CVE-2007-4743
krb5 incomplete fix for CVE-2007-3999
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and other applications that use krb5, does not correctly check the buffer length in some environments and architectures, which might allow remote attackers to conduct a buffer overflow attack.
El parche original para la CVE-2007-3999 en el svc_auth_gss.c de la librería RPCSEC_GSS RPC en el MIT Kerberos 5 (krb5) 1.4 hasta el 1.6.2, como el utilizado en el demonio de administración del Kerberos (kadmind) y otras aplicaciones que utlizan el krb5, no verifica correctamente la longitud del búfer en algunos entornos y arquitecturas, lo que puede permitir a atacantes remotos llevar a cabo un ataque de desbordamiento de búfer.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-09-06 CVE Reserved
- 2007-09-06 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (19)
| URL | Tag | Source |
|---|---|---|
| http://docs.info.apple.com/article.html?artnum=307041 | X_refsource_confirm | |
| http://secunia.com/advisories/26699 | Third Party Advisory | |
| http://secunia.com/advisories/26987 | Third Party Advisory | |
| http://secunia.com/advisories/27643 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/478748/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/478794/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/26444 | Vdb Entry | |
| http://www.us-cert.gov/cas/techalerts/TA07-319A.html | Third Party Advisory | |
| http://www.vupen.com/english/advisories/2007/3868 | Vdb Entry | |
| https://issues.rpath.com/browse/RPL-1696 | X_refsource_confirm | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10239 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://article.gmane.org/gmane.comp.encryption.kerberos.announce/86 | 2020-01-21 |
| URL | Date | SRC |
|---|---|---|
| http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html | 2020-01-21 | |
| http://www.debian.org/security/2007/dsa-1387 | 2020-01-21 | |
| http://www.novell.com/linux/security/advisories/2007_19_sr.html | 2020-01-21 | |
| http://www.redhat.com/support/errata/RHSA-2007-0892.html | 2020-01-21 | |
| http://www.ubuntu.com/usn/usn-511-2 | 2020-01-21 | |
| https://access.redhat.com/security/cve/CVE-2007-4743 | 2007-09-07 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=281561 | 2007-09-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.4 Search vendor "Mit" for product "Kerberos 5" and version "1.4" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.4.1 Search vendor "Mit" for product "Kerberos 5" and version "1.4.1" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.4.2 Search vendor "Mit" for product "Kerberos 5" and version "1.4.2" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.4.3 Search vendor "Mit" for product "Kerberos 5" and version "1.4.3" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.4.4 Search vendor "Mit" for product "Kerberos 5" and version "1.4.4" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.5 Search vendor "Mit" for product "Kerberos 5" and version "1.5" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.5.1 Search vendor "Mit" for product "Kerberos 5" and version "1.5.1" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.5.2 Search vendor "Mit" for product "Kerberos 5" and version "1.5.2" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.5.3 Search vendor "Mit" for product "Kerberos 5" and version "1.5.3" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.6 Search vendor "Mit" for product "Kerberos 5" and version "1.6" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.6.1 Search vendor "Mit" for product "Kerberos 5" and version "1.6.1" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | 1.6.2 Search vendor "Mit" for product "Kerberos 5" and version "1.6.2" | - |
Affected
| ||||||