Vulnerability CVE-2007-4000


Published: 2007-09-05   Modified: 2012-02-12

Description:
The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy" privilege to execute arbitrary code via unspecified vectors that trigger a write to an uninitialized pointer.

See advisories in our WLB2 database:
Topic
Author
Date
Low
MIT krb5 Security Advisory 2007-006
Massachusetts In...
06.09.2007

Type:

CWE-264

(Permissions, Privileges, and Access Controls)

CVSS2 => (AV:N/AC:M/Au:S/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
8.5/10
10/10
6.8/10
Exploit range
Attack complexity
Authentication
Remote
Medium
Single time
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
MIT -> Kerberos 

 References:
http://securityreason.com/securityalert/3092
http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt
http://www.gentoo.org/security/en/glsa/glsa-200709-01.xml
http://www.kb.cert.org/vuls/id/377544
http://www.mandriva.com/security/advisories?name=MDKSA-2007:174
http://www.novell.com/linux/security/advisories/2007_19_sr.html
http://www.redhat.com/support/errata/RHSA-2007-0858.html
http://www.securityfocus.com/archive/1/478794/100/0/threaded
http://www.securityfocus.com/bid/25533
http://www.securitytracker.com/id?1018647
http://www.vupen.com/english/advisories/2007/3051
https://bugzilla.redhat.com/show_bug.cgi?id=250976
https://exchange.xforce.ibmcloud.com/vulnerabilities/36438
https://issues.rpath.com/browse/RPL-1696
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9278
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00087.html

Copyright 2022, cxsecurity.com

 

Back to Top