← Voltar para CVEs
CVE-2007-4000
N/ADescricao
The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy" privilege to execute arbitrary code via unspecified vectors that trigger a write to an uninitialized pointer.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado9/5/2007
Ultima modificacao4/23/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
fedoraproject:fedoramit:kerberos_5
Fraquezas (CWE)
CWE-824
Referencias
http://secunia.com/advisories/26676(cve@mitre.org)
http://secunia.com/advisories/26680(cve@mitre.org)
http://secunia.com/advisories/26700(cve@mitre.org)
http://secunia.com/advisories/26728(cve@mitre.org)
http://secunia.com/advisories/26783(cve@mitre.org)
http://secunia.com/advisories/26987(cve@mitre.org)
http://securityreason.com/securityalert/3092(cve@mitre.org)
http://www.gentoo.org/security/en/glsa/glsa-200709-01.xml(cve@mitre.org)
http://www.kb.cert.org/vuls/id/377544(cve@mitre.org)
http://www.redhat.com/support/errata/RHSA-2007-0858.html(cve@mitre.org)
http://www.securityfocus.com/archive/1/478794/100/0/threaded(cve@mitre.org)
http://www.securityfocus.com/bid/25533(cve@mitre.org)
http://www.securitytracker.com/id?1018647(cve@mitre.org)
http://www.vupen.com/english/advisories/2007/3051(cve@mitre.org)
https://bugzilla.redhat.com/show_bug.cgi?id=250976(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36438(cve@mitre.org)
https://issues.rpath.com/browse/RPL-1696(cve@mitre.org)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9278(cve@mitre.org)
http://secunia.com/advisories/26676(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/26680(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/26700(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/26728(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/26783(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/26987(af854a3a-2127-422b-91ae-364da2661108)
http://securityreason.com/securityalert/3092(af854a3a-2127-422b-91ae-364da2661108)
http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt(af854a3a-2127-422b-91ae-364da2661108)
http://www.gentoo.org/security/en/glsa/glsa-200709-01.xml(af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/377544(af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2007:174(af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2007_19_sr.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2007-0858.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/478794/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/25533(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1018647(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/3051(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=250976(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36438(af854a3a-2127-422b-91ae-364da2661108)
https://issues.rpath.com/browse/RPL-1696(af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9278(af854a3a-2127-422b-91ae-364da2661108)
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00087.html(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.