CVE-2007-5902 - Vulnerability Details - OpenCVE

Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote attackers to have an unknown impact via a large length value for a GSS client name in an RPC request.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mit	Kerberos 5

Configuration 1 [-]

cpe:2.3:a:mit:kerberos_5:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://bugs.gentoo.org/show_bug.cgi?id=199214
http://osvdb.org/44748
http://seclists.org/fulldisclosure/2007/Dec/0176.html
http://seclists.org/fulldisclosure/2007/Dec/0321.html
http://secunia.com/advisories/28636
http://secunia.com/advisories/29457
http://secunia.com/advisories/39290
http://secunia.com/advisories/39784
http://ubuntu.com/usn/usn-924-1
http://wiki.rpath.com/Advisories:rPSA-2008-0112
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112
http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
http://www.securityfocus.com/archive/1/489883/100/0/threaded
http://www.securityfocus.com/bid/26750
http://www.ubuntu.com/usn/USN-940-1
http://www.vupen.com/english/advisories/2010/1192
https://issues.rpath.com/browse/RPL-2012
https://nvd.nist.gov/vuln/detail/CVE-2007-5902
https://www.cve.org/CVERecord?id=CVE-2007-5902

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-12-06T02:00:00

Updated: 2024-08-07T15:47:00.452Z

Reserved: 2007-11-09T00:00:00

Link: CVE-2007-5902

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-12-06T02:46:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-5902

Redhat

Severity : Moderate

Publid Date: 2007-11-14T00:00:00Z

Links: CVE-2007-5902 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-12-03T00:00:00", "descriptions": [{"lang": "en", "value": "Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote attackers to have an unknown impact via a large length value for a GSS client name in an RPC request."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "39784", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/39784"}, {"name": "USN-940-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-940-1"}, {"name": "29457", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29457"}, {"name": "SUSE-SR:2008:002", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"}, {"name": "26750", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26750"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0112"}, {"name": "20071208 Venustech reports of MIT krb5 vulns [CVE-2007-5894 CVE-2007-5901 CVE-2007-5902 CVE-2007-5971 CVE-2007-5972]", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2007/Dec/0321.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112"}, {"name": "ADV-2010-1192", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/1192"}, {"tags": ["x_refsource_MISC"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=199214"}, {"name": "20080319 rPSA-2008-0112-1 krb5 krb5-server krb5-services krb5-test krb5-workstation", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/489883/100/0/threaded"}, {"name": "20071208 MIT Kerberos 5: Multiple vulnerabilities", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2007/Dec/0176.html"}, {"name": "39290", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/39290"}, {"name": "USN-924-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://ubuntu.com/usn/usn-924-1"}, {"name": "28636", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28636"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-2012"}, {"name": "44748", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/44748"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5902", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote attackers to have an unknown impact via a large length value for a GSS client name in an RPC request."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "39784", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/39784"}, {"name": "USN-940-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-940-1"}, {"name": "29457", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29457"}, {"name": "SUSE-SR:2008:002", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"}, {"name": "26750", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26750"}, {"name": "http://wiki.rpath.com/Advisories:rPSA-2008-0112", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0112"}, {"name": "20071208 Venustech reports of MIT krb5 vulns [CVE-2007-5894 CVE-2007-5901 CVE-2007-5902 CVE-2007-5971 CVE-2007-5972]", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2007/Dec/0321.html"}, {"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112"}, {"name": "ADV-2010-1192", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/1192"}, {"name": "http://bugs.gentoo.org/show_bug.cgi?id=199214", "refsource": "MISC", "url": "http://bugs.gentoo.org/show_bug.cgi?id=199214"}, {"name": "20080319 rPSA-2008-0112-1 krb5 krb5-server krb5-services krb5-test krb5-workstation", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/489883/100/0/threaded"}, {"name": "20071208 MIT Kerberos 5: Multiple vulnerabilities", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2007/Dec/0176.html"}, {"name": "39290", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/39290"}, {"name": "USN-924-1", "refsource": "UBUNTU", "url": "http://ubuntu.com/usn/usn-924-1"}, {"name": "28636", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28636"}, {"name": "https://issues.rpath.com/browse/RPL-2012", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-2012"}, {"name": "44748", "refsource": "OSVDB", "url": "http://osvdb.org/44748"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T15:47:00.452Z"}, "title": "CVE Program Container", "references": [{"name": "39784", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/39784"}, {"name": "USN-940-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-940-1"}, {"name": "29457", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/29457"}, {"name": "SUSE-SR:2008:002", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"}, {"name": "26750", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/26750"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0112"}, {"name": "20071208 Venustech reports of MIT krb5 vulns [CVE-2007-5894 CVE-2007-5901 CVE-2007-5902 CVE-2007-5971 CVE-2007-5972]", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2007/Dec/0321.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112"}, {"name": "ADV-2010-1192", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/1192"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=199214"}, {"name": "20080319 rPSA-2008-0112-1 krb5 krb5-server krb5-services krb5-test krb5-workstation", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/489883/100/0/threaded"}, {"name": "20071208 MIT Kerberos 5: Multiple vulnerabilities", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2007/Dec/0176.html"}, {"name": "39290", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/39290"}, {"name": "USN-924-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://ubuntu.com/usn/usn-924-1"}, {"name": "28636", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28636"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.rpath.com/browse/RPL-2012"}, {"name": "44748", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/44748"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5902", "datePublished": "2007-12-06T02:00:00", "dateReserved": "2007-11-09T00:00:00", "dateUpdated": "2024-08-07T15:47:00.452Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mit:kerberos_5:-:*:*:*:*:*:*:*", "matchCriteriaId": "589D7E39-A243-49F9-8F67-4B9E92AE87DF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote attackers to have an unknown impact via a large length value for a GSS client name in an RPC request."}, {"lang": "es", "value": "Desbordamiento de entero en la funci\u00f3n svcauth_gss_get_principal de lib/rpc/svc_auth_gss.c en MIT Kerberos 5 (krb5) permite a atacantes remotos tener impacto desconocido mediante un valor de longitud grande para un nombre de cliente GSS en una petici\u00f3n RPC."}], "id": "CVE-2007-5902", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-12-06T02:46:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=199214"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/44748"}, {"source": "cve@mitre.org", "url": "http://seclists.org/fulldisclosure/2007/Dec/0176.html"}, {"source": "cve@mitre.org", "url": "http://seclists.org/fulldisclosure/2007/Dec/0321.html"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/28636"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/29457"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/39290"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/39784"}, {"source": "cve@mitre.org", "url": "http://ubuntu.com/usn/usn-924-1"}, {"source": "cve@mitre.org", "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0112"}, {"source": "cve@mitre.org", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112"}, {"source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/489883/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/26750"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-940-1"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2010/1192"}, {"source": "cve@mitre.org", "url": "https://issues.rpath.com/browse/RPL-2012"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=199214"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/44748"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2007/Dec/0176.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2007/Dec/0321.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28636"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29457"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/39290"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/39784"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://ubuntu.com/usn/usn-924-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0112"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/489883/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/26750"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-940-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/1192"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-2012"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "This issue is not a practical vulnerability, for more information see http://marc.info/?m=119743235325151\n\n", "lastModified": "2007-12-14T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}