// For flags

CVE-2007-4743

krb5 incomplete fix for CVE-2007-3999

Severity Score

10.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and other applications that use krb5, does not correctly check the buffer length in some environments and architectures, which might allow remote attackers to conduct a buffer overflow attack.

El parche original para la CVE-2007-3999 en el svc_auth_gss.c de la librería RPCSEC_GSS RPC en el MIT Kerberos 5 (krb5) 1.4 hasta el 1.6.2, como el utilizado en el demonio de administración del Kerberos (kadmind) y otras aplicaciones que utlizan el krb5, no verifica correctamente la longitud del búfer en algunos entornos y arquitecturas, lo que puede permitir a atacantes remotos llevar a cabo un ataque de desbordamiento de búfer.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-09-06 CVE Reserved
  • 2007-09-06 CVE Published
  • 2024-08-07 CVE Updated
  • 2024-08-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Mit
Search vendor "Mit"
Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
1.4
Search vendor "Mit" for product "Kerberos 5" and version "1.4"
-
Affected
Mit
Search vendor "Mit"
Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
1.4.1
Search vendor "Mit" for product "Kerberos 5" and version "1.4.1"
-
Affected
Mit
Search vendor "Mit"
Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
1.4.2
Search vendor "Mit" for product "Kerberos 5" and version "1.4.2"
-
Affected
Mit
Search vendor "Mit"
Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
1.4.3
Search vendor "Mit" for product "Kerberos 5" and version "1.4.3"
-
Affected
Mit
Search vendor "Mit"
Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
1.4.4
Search vendor "Mit" for product "Kerberos 5" and version "1.4.4"
-
Affected
Mit
Search vendor "Mit"
Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
1.5
Search vendor "Mit" for product "Kerberos 5" and version "1.5"
-
Affected
Mit
Search vendor "Mit"
Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
1.5.1
Search vendor "Mit" for product "Kerberos 5" and version "1.5.1"
-
Affected
Mit
Search vendor "Mit"
Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
1.5.2
Search vendor "Mit" for product "Kerberos 5" and version "1.5.2"
-
Affected
Mit
Search vendor "Mit"
Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
1.5.3
Search vendor "Mit" for product "Kerberos 5" and version "1.5.3"
-
Affected
Mit
Search vendor "Mit"
Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
1.6
Search vendor "Mit" for product "Kerberos 5" and version "1.6"
-
Affected
Mit
Search vendor "Mit"
Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
1.6.1
Search vendor "Mit" for product "Kerberos 5" and version "1.6.1"
-
Affected
Mit
Search vendor "Mit"
Kerberos 5
Search vendor "Mit" for product "Kerberos 5"
1.6.2
Search vendor "Mit" for product "Kerberos 5" and version "1.6.2"
-
Affected