CVE-2007-4000

Vulnerability Description

The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy" privilege to execute arbitrary code via unspecified vectors that trigger a write to an uninitialized pointer.

CVSS Score

Affected Products

Related Weaknesses (CWE)

References

• http://secunia.com/advisories/26676Broken Link
• http://secunia.com/advisories/26680Broken Link
• http://secunia.com/advisories/26700Broken Link
• http://secunia.com/advisories/26728Broken Link
• http://secunia.com/advisories/26783Broken Link
• http://secunia.com/advisories/26987Broken Link
• http://securityreason.com/securityalert/3092Broken Link
• http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txtVendor Advisory
• http://www.gentoo.org/security/en/glsa/glsa-200709-01.xmlThird Party Advisory
• http://www.kb.cert.org/vuls/id/377544Third Party AdvisoryUS Government Resource
• http://www.mandriva.com/security/advisories?name=MDKSA-2007:174Broken Link
• http://www.novell.com/linux/security/advisories/2007_19_sr.htmlBroken Link
• http://www.redhat.com/support/errata/RHSA-2007-0858.htmlThird Party Advisory
• http://www.securityfocus.com/archive/1/478794/100/0/threadedThird Party AdvisoryVDB Entry
• http://www.securityfocus.com/bid/25533Broken LinkThird Party AdvisoryVDB Entry