CVE-2007-4743

NONECVSS 0.0

0.0

The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and other applications that use krb5, does not correctly check the buffer length in some environments and architectures, which might allow remote attackers to conduct a buffer overflow attack.

🔗 References (34)

secalert@redhathttp://article.gmane.org/gmane.comp.encryption.kerberos.announce/86
secalert@redhathttp://docs.info.apple.com/article.html?artnum=307041
secalert@redhathttp://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html
secalert@redhathttp://secunia.com/advisories/26699
secalert@redhathttp://secunia.com/advisories/26987
secalert@redhathttp://secunia.com/advisories/27643
secalert@redhathttp://www.debian.org/security/2007/dsa-1387
secalert@redhathttp://www.novell.com/linux/security/advisories/2007_19_sr.html
secalert@redhathttp://www.redhat.com/support/errata/RHSA-2007-0892.html
secalert@redhathttp://www.securityfocus.com/archive/1/478748/100/0/threaded
secalert@redhathttp://www.securityfocus.com/archive/1/478794/100/0/threaded
secalert@redhathttp://www.securityfocus.com/bid/26444
secalert@redhathttp://www.ubuntu.com/usn/usn-511-2
secalert@redhathttp://www.us-cert.gov/cas/techalerts/TA07-319A.html
secalert@redhathttp://www.vupen.com/english/advisories/2007/3868

Is Your Infrastructure Affected by CVE-2007-4743?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-4743

📅 Published

🔄 Last Modified

🔗 References (34)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-4743?