rpath.com/browse/RPL-1499"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10631"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7344"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-824"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 5012F249-04E4-4558-8F22-54567626FE25 (string)

versionEndIncluding : 1.6.1 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:* (string)

matchCriteriaId : A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 0F92AB32-E7DE-43F4-B877-1F41FA162EC7 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:* (string)

matchCriteriaId : 454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:* (string)

matchCriteriaId : 23E304C9-F780-4358-A58D-1E4C93977704 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:* (string)

matchCriteriaId : 6EBDAFF8-DE44-4E80-B6BD-E341F767F501 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

}

1 : { »

lang : es (string)

value : La función gssrpc__svcauth_gssapi en la librería RPC de MIT Kerberos 5 (krb5) 1.6.1 y anteriores podría permitir a atacantes remotos ejecutar código de su elección mediante credenciales RPC de longitud cero, lo cual provoca que kadmind libere un puntero no inicializado durante la limpieza. (string)

}

]

id : CVE-2007-2442 (string)

lastModified : 2025-04-09T00:30:58.490 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : COMPLETE (string)

baseScore : 10 (number)

confidentialityImpact : COMPLETE (string)

integrityImpact : COMPLETE (string)

vectorString : AV:N/AC:L/Au:N/C:C/I:C/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 10 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2007-06-26T22:30:00.000 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

]

url : ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc (string)

}

1 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

]

url : http://docs.info.apple.com/article.html?artnum=306172 (string)

}

2 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427 (string)

}

3 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427 (string)

}

4 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html (string)

}

5 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html (string)

}

6 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

]

url : http://osvdb.org/36596 (string)

}

7 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25800 (string)

}

8 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25801 (string)

}

9 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25814 (string)

}

10 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25821 (string)

}

11 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25841 (string)

}

12 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25870 (string)

}

13 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25888 (string)

}

14 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25890 (string)

}

15 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25894 (string)

}

16 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25911 (string)

}

17 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/26033 (string)

}

18 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/26228 (string)

}

19 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/26235 (string)

}

20 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/26909 (string)

}

21 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/27706 (string)

}

22 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/40346 (string)

}

23 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://security.gentoo.org/glsa/glsa-200707-11.xml (string)

}

24 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

]

url : http://sunsolve.sun.com/search/document.do?assetkey=1-26-102914-1 (string)

}

25 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt (string)

}

26 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt (string)

}

27 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.debian.org/security/2007/dsa-1323 (string)

}

28 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Patch (string)

1 : Third Party Advisory (string)

2 : US Government Resource (string)

]

url : http://www.kb.cert.org/vuls/id/356961 (string)

}

29 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.mandriva.com/security/advisories?name=MDKSA-2007:137 (string)

}

30 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

]

url : http://www.novell.com/linux/security/advisories/2007_38_krb5.html (string)

}

31 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://www.redhat.com/support/errata/RHSA-2007-0384.html (string)

}

32 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://www.redhat.com/support/errata/RHSA-2007-0562.html (string)

}

33 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

2 : VDB Entry (string)

]

url : http://www.securityfocus.com/archive/1/472288/100/0/threaded (string)

}

34 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

2 : VDB Entry (string)

]

url : http://www.securityfocus.com/archive/1/472432/100/0/threaded (string)

}

35 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

2 : VDB Entry (string)

]

url : http://www.securityfocus.com/archive/1/472507/30/5970/threaded (string)

}

36 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

2 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/24655 (string)

}

37 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

2 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/25159 (string)

}

38 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

2 : VDB Entry (string)

]

url : http://www.securitytracker.com/id?1018293 (string)

}

39 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

]

url : http://www.trustix.org/errata/2007/0021/ (string)

}

40 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.ubuntu.com/usn/usn-477-1 (string)

}

41 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Patch (string)

2 : Third Party Advisory (string)

3 : US Government Resource (string)

]

url : http://www.us-cert.gov/cas/techalerts/TA07-177A.html (string)

}

42 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2007/2337 (string)

}

43 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2007/2354 (string)

}

44 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2007/2491 (string)

}

45 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2007/2732 (string)

}

46 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2007/3229 (string)

}

47 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2010/1574 (string)

}

48 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/35082 (string)

}

49 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

]

url : https://issues.rpath.com/browse/RPL-1499 (string)

}

50 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10631 (string)

}

51 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7344 (string)

}

52 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

]

url : https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html (string)

}

53 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc (string)

}

54 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : http://docs.info.apple.com/article.html?artnum=306172 (string)

}

55 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427 (string)

}

56 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427 (string)

}

57 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html (string)

}

58 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html (string)

}

59 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : http://osvdb.org/36596 (string)

}

60 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25800 (string)

}

61 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25801 (string)

}

62 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25814 (string)

}

63 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25821 (string)

}

64 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25841 (string)

}

65 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25870 (string)

}

66 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25888 (string)

}

67 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25890 (string)

}

68 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25894 (string)

}

69 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/25911 (string)

}

70 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/26033 (string)

}

71 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/26228 (string)

}

72 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/26235 (string)

}

73 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/26909 (string)

}

74 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/27706 (string)

}

75 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/40346 (string)

}

76 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://security.gentoo.org/glsa/glsa-200707-11.xml (string)

}

77 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : http://sunsolve.sun.com/search/document.do?assetkey=1-26-102914-1 (string)

}

78 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt (string)

}

79 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt (string)

}

80 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.debian.org/security/2007/dsa-1323 (string)

}

81 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Third Party Advisory (string)

2 : US Government Resource (string)

]

url : http://www.kb.cert.org/vuls/id/356961 (string)

}

82 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.mandriva.com/security/advisories?name=MDKSA-2007:137 (string)

}

83 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : http://www.novell.com/linux/security/advisories/2007_38_krb5.html (string)

}

84 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://www.redhat.com/support/errata/RHSA-2007-0384.html (string)

}

85 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://www.redhat.com/support/errata/RHSA-2007-0562.html (string)

}

86 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

2 : VDB Entry (string)

]

url : http://www.securityfocus.com/archive/1/472288/100/0/threaded (string)

}

87 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

2 : VDB Entry (string)

]

url : http://www.securityfocus.com/archive/1/472432/100/0/threaded (string)

}

88 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

2 : VDB Entry (string)

]

url : http://www.securityfocus.com/archive/1/472507/30/5970/threaded (string)

}

89 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

2 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/24655 (string)

}

90 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

2 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/25159 (string)

}

91 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

2 : VDB Entry (string)

]

url : http://www.securitytracker.com/id?1018293 (string)

}

92 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : http://www.trustix.org/errata/2007/0021/ (string)

}

93 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.ubuntu.com/usn/usn-477-1 (string)

}

94 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Patch (string)

2 : Third Party Advisory (string)

3 : US Government Resource (string)

]

url : http://www.us-cert.gov/cas/techalerts/TA07-177A.html (string)

}

95 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2007/2337 (string)

}

96 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2007/2354 (string)

}

97 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2007/2491 (string)

}

98 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2007/2732 (string)

}

99 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2007/3229 (string)

}

100 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2010/1574 (string)

}

101 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/35082 (string)

}

102 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : https://issues.rpath.com/browse/RPL-1499 (string)

}

103 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10631 (string)

}

104 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7344 (string)

}

105 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-824 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"affected_release": [{"advisory": "RHSA-2007:0384", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "package": "krb5-0:1.2.2-47", "product_name": "Red Hat Enterprise Linux 2.1", "release_date": "2007-06-26T00:00:00Z"}, {"advisory": "RHSA-2007:0384", "cpe": "cpe:/o:redhat:enterprise_linux:3", "package": "krb5-0:1.2.7-66", "product_name": "Red Hat Enterprise Linux 3", "release_date": "2007-06-26T00:00:00Z"}, {"advisory": "RHSA-2007:0562", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "krb5-0:1.3.4-49", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2007-06-26T00:00:00Z"}, {"advisory": "RHSA-2007:0562", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "krb5-0:1.5-26", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2007-06-26T00:00:00Z"}], "bugzilla": {"description": "krb5 RPC library unitialized pointer free", "id": "245547", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=245547"}, "csaw": false, "details": ["The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup."], "name": "CVE-2007-2442", "public_date": "2007-06-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2007-2442\nhttps://nvd.nist.gov/vuln/detail/CVE-2007-2442"], "threat_severity": "Important"}

{

affected_release : [ »

0 : { »

advisory : RHSA-2007:0384 (string)

cpe : cpe:/o:redhat:enterprise_linux:2.1 (string)

package : krb5-0:1.2.2-47 (string)

product_name : Red Hat Enterprise Linux 2.1 (string)

release_date : 2007-06-26T00:00:00Z (string)

}

1 : { »

advisory : RHSA-2007:0384 (string)

cpe : cpe:/o:redhat:enterprise_linux:3 (string)

package : krb5-0:1.2.7-66 (string)

product_name : Red Hat Enterprise Linux 3 (string)

release_date : 2007-06-26T00:00:00Z (string)

}

2 : { »

advisory : RHSA-2007:0562 (string)

cpe : cpe:/o:redhat:enterprise_linux:4 (string)

package : krb5-0:1.3.4-49 (string)

product_name : Red Hat Enterprise Linux 4 (string)

release_date : 2007-06-26T00:00:00Z (string)

}

3 : { »

advisory : RHSA-2007:0562 (string)

cpe : cpe:/o:redhat:enterprise_linux:5 (string)

package : krb5-0:1.5-26 (string)

product_name : Red Hat Enterprise Linux 5 (string)

release_date : 2007-06-26T00:00:00Z (string)

}

]

bugzilla : { »

description : krb5 RPC library unitialized pointer free (string)

id : 245547 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=245547 (string)

}

csaw : false (boolean)

details : [ »

0 : The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup. (string)

]

name : CVE-2007-2442 (string)

public_date : 2007-06-26T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2007-2442 https://nvd.nist.gov/vuln/detail/CVE-2007-2442 (string)

]

threat_severity : Important (string)

}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object