Vulnerability Note VU#883632
MIT Kerberos 5 kadmind buffer overflow vulnerability
An unspecified vulnerability in MIT Kerberos kadmind server may allow an attacker to execute arbitrary code.
Kerberos is a network authentication system that uses a trusted third party to authenticate clients and servers to each other. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. MIT Kerberos code is used in network applications from a variety of different vendors and is included in many UNIX and Linux distributions. The kadmind daemon is the administration server that runs on the master Kerberos server.
From the kadmind manual page:
Note that per MITKRB5-SA-2007-006, versions of kerberos prior to krb5-1.5 are not affected.
A remote, unauthenticated attacker may be able to execute arbitrary code.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Debian GNU/Linux||Affected||24 Aug 2007||05 Sep 2007|
|Gentoo Linux||Affected||24 Aug 2007||26 Oct 2007|
|MIT Kerberos Development Team||Affected||23 Aug 2007||04 Sep 2007|
|Red Hat, Inc.||Affected||24 Aug 2007||06 Sep 2007|
|Sun Microsystems, Inc.||Affected||24 Aug 2007||06 Sep 2007|
|SUSE Linux||Affected||24 Aug 2007||06 Sep 2007|
|Microsoft Corporation||Not Affected||24 Aug 2007||04 Sep 2007|
|Apple Computer, Inc.||Unknown||24 Aug 2007||24 Aug 2007|
|AttachmateWRQ, Inc.||Unknown||24 Aug 2007||24 Aug 2007|
|Conectiva Inc.||Unknown||24 Aug 2007||24 Aug 2007|
|Cray Inc.||Unknown||24 Aug 2007||24 Aug 2007|
|CyberSafe, Inc.||Unknown||24 Aug 2007||24 Aug 2007|
|EMC Corporation||Unknown||24 Aug 2007||24 Aug 2007|
|Engarde Secure Linux||Unknown||24 Aug 2007||24 Aug 2007|
|F5 Networks, Inc.||Unknown||24 Aug 2007||24 Aug 2007|
CVSS Metrics (Learn More)
Thanks to the MIT Kerberos team for information that was used in this report.
This document was written by Ryan Giobbi.
- CVE IDs: CVE-2007-3999
- Date Public: 04 Sep 2007
- Date First Published: 04 Sep 2007
- Date Last Updated: 15 Nov 2007
- Severity Metric: 8.61
- Document Revision: 28
If you have feedback, comments, or additional information about this vulnerability, please send us email.