CVE-2007-4000

HIGH

Description

The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy" privilege to execute arbitrary code via unspecified vectors that trigger a write to an uninitialized pointer.

References

http://secunia.com/advisories/26676

http://secunia.com/advisories/26680

http://secunia.com/advisories/26700

http://secunia.com/advisories/26728

http://secunia.com/advisories/26783

http://secunia.com/advisories/26987

http://securityreason.com/securityalert/3092

http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt

http://www.gentoo.org/security/en/glsa/glsa-200709-01.xml

http://www.kb.cert.org/vuls/id/377544

http://www.mandriva.com/security/advisories?name=MDKSA-2007:174

http://www.novell.com/linux/security/advisories/2007_19_sr.html

http://www.redhat.com/support/errata/RHSA-2007-0858.html

http://www.securityfocus.com/archive/1/478794/100/0/threaded

http://www.securityfocus.com/bid/25533

http://www.securitytracker.com/id?1018647

http://www.vupen.com/english/advisories/2007/3051

https://bugzilla.redhat.com/show_bug.cgi?id=250976

https://exchange.xforce.ibmcloud.com/vulnerabilities/36438

https://issues.rpath.com/browse/RPL-1696

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9278

https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00087.html

Details

Source: MITRE

Published: 2007-09-05

Updated: 2018-10-15

Type: CWE-264

Risk Information

CVSS v2.0

Base Score: 8.5

Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 6.8

Severity: HIGH