CyberSec.Space Logo
返回 CVE 浏览器

CVE-2007-5902

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0760%
EPSS Percentile7.97th
Published2007年12月6日
Last Modified2026年4月23日

Vulnerability Description

Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote attackers to have an unknown impact via a large length value for a GSS client name in an RPC request.

Affected Platforms (CPE)

📦
Mit

Kerberos 5

All versions

References & Advisories

🔗 http://bugs.gentoo.org/show_bug.cgi?id=199214
🔗 http://osvdb.org/44748
🔗 http://seclists.org/fulldisclosure/2007/Dec/0176.html
🔗 http://seclists.org/fulldisclosure/2007/Dec/0321.html
🔗 http://secunia.com/advisories/28636
🔗 http://secunia.com/advisories/29457
🔗 http://secunia.com/advisories/39290
🔗 http://secunia.com/advisories/39784

相关漏洞威胁

CVE-2000-039110.0

Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges.

CVE-2000-039010.0

Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.

CVE-2000-038910.0

Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges.

CVE-2000-051410.0

GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict access to some FTP commands, which allows remote attackers to cau...