CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
99.7%
The krb5 telnet service did not appropriately verify user names. A
remote attacker could log in as the root user by requesting a specially
crafted user name. (CVE-2007-0956)
The krb5 syslog library did not correctly verify the size of log
messages. A remote attacker could send a specially crafted message and
execute arbitrary code with root privileges. (CVE-2007-0957)
The krb5 administration service was vulnerable to a double-free in the
GSS RPC library. A remote attacker could send a specially crafted
request and execute arbitrary code with root privileges. (CVE-2007-1216)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 6.10 | noarch | krb5-telnetd | < 1.4.3-9ubuntu1.2 | UNKNOWN |
Ubuntu | 6.10 | noarch | libkrb53 | < 1.4.3-9ubuntu1.2 | UNKNOWN |
Ubuntu | 6.10 | noarch | libkadm55 | < 1.4.3-9ubuntu1.2 | UNKNOWN |
Ubuntu | 6.06 | noarch | krb5-telnetd | < 1.4.3-5ubuntu0.3 | UNKNOWN |
Ubuntu | 6.06 | noarch | libkrb53 | < 1.4.3-5ubuntu0.3 | UNKNOWN |
Ubuntu | 6.06 | noarch | libkadm55 | < 1.4.3-5ubuntu0.3 | UNKNOWN |
Ubuntu | 5.10 | noarch | krb5-telnetd | < 1.3.6-4ubuntu0.2 | UNKNOWN |
Ubuntu | 5.10 | noarch | libkrb53 | < 1.3.6-4ubuntu0.2 | UNKNOWN |
Ubuntu | 5.10 | noarch | libkadm55 | < 1.3.6-4ubuntu0.2 | UNKNOWN |