cbcvebase.
CVE-2007-4743
published 2007-09-06

CVE-2007-4743: The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos…

PriorityP341critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
4.61%
90.5th percentile
The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and other applications that use krb5, does not correctly check the buffer length in some environments and architectures, which might allow remote attackers to conduct a buffer overflow attack.

Affected

17 ranges
VendorProductVersion rangeFixed in
debiankrb5< krb5 1.6.dfsg.1-7 (bookworm)krb5 1.6.dfsg.1-7 (bookworm)
mitkerberos_5
mitkerberos_5
mitkerberos_5
mitkerberos_5
mitkerberos_5
mitkerberos_5
mitkerberos_5
mitkerberos_5
mitkerberos_5
mitkerberos_5
mitkerberos_5
mitkerberos_5
mitkrb5>= 0 < 1.6.dfsg.1-71.6.dfsg.1-7
mitkrb5>= 0 < 1.6.dfsg.1-71.6.dfsg.1-7
mitkrb5>= 0 < 1.6.dfsg.1-71.6.dfsg.1-7
mitkrb5>= 0 < 1.6.dfsg.1-71.6.dfsg.1-7

CVSS provenance

nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL
vendor_debian10.0HIGH
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.