exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2007-2798

Status Candidate

Overview

Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.

Related Files

HP Security Bulletin HPSBUX02544 SSRT100107
Posted Jun 26, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified on HP-UX running Kerberos. These vulnerabilities could be exploited by remote unauthenticated users to create a Denial of Service (DoS) or to execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | hpux
advisories | CVE-2007-2442, CVE-2007-2443, CVE-2007-2798, CVE-2010-1321
SHA-256 | 74962b06b4a33ce0a59c0eac814963277e24f8113b42042b84eecfd2ac0c3973
VMware Security Advisory 2007-0006
Posted Sep 20, 2007
Authored by VMware | Site vmware.com

VMware Security Advisory - Updates have been released for arbitrary code execution, denial of service, and other various vulnerabilities in VMware.

tags | advisory, denial of service, arbitrary, vulnerability, code execution
advisories | CVE-2007-2446, CVE-2007-2447, CVE-2007-0494, CVE-2007-2442, CVE-2007-2443, CVE-2007-2798, CVE-2007-0061, CVE-2007-0062, CVE-2007-0063, CVE-2007-4059, CVE-2007-4155, CVE-2007-4496, CVE-2007-4497, CVE-2007-1856, CVE-2006-1174, CVE-2006-4600, CVE-2004-0813, CVE-2007-1716
SHA-256 | f186f94a09bad9dba4b82b1daa59265b1954d193e8533587d0fe2348c1f58bec
Gentoo Linux Security Advisory 200707-11
Posted Jul 26, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200707-11 - kadmind is affected by multiple vulnerabilities in the RPC library shipped with MIT Kerberos 5. It fails to properly handle zero-length RPC credentials (CVE-2007-2442) and the RPC library can write past the end of the stack buffer (CVE-2007-2443). Furthermore kadmind fails to do proper bounds checking (CVE-2007-2798). Versions less than 1.5.2-r3 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2007-2442, CVE-2007-2443, CVE-2007-2798
SHA-256 | 33f574675877e6e34e428ed47ba0d62856a4d1f17a20853263cf9c824e89339f
Mandriva Linux Security Advisory 2007.137
Posted Jun 30, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - David Coffey discovered an uninitialized pointer free flaw in the RPC library used by kadmind. A remote unauthenticated attacker who could access kadmind could trigger the flaw causing kadmind to crash or possibly execute arbitrary code. David Coffey also discovered an overflow flaw in the same RPC library. A remote unauthenticated attacker who could access kadmind could trigger the flaw causing kadmind to crash or possibly execute arbitrary code. Finally, a stack buffer overflow vulnerability was found in kadmind that allowed an unauthenticated user able to access kadmind the ability to trigger the vulnerability and possibly execute arbitrary code.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-2442, CVE-2007-2443, CVE-2007-2798
SHA-256 | 6ee203dc438b51c0afd01d5826b729097fcdc9c2dfdd7f7bbb346792c992045f
Debian Linux Security Advisory 1323-1
Posted Jun 29, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1323-1 - Several remote vulnerabilities have been discovered in the MIT reference implementation of the Kerberos network authentication protocol suite, which may lead to the execution of arbitrary code.

tags | advisory, remote, arbitrary, vulnerability, protocol
systems | linux, debian
advisories | CVE-2007-2442, CVE-2007-2443, CVE-2007-2798
SHA-256 | 59002f1f82964dfb79caa492994de6039dfa2f2cf4ccefbb3b58bbd0d0ec3c72
Ubuntu Security Notice 477-1
Posted Jun 29, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 477-1 - Wei Wang discovered that the krb5 RPC library did not correctly handle certain error conditions. A remote attacker could cause kadmind to free an uninitialized pointer, leading to a denial of service or possibly execution of arbitrary code with root privileges. Wei Wang discovered that the krb5 RPC library did not correctly check the size of certain communications. A remote attacker could send a specially crafted request to kadmind and execute arbitrary code with root privileges. It was discovered that the kadmind service could be made to overflow its stack. A remote attacker could send a specially crafted request and execute arbitrary code with root privileges.

tags | advisory, remote, denial of service, overflow, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2007-2442, CVE-2007-2443, CVE-2007-2798
SHA-256 | a591496553000b28a37044bc3cf9fd441d414c58b1c93947c17cb964670cd2d1
iDEFENSE Security Advisory 2007-06-26.1
Posted Jun 29, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 06.26.07 - Remote exploitation of a buffer overflow vulnerability within MIT Kerberos kadmind allows attackers to execute arbitrary code with the privileges of the running service, usually root. The vulnerability specifically exists within the code responsible for handling requests to rename principals. The rename_principal_2_svc function fails to properly bounds-check user-supplied data before copying it to a fixed-size stack buffer. The vulnerable code is shown below. iDefense confirmed the existence of this vulnerability within MIT Kerberos 1.5-21 as distributed with the Fedora CORE 6 Linux distribution. It has also been confirmed via source code review to exist in version 1.5.3 and version 1.6.1. All other distributions, as well as those for other computing platforms are suspected to be vulnerable.

tags | advisory, remote, overflow, arbitrary, root
systems | linux, fedora
advisories | CVE-2007-2798
SHA-256 | be5f0849e7f1bf120b8913f668f5393a0b1f9c0b40b5028210fa1f9f8539974d
MITKRB5-SA-2007-005.txt
Posted Jun 29, 2007
Site web.mit.edu

MIT krb5 Security Advisory 2007-005 - The MIT krb5 Kerberos administration daemon (kadmind) is vulnerable to a stack buffer overflow.

tags | advisory, overflow
advisories | CVE-2007-2798
SHA-256 | 5915f86c61c9564dc34aa5cb655f913b024147f3860c66cbc95b45eba5a08091
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close