Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party applications that use krb5, allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long string in an RPC message.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Mit
  • Kerberos 5
Redhat
  • Enterprise Linux

Configuration 1 [-]

OR cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 4
nfs-utils-lib-0:1.0.6-8.z1 cpe:/o:redhat:enterprise_linux:4 RHSA-2007:0913 2007-09-19T00:00:00Z
Red Hat Enterprise Linux 5
krb5-0:1.5-29 cpe:/o:redhat:enterprise_linux:5 RHSA-2007:0858 2007-09-04T00:00:00Z
nfs-utils-lib-0:1.0.8-7.2.z2 cpe:/o:redhat:enterprise_linux:5 RHSA-2007:0951 2007-10-02T00:00:00Z
References
Link Providers
http://docs.info.apple.com/article.html?artnum=307041 cve-icon cve-icon
http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html cve-icon cve-icon
http://lists.rpath.com/pipermail/security-announce/2007-September/000237.html cve-icon cve-icon
http://secunia.com/advisories/26676 cve-icon cve-icon
http://secunia.com/advisories/26680 cve-icon cve-icon
http://secunia.com/advisories/26684 cve-icon cve-icon
http://secunia.com/advisories/26691 cve-icon cve-icon
http://secunia.com/advisories/26697 cve-icon cve-icon
http://secunia.com/advisories/26699 cve-icon cve-icon
http://secunia.com/advisories/26700 cve-icon cve-icon
http://secunia.com/advisories/26705 cve-icon cve-icon
http://secunia.com/advisories/26713 cve-icon cve-icon
http://secunia.com/advisories/26728 cve-icon cve-icon
http://secunia.com/advisories/26783 cve-icon cve-icon
http://secunia.com/advisories/26792 cve-icon cve-icon
http://secunia.com/advisories/26822 cve-icon cve-icon
http://secunia.com/advisories/26896 cve-icon cve-icon
http://secunia.com/advisories/26987 cve-icon cve-icon
http://secunia.com/advisories/27043 cve-icon cve-icon
http://secunia.com/advisories/27081 cve-icon cve-icon
http://secunia.com/advisories/27146 cve-icon cve-icon
http://secunia.com/advisories/27643 cve-icon cve-icon
http://secunia.com/advisories/27756 cve-icon cve-icon
http://secunia.com/advisories/29247 cve-icon cve-icon
http://secunia.com/advisories/29270 cve-icon cve-icon
http://security.gentoo.org/glsa/glsa-200710-01.xml cve-icon cve-icon
http://securityreason.com/securityalert/3092 cve-icon cve-icon
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103060-1 cve-icon cve-icon
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201319-1 cve-icon cve-icon
http://support.avaya.com/elmodocs2/security/ASA-2007-396.htm cve-icon cve-icon
http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt cve-icon cve-icon
http://www.debian.org/security/2007/dsa-1367 cve-icon cve-icon
http://www.debian.org/security/2007/dsa-1368 cve-icon cve-icon
http://www.gentoo.org/security/en/glsa/glsa-200709-01.xml cve-icon cve-icon
http://www.kb.cert.org/vuls/id/883632 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDKSA-2007:174 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDKSA-2007:181 cve-icon cve-icon
http://www.novell.com/linux/security/advisories/2007_19_sr.html cve-icon cve-icon
http://www.novell.com/linux/security/advisories/2007_24_sr.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2007-0858.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2007-0913.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2007-0951.html cve-icon cve-icon
http://www.securityfocus.com/archive/1/478748/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/479251/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/bid/25534 cve-icon cve-icon
http://www.securityfocus.com/bid/26444 cve-icon cve-icon
http://www.securitytracker.com/id?1018647 cve-icon cve-icon
http://www.trustix.org/errata/2007/0026/ cve-icon cve-icon
http://www.ubuntu.com/usn/usn-511-1 cve-icon cve-icon
http://www.us-cert.gov/cas/techalerts/TA07-319A.html cve-icon cve-icon
http://www.vupen.com/english/advisories/2007/3051 cve-icon cve-icon
http://www.vupen.com/english/advisories/2007/3052 cve-icon cve-icon
http://www.vupen.com/english/advisories/2007/3060 cve-icon cve-icon
http://www.vupen.com/english/advisories/2007/3868 cve-icon cve-icon
http://www.vupen.com/english/advisories/2008/0803/references cve-icon cve-icon
http://www.zerodayinitiative.com/advisories/ZDI-07-052.html cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=250973 cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/36437 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2007-3999 cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3162 cve-icon cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9379 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2007-3999 cve-icon
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00087.html cve-icon cve-icon
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00173.html cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-09-05T10:00:00

Updated: 2024-08-07T14:37:05.912Z

Reserved: 2007-07-25T00:00:00

Link: CVE-2007-3999

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2007-09-05T10:17:00.000

Modified: 2020-01-21T15:45:47.303

Link: CVE-2007-3999

cve-icon Redhat

Severity : Important

Publid Date: 2007-09-04T19:00:00Z

Links: CVE-2007-3999 - Bugzilla