Red Hat Customer Portal

Skip to main content

CVE-2007-0956

Impact:
Critical
Public Date:
2007-04-03
Bugzilla:
229782: CVE-2007-0956 Unauthorized access via krb5-telnet daemon

The MITRE CVE dictionary describes this issue as:

The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass authentication and gain system access via a username beginning with a '-' character, a similar issue to CVE-2007-0882.

Find out more about CVE-2007-0956 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 3 (krb5) RHSA-2007:0095 2007-04-03
Red Hat Enterprise Linux 2.1 (krb5) RHSA-2007:0095 2007-04-03
Red Hat Enterprise Linux 4 (krb5) RHSA-2007:0095 2007-04-03
Red Hat Enterprise Linux 5 (krb5) RHSA-2007:0095 2007-04-03

Acknowledgements

Red Hat would like to thank MIT for reporting this issue.