New Search

Security Vulnerability in the Kerberos Administration Daemon (kadmind(1M)) May Lead to Arbitrary Code Execution

oval:org.mitre.oval:def:1726

Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3 1.6.1 and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Sun Solaris 9
  • Sun Solaris 10
Class:
vulnerability
Reference(s):
  • CVE-2007-2798
Product(s):