Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2007-4743
Description:The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and other applications that use krb5, does not correctly check the buffer length in some environments and architectures, which might allow remote attackers to conduct a buffer overflow attack.
Test IDs: 1.3.6.1.4.1.25623.1.0.59201  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2007-4743
http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html
BugTraq ID: 26444
http://www.securityfocus.com/bid/26444
Bugtraq: 20070906 rPSA-2007-0179-1 krb5 krb5-server krb5-services krb5-test krb5-workstation (Google Search)
http://www.securityfocus.com/archive/1/478748/100/0/threaded
Bugtraq: 20070907 FLEA-2007-0050-1 krb5 krb5-workstation (Google Search)
http://www.securityfocus.com/archive/1/478794/100/0/threaded
Cert/CC Advisory: TA07-319A
http://www.us-cert.gov/cas/techalerts/TA07-319A.html
Debian Security Information: DSA-1387 (Google Search)
http://www.debian.org/security/2007/dsa-1387
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10239
RedHat Security Advisories: RHSA-2007:0892
http://www.redhat.com/support/errata/RHSA-2007-0892.html
http://secunia.com/advisories/26699
http://secunia.com/advisories/26987
http://secunia.com/advisories/27643
SuSE Security Announcement: SUSE-SR:2007:019 (Google Search)
http://www.novell.com/linux/security/advisories/2007_19_sr.html
http://www.ubuntu.com/usn/usn-511-2
http://www.vupen.com/english/advisories/2007/3868




© 1998-2024 E-Soft Inc. All rights reserved.