Upstream information

CVE-2007-2798 at MITRE

Description

Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having important severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 7.4
Vector AV:A/AC:M/Au:S/C:C/I:C/A:C
Access Vector Adjacent Network
Access Complexity Medium
Authentication Single
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
SUSE Bugzilla entries: 278689 [RESOLVED / FIXED], 283681 [RESOLVED / DUPLICATE]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Server 11 SP1
  • krb5 >= 1.6.3-133.27.1
  • krb5-32bit >= 1.6.3-133.27.1
  • krb5-apps-clients >= 1.6.3-133.27.1
  • krb5-apps-servers >= 1.6.3-133.27.1
  • krb5-client >= 1.6.3-133.27.1
  • krb5-plugin-kdb-ldap >= 1.6.3-133.12
  • krb5-plugin-preauth-pkinit >= 1.6.3-133.12
  • krb5-server >= 1.6.3-133.27.1
  • krb5-x86 >= 1.6.3-133.27.1
Patchnames:
SUSE Linux Enterprise Server 11 SP1 GA krb5
SUSE Linux Enterprise Server 11 SP1 GA krb5-plugin-kdb-ldap
SUSE Linux Enterprise Server 11 SP2
  • krb5 >= 1.6.3-133.48.48.1
  • krb5-32bit >= 1.6.3-133.48.48.1
  • krb5-apps-clients >= 1.6.3-133.48.48.1
  • krb5-apps-servers >= 1.6.3-133.48.48.1
  • krb5-client >= 1.6.3-133.48.48.1
  • krb5-plugin-kdb-ldap >= 1.6.3-133.12
  • krb5-plugin-preauth-pkinit >= 1.6.3-133.12
  • krb5-server >= 1.6.3-133.48.48.1
  • krb5-x86 >= 1.6.3-133.48.48.1
Patchnames:
SUSE Linux Enterprise Server 11 SP2 GA krb5
SUSE Linux Enterprise Server 11 SP2 GA krb5-plugin-kdb-ldap
SUSE Linux Enterprise Server 11 SP3
  • krb5 >= 1.6.3-133.49.54.1
  • krb5-32bit >= 1.6.3-133.49.54.1
  • krb5-apps-clients >= 1.6.3-133.49.54.1
  • krb5-apps-servers >= 1.6.3-133.49.54.1
  • krb5-client >= 1.6.3-133.49.54.1
  • krb5-plugin-kdb-ldap >= 1.6.3-133.49.54.1
  • krb5-plugin-preauth-pkinit >= 1.6.3-133.49.54.1
  • krb5-server >= 1.6.3-133.49.54.1
  • krb5-x86 >= 1.6.3-133.49.54.1
Patchnames:
SUSE Linux Enterprise Server 11 SP3 GA krb5
SUSE Linux Enterprise Server 11 SP3 GA krb5-plugin-kdb-ldap
SUSE Linux Enterprise Server 11 SP4
  • krb5 >= 1.6.3-133.49.66.1
  • krb5-32bit >= 1.6.3-133.49.66.1
  • krb5-apps-clients >= 1.6.3-133.49.66.1
  • krb5-apps-servers >= 1.6.3-133.49.66.1
  • krb5-client >= 1.6.3-133.49.66.1
  • krb5-plugin-kdb-ldap >= 1.6.3-133.49.66.1
  • krb5-plugin-preauth-pkinit >= 1.6.3-133.49.66.1
  • krb5-server >= 1.6.3-133.49.66.1
  • krb5-x86 >= 1.6.3-133.49.66.1
Patchnames:
SUSE Linux Enterprise Server 11 SP4 GA krb5
SUSE Linux Enterprise Server 11 SP4 GA krb5-plugin-kdb-ldap
SUSE Linux Enterprise Software Development Kit 11 SP4
  • krb5-devel >= 1.6.3-133.49.66.1
  • krb5-devel-32bit >= 1.6.3-133.49.66.1
  • krb5-server >= 1.6.3-133.49.66.1
Patchnames:
SUSE Linux Enterprise Software Development Kit 11 SP4 GA krb5-devel
SUSE LINUX 10.0
  • krb5 >= 1.4.1-5.7
  • krb5-32bit >= 1.4.1-5.7
  • krb5-64bit >= 1.4.1-5.7
  • krb5-devel >= 1.4.1-5.7
  • krb5-devel-32bit >= 1.4.1-5.7
  • krb5-devel-64bit >= 1.4.1-5.7
  • krb5-server >= 1.4.1-5.7
SUSE LINUX 10.1
  • krb5 >= 1.4.3-19.22
  • krb5-32bit >= 1.4.3-19.22
  • krb5-64bit >= 1.4.3-19.22
  • krb5-devel >= 1.4.3-19.22
  • krb5-devel-32bit >= 1.4.3-19.22
  • krb5-devel-64bit >= 1.4.3-19.22
  • krb5-server >= 1.4.3-19.22