CVE-2007-2443 - Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library

CVE-2007-2443

Summary

Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.

References

Vulnerable Configurations

cpe:2.3:a:mit:kerberos_5:-:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:-:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0:-:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0:-:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0:patch_level1:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0:patch_level1:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0:patch_level2:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0:patch_level2:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0:patch_level3:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0:patch_level3:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2:-:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2:-:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2:beta1:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2:beta1:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2:beta2:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2:beta2:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.8:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.2.8:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3:-:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3:-:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3.5:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3.5:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3.6:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.3.6:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.5.4:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.5.4:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*

CVSS

Base:	8.3 (as of 02-02-2021 - 18:28)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
ADJACENT_NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:A/AC:L/Au:N/C:C/I:C/A:C

oval via4

accepted

2013-04-29T04:12:51.725-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 3
oval oval:org.mitre.oval:def:11782
comment CentOS Linux 3.x
oval oval:org.mitre.oval:def:16651
comment The operating system installed on the system is Red Hat Enterprise Linux 4
oval oval:org.mitre.oval:def:11831
comment CentOS Linux 4.x
oval oval:org.mitre.oval:def:16636
comment Oracle Linux 4.x
oval oval:org.mitre.oval:def:15990
comment The operating system installed on the system is Red Hat Enterprise Linux 5
oval oval:org.mitre.oval:def:11414
comment The operating system installed on the system is CentOS Linux 5.x
oval oval:org.mitre.oval:def:15802
comment Oracle Linux 5.x
oval oval:org.mitre.oval:def:15459

description

family

unix

oval:org.mitre.oval:def:11277

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

version

accepted

2015-04-20T04:02:33.581-04:00

class

vulnerability

contributors

name Chandan M C
organization Hewlett-Packard
name Sushant Kumar Singh
organization Hewlett-Packard
name Sushant Kumar Singh
organization Hewlett-Packard
name Prashant Kumar
organization Hewlett-Packard
name Mike Cokus
organization The MITRE Corporation

description

family

unix

oval:org.mitre.oval:def:7131

status

accepted

submitted

2010-10-25T11:35:23.000-05:00

title

HP-UX Running Kerberos, Remote Denial of Service (DoS), Execution of Arbitrary Code

version

redhat via4

advisories

rhsa
id RHSA-2007:0384
rhsa
id RHSA-2007:0562

rpms

krb5-debuginfo-0:1.2.7-66
krb5-devel-0:1.2.2-47
krb5-devel-0:1.2.7-66
krb5-libs-0:1.2.2-47
krb5-libs-0:1.2.7-66
krb5-server-0:1.2.2-47
krb5-server-0:1.2.7-66
krb5-workstation-0:1.2.2-47
krb5-workstation-0:1.2.7-66
krb5-debuginfo-0:1.3.4-49
krb5-debuginfo-0:1.5-26
krb5-devel-0:1.3.4-49
krb5-devel-0:1.5-26
krb5-libs-0:1.3.4-49
krb5-libs-0:1.5-26
krb5-server-0:1.3.4-49
krb5-server-0:1.5-26
krb5-workstation-0:1.3.4-49
krb5-workstation-0:1.5-26

refmap via4

apple	APPLE-SA-2007-07-31
bid	24657 25159
bugtraq	20070626 MITKRB5-SA-2007-004: kadmind multiple RPC lib vulnerabilities 20070628 FLEA-2007-0029-1: krb5 krb5-workstation 20070629 TSLSA-2007-0021 - kerberos5
cert	TA07-177A
cert-vn	VU#365313
confirm	http://docs.info.apple.com/article.html?artnum=306172 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2007-004.txt http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt https://issues.rpath.com/browse/RPL-1499 https://secure-support.novell.com/KanisaPlatform/Publishing/773/3248163_f.SAL_Public.html
debian	DSA-1323
fulldisc	20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player
gentoo	GLSA-200707-11
hp	HPSBUX02544 SSRT100107
mandriva	MDKSA-2007:137
osvdb	36597
sectrack	1018293
secunia	25800 25801 25814 25821 25870 25888 25890 25894 25911 26033 26228 26235 26909 27706 40346
sgi	20070602-01-P
suse	SUSE-SA:2007:038
trustix	2007-0021
ubuntu	USN-477-1
vupen	ADV-2007-2337 ADV-2007-2491 ADV-2007-2732 ADV-2007-3229 ADV-2010-1574
xf	kerberos-gssrpcsvcauthunix-bo(35085)

Last major update

02-02-2021 - 18:28

Published

26-06-2007 - 22:30

Last modified

02-02-2021 - 18:28