Skip to navigation

CVE Database

CVE-2007-2443

Impact: Important
Public: 2007-06-26
Bugzilla: 245548: CVE-2007-2443 krb5 RPC library stack overflow

Details

The MITRE CVE dictionary describes this issue as:

Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.

Find out more about CVE-2007-2443 from the MITRE CVE dictionary and NIST NVD.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux version 2.1 (krb5) RHSA-2007:0384 June 26, 2007
Red Hat Enterprise Linux version 3 (krb5) RHSA-2007:0384 June 26, 2007
Red Hat Enterprise Linux version 4 (krb5) RHSA-2007:0562 June 26, 2007
Red Hat Enterprise Linux version 5 (krb5) RHSA-2007:0562 June 26, 2007

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.