Unrated severityNVD Advisory· Published Apr 6, 2007· Updated Apr 23, 2026
CVE-2007-0957
CVE-2007-0957
Description
Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Kerberos administration daemon (kadmind) and Key Distribution Center (KDC), in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via crafted arguments, possibly involving certain format string specifiers.
Affected products
6cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
37- web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-002-syslog.txtnvdPatchVendor Advisory
- lists.apple.com/archives/Security-announce/2007/Apr/msg00001.htmlnvdMailing ListThird Party Advisory
- secunia.com/advisories/24706nvdThird Party Advisory
- secunia.com/advisories/24735nvdThird Party Advisory
- secunia.com/advisories/24736nvdThird Party Advisory
- secunia.com/advisories/24740nvdThird Party Advisory
- secunia.com/advisories/24750nvdThird Party Advisory
- secunia.com/advisories/24757nvdThird Party Advisory
- secunia.com/advisories/24785nvdThird Party Advisory
- secunia.com/advisories/24786nvdThird Party Advisory
- secunia.com/advisories/24798nvdThird Party Advisory
- secunia.com/advisories/24817nvdThird Party Advisory
- secunia.com/advisories/24966nvdThird Party Advisory
- secunia.com/advisories/25464nvdThird Party Advisory
- security.gentoo.org/glsa/glsa-200704-02.xmlnvdThird Party Advisory
- www.debian.org/security/2007/dsa-1276nvdThird Party Advisory
- www.kb.cert.org/vuls/id/704024nvdThird Party AdvisoryUS Government Resource
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2007-0095.htmlnvdThird Party Advisory
- www.securityfocus.com/archive/1/464592/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/464666/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/464814/30/7170/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/23285nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/usn-449-1nvdThird Party Advisory
- www.us-cert.gov/cas/techalerts/TA07-093B.htmlnvdThird Party AdvisoryUS Government Resource
- www.us-cert.gov/cas/techalerts/TA07-109A.htmlnvdThird Party AdvisoryUS Government Resource
- www.vupen.com/english/advisories/2007/1218nvdThird Party Advisory
- www.vupen.com/english/advisories/2007/1250nvdThird Party Advisory
- www.vupen.com/english/advisories/2007/1470nvdThird Party Advisory
- www.vupen.com/english/advisories/2007/1983nvdThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/33411nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10757nvdBroken LinkThird Party Advisory
- patches.sgi.com/support/free/security/advisories/20070401-01-P.ascnvdBroken Link
- docs.info.apple.com/article.htmlnvdBroken Link
- lists.suse.com/archive/suse-security-announce/2007-Apr/0001.htmlnvdBroken Link
- sunsolve.sun.com/search/document.donvdBroken Link
News mentions
0No linked articles in our index yet.