CVE-2007-0957 in Kerberosinfo

Summary

Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Kerberos administration daemon (kadmind) and Key Distribution Center (KDC), in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via crafted arguments, possibly involving certain format string specifiers.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

02/14/2007

Disclosure

04/05/2007

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
36017	MIT Kerberos Key Distribution Center krb5_klog_syslog stack-based overflow	121	Proof-of-Concept	Official fix	CVE-2007-0957

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!