CVE-2007-0957

N/A Unknown
Published: April 06, 2007 Modified: April 23, 2026
View on NVD

Description

Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Kerberos administration daemon (kadmind) and Key Distribution Center (KDC), in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via crafted arguments, possibly involving certain format string specifiers.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
ftp://patches.sgi.com/support/free/security/advisories/20070401-01-P.asc
Source: cve@mitre.org
Broken Link
http://docs.info.apple.com/article.html?artnum=305391
Source: cve@mitre.org
Broken Link
http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html
Source: cve@mitre.org
Mailing List Third Party Advisory
http://lists.suse.com/archive/suse-security-announce/2007-Apr/0001.html
Source: cve@mitre.org
Broken Link
http://secunia.com/advisories/24706
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/24735
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/24736
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/24740
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/24750
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/24757
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/24785
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/24786
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/24798
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/24817
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/24966
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/25464
Source: cve@mitre.org
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200704-02.xml
Source: cve@mitre.org
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102930-1
Source: cve@mitre.org
Broken Link
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-002-syslog.txt
Source: cve@mitre.org
Patch Vendor Advisory
http://www.debian.org/security/2007/dsa-1276
Source: cve@mitre.org
Third Party Advisory
http://www.kb.cert.org/vuls/id/704024
Source: cve@mitre.org
Third Party Advisory US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2007:077
Source: cve@mitre.org
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0095.html
Source: cve@mitre.org
Third Party Advisory
http://www.securityfocus.com/archive/1/464592/100/0/threaded
Source: cve@mitre.org
Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/464666/100/0/threaded
Source: cve@mitre.org
Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/464814/30/7170/threaded
Source: cve@mitre.org
Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/23285
Source: cve@mitre.org
Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1017849
Source: cve@mitre.org
Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-449-1
Source: cve@mitre.org
Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA07-093B.html
Source: cve@mitre.org
Third Party Advisory US Government Resource
http://www.us-cert.gov/cas/techalerts/TA07-109A.html
Source: cve@mitre.org
Third Party Advisory US Government Resource
http://www.vupen.com/english/advisories/2007/1218
Source: cve@mitre.org
Third Party Advisory
http://www.vupen.com/english/advisories/2007/1250
Source: cve@mitre.org
Third Party Advisory
http://www.vupen.com/english/advisories/2007/1470
Source: cve@mitre.org
Third Party Advisory
http://www.vupen.com/english/advisories/2007/1983
Source: cve@mitre.org
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/33411
Source: cve@mitre.org
Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10757
Source: cve@mitre.org
Broken Link Third Party Advisory
ftp://patches.sgi.com/support/free/security/advisories/20070401-01-P.asc
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://docs.info.apple.com/article.html?artnum=305391
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.suse.com/archive/suse-security-announce/2007-Apr/0001.html
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/24706
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/24735
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/24736
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/24740
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/24750
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/24757
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/24785
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/24786
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/24798
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/24817
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/24966
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25464
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200704-02.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102930-1
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-002-syslog.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.debian.org/security/2007/dsa-1276
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.kb.cert.org/vuls/id/704024
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2007:077
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0095.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/archive/1/464592/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/464666/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/464814/30/7170/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/23285
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1017849
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-449-1
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA07-093B.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory US Government Resource
http://www.us-cert.gov/cas/techalerts/TA07-109A.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory US Government Resource
http://www.vupen.com/english/advisories/2007/1218
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2007/1250
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2007/1470
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2007/1983
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/33411
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10757
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory

74 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
26.1%
96th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-787

Affected Vendors

debian canonical mit

Related CVEs

CVE-2026-8696 7.5
CVE-2026-45672 8.8
CVE-2026-45402 8.1
CVE-2026-45401 8.5
CVE-2026-45400 8.5