Table of Contents

Public Date:
281561: CVE-2007-4743 krb5 incomplete fix for CVE-2007-3999

The MITRE CVE dictionary describes this issue as:

The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and other applications that use krb5, does not correctly check the buffer length in some environments and architectures, which might allow remote attackers to conduct a buffer overflow attack.

Find out more about CVE-2007-4743 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (krb5) RHSA-2007:0892 2007-09-07
Last Modified

CVE description copyright © 2017, The MITRE Corporation