MitreCVELIST:CVE-2007-4000CVE-2007-4000
The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the βmodify policyβ privilege to execute arbitrary code via unspecified vectors that trigger a write to an uninitialized pointer.
References
secunia.com/advisories/26676
secunia.com/advisories/26680
secunia.com/advisories/26700
secunia.com/advisories/26728
secunia.com/advisories/26783
secunia.com/advisories/26987
securityreason.com/securityalert/3092
web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt
www.gentoo.org/security/en/glsa/glsa-200709-01.xml
www.kb.cert.org/vuls/id/377544
www.mandriva.com/security/advisories?name=MDKSA-2007:174
www.novell.com/linux/security/advisories/2007_19_sr.html
www.redhat.com/support/errata/RHSA-2007-0858.html
www.securityfocus.com/archive/1/478794/100/0/threaded
www.securityfocus.com/bid/25533
www.securitytracker.com/id?1018647
www.vupen.com/english/advisories/2007/3051
bugzilla.redhat.com/show_bug.cgi?id=250976
exchange.xforce.ibmcloud.com/vulnerabilities/36438
issues.rpath.com/browse/RPL-1696
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9278
www.redhat.com/archives/fedora-package-announce/2007-September/msg00087.html
Related
