CVE-2007-3999

HIGH

Description

Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party applications that use krb5, allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long string in an RPC message.

ID	Name	Product	Family	Severity
67582	Oracle Linux 5 : nfs-utils-lib (ELSA-2007-0951)	Nessus	Oracle Linux Local Security Checks	critical
67575	Oracle Linux 4 : nfs-utils-lib (ELSA-2007-0913)	Nessus	Oracle Linux Local Security Checks	critical
67571	Oracle Linux 5 : krb5 (ELSA-2007-0892)	Nessus	Oracle Linux Local Security Checks	critical
67562	Oracle Linux 5 : krb5 (ELSA-2007-0858)	Nessus	Oracle Linux Local Security Checks	critical
60260	Scientific Linux Security Update : nfs-utils-lib on SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	critical
60253	Scientific Linux Security Update : nfs-utils-lib on SL4.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	critical
60248	Scientific Linux Security Update : krb5 on SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	critical
43655	CentOS 5 : nfs-utils-lib (CESA-2007:0951)	Nessus	CentOS Local Security Checks	critical
43652	CentOS 5 : krb5 (CESA-2007:0892)	Nessus	CentOS Local Security Checks	critical
43650	CentOS 5 : krb5 (CESA-2007:0858)	Nessus	CentOS Local Security Checks	critical
31362	Fedora 8 : libtirpc-0.1.7-15.fc8 (2008-1017)	Nessus	Fedora Local Security Checks	critical
29510	SuSE 10 Security Update : librpcsecgss (ZYPP Patch Number 4601)	Nessus	SuSE Local Security Checks	critical
29494	SuSE 10 Security Update : Kerberos (ZYPP Patch Number 4192)	Nessus	SuSE Local Security Checks	critical
4284	Mac OS X < 10.4.11 Multiple Vulnerabilities (Security Update 2007-008)	Nessus Network Monitor	Operating System Detection	critical
28212	Mac OS X < 10.4.11 Multiple Vulnerabilities (Security Update 2007-008)	Nessus	MacOS X Local Security Checks	critical
28176	openSUSE 10 Security Update : librpcsecgss (librpcsecgss-4600)	Nessus	SuSE Local Security Checks	critical
28115	Ubuntu 6.06 LTS / 6.10 / 7.04 : krb5, librpcsecgss vulnerability (USN-511-1)	Nessus	Ubuntu Local Security Checks	critical
27744	Fedora 7 : krb5-1.6.1-3.fc7 (2007-2017)	Nessus	Fedora Local Security Checks	critical
27310	openSUSE 10 Security Update : krb5 (krb5-4191)	Nessus	SuSE Local Security Checks	critical
27081	Solaris 10 (x86) : 126662-02	Nessus	Solaris Local Security Checks	critical
26941	GLSA-200710-01 : RPCSEC_GSS library: Buffer overflow	Nessus	Gentoo Local Security Checks	critical
26907	RHEL 5 : nfs-utils-lib (RHSA-2007:0951)	Nessus	Red Hat Local Security Checks	critical
26162	Solaris 10 (sparc) : 126661-02	Nessus	Solaris Local Security Checks	critical
26112	RHEL 4 : nfs-utils-lib (RHSA-2007:0913)	Nessus	Red Hat Local Security Checks	critical
26077	CentOS 4 : nfs-utils-lib (CESA-2007:0913)	Nessus	CentOS Local Security Checks	critical
26052	RHEL 5 : krb5 (RHSA-2007:0892)	Nessus	Red Hat Local Security Checks	critical
26048	Mandrake Linux Security Advisory : librpcsecgss (MDKSA-2007:181)	Nessus	Mandriva Local Security Checks	critical
26041	GLSA-200709-01 : MIT Kerberos 5: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
26029	Debian DSA-1368-1 : librpcsecgss - buffer overflow	Nessus	Debian Local Security Checks	critical
26006	Mandrake Linux Security Advisory : krb5 (MDKSA-2007:174-1)	Nessus	Mandriva Local Security Checks	critical
25987	RHEL 5 : krb5 (RHSA-2007:0858)	Nessus	Red Hat Local Security Checks	critical
25974	Debian DSA-1367-1 : krb5 - buffer overflow	Nessus	Debian Local Security Checks	critical
25652	Solaris 8 (x86) : 126929-02	Nessus	Solaris Local Security Checks	critical
25650	Solaris 8 (sparc) : 126928-02	Nessus	Solaris Local Security Checks	critical

CVE-2007-3999

Description

References

Details

Risk Information

CVSS v2.0