VYPR
Unrated severityNVD Advisory· Published Jun 26, 2007· Updated Jun 16, 2026

CVE-2007-2443

CVE-2007-2443

Description

Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • Mit/Kerberos 52 versions
    cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*range: <=1.6.1
    • (no CPE)range: <1.6.1
  • cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
  • Debian/linux2 versions
    cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

49

News mentions

0

No linked articles in our index yet.