CVE-2007-2442 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2007-2442 Interim 1 9 2022-10-15T18:28:31Z current 2021-05-30T12:38:49Z 2022-10-15T18:28:31Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2007-2442 The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/opensuse-security-announce/2007-07/msg00000.html E-Mail link for SUSE-SA:2007:038 https://www.suse.com/support/kb/doc?id=3248163 E-Mail link for TID3248163 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 openSUSE Tumbleweed krb5-1.19.2-2.2 krb5-1.6.3-133.27.1 krb5-1.6.3-133.48.48.1 krb5-1.6.3-133.49.54.1 krb5-1.6.3-133.49.66.1 krb5-32bit-1.19.2-2.2 krb5-32bit-1.6.3-133.27.1 krb5-32bit-1.6.3-133.48.48.1 krb5-32bit-1.6.3-133.49.54.1 krb5-32bit-1.6.3-133.49.66.1 krb5-apps-clients-1.6.3-133.27.1 krb5-apps-clients-1.6.3-133.48.48.1 krb5-apps-clients-1.6.3-133.49.54.1 krb5-apps-clients-1.6.3-133.49.66.1 krb5-apps-servers-1.6.3-133.27.1 krb5-apps-servers-1.6.3-133.48.48.1 krb5-apps-servers-1.6.3-133.49.54.1 krb5-apps-servers-1.6.3-133.49.66.1 krb5-client-1.19.2-2.2 krb5-client-1.6.3-133.27.1 krb5-client-1.6.3-133.48.48.1 krb5-client-1.6.3-133.49.54.1 krb5-client-1.6.3-133.49.66.1 krb5-devel-1.19.2-2.2 krb5-devel-1.6.3-133.49.66.1 krb5-devel-32bit-1.19.2-2.2 krb5-devel-32bit-1.6.3-133.49.66.1 krb5-plugin-kdb-ldap-1.19.2-2.2 krb5-plugin-kdb-ldap-1.6.3-133.12 krb5-plugin-kdb-ldap-1.6.3-133.49.54.1 krb5-plugin-kdb-ldap-1.6.3-133.49.66.1 krb5-plugin-preauth-otp-1.19.2-2.2 krb5-plugin-preauth-pkinit-1.19.2-2.2 krb5-plugin-preauth-pkinit-1.6.3-133.12 krb5-plugin-preauth-pkinit-1.6.3-133.49.54.1 krb5-plugin-preauth-pkinit-1.6.3-133.49.66.1 krb5-plugin-preauth-spake-1.19.2-2.2 krb5-server-1.19.2-2.2 krb5-server-1.6.3-133.27.1 krb5-server-1.6.3-133.48.48.1 krb5-server-1.6.3-133.49.54.1 krb5-server-1.6.3-133.49.66.1 krb5-x86-1.6.3-133.27.1 krb5-x86-1.6.3-133.48.48.1 krb5-x86-1.6.3-133.49.54.1 krb5-x86-1.6.3-133.49.66.1 krb5-1.6.3-133.27.1 as a component of SUSE Linux Enterprise Server 11 SP1 krb5-32bit-1.6.3-133.27.1 as a component of SUSE Linux Enterprise Server 11 SP1 krb5-apps-clients-1.6.3-133.27.1 as a component of SUSE Linux Enterprise Server 11 SP1 krb5-apps-servers-1.6.3-133.27.1 as a component of SUSE Linux Enterprise Server 11 SP1 krb5-client-1.6.3-133.27.1 as a component of SUSE Linux Enterprise Server 11 SP1 krb5-plugin-kdb-ldap-1.6.3-133.12 as a component of SUSE Linux Enterprise Server 11 SP1 krb5-plugin-preauth-pkinit-1.6.3-133.12 as a component of SUSE Linux Enterprise Server 11 SP1 krb5-server-1.6.3-133.27.1 as a component of SUSE Linux Enterprise Server 11 SP1 krb5-x86-1.6.3-133.27.1 as a component of SUSE Linux Enterprise Server 11 SP1 krb5-1.6.3-133.48.48.1 as a component of SUSE Linux Enterprise Server 11 SP2 krb5-32bit-1.6.3-133.48.48.1 as a component of SUSE Linux Enterprise Server 11 SP2 krb5-apps-clients-1.6.3-133.48.48.1 as a component of SUSE Linux Enterprise Server 11 SP2 krb5-apps-servers-1.6.3-133.48.48.1 as a component of SUSE Linux Enterprise Server 11 SP2 krb5-client-1.6.3-133.48.48.1 as a component of SUSE Linux Enterprise Server 11 SP2 krb5-plugin-kdb-ldap-1.6.3-133.12 as a component of SUSE Linux Enterprise Server 11 SP2 krb5-plugin-preauth-pkinit-1.6.3-133.12 as a component of SUSE Linux Enterprise Server 11 SP2 krb5-server-1.6.3-133.48.48.1 as a component of SUSE Linux Enterprise Server 11 SP2 krb5-x86-1.6.3-133.48.48.1 as a component of SUSE Linux Enterprise Server 11 SP2 krb5-1.6.3-133.49.54.1 as a component of SUSE Linux Enterprise Server 11 SP3 krb5-32bit-1.6.3-133.49.54.1 as a component of SUSE Linux Enterprise Server 11 SP3 krb5-apps-clients-1.6.3-133.49.54.1 as a component of SUSE Linux Enterprise Server 11 SP3 krb5-apps-servers-1.6.3-133.49.54.1 as a component of SUSE Linux Enterprise Server 11 SP3 krb5-client-1.6.3-133.49.54.1 as a component of SUSE Linux Enterprise Server 11 SP3 krb5-plugin-kdb-ldap-1.6.3-133.49.54.1 as a component of SUSE Linux Enterprise Server 11 SP3 krb5-plugin-preauth-pkinit-1.6.3-133.49.54.1 as a component of SUSE Linux Enterprise Server 11 SP3 krb5-server-1.6.3-133.49.54.1 as a component of SUSE Linux Enterprise Server 11 SP3 krb5-x86-1.6.3-133.49.54.1 as a component of SUSE Linux Enterprise Server 11 SP3 krb5-1.6.3-133.49.66.1 as a component of SUSE Linux Enterprise Server 11 SP4 krb5-32bit-1.6.3-133.49.66.1 as a component of SUSE Linux Enterprise Server 11 SP4 krb5-apps-clients-1.6.3-133.49.66.1 as a component of SUSE Linux Enterprise Server 11 SP4 krb5-apps-servers-1.6.3-133.49.66.1 as a component of SUSE Linux Enterprise Server 11 SP4 krb5-client-1.6.3-133.49.66.1 as a component of SUSE Linux Enterprise Server 11 SP4 krb5-plugin-kdb-ldap-1.6.3-133.49.66.1 as a component of SUSE Linux Enterprise Server 11 SP4 krb5-plugin-preauth-pkinit-1.6.3-133.49.66.1 as a component of SUSE Linux Enterprise Server 11 SP4 krb5-server-1.6.3-133.49.66.1 as a component of SUSE Linux Enterprise Server 11 SP4 krb5-x86-1.6.3-133.49.66.1 as a component of SUSE Linux Enterprise Server 11 SP4 krb5-devel-1.6.3-133.49.66.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 krb5-devel-32bit-1.6.3-133.49.66.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 krb5-server-1.6.3-133.49.66.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 krb5-1.19.2-2.2 as a component of openSUSE Tumbleweed krb5-32bit-1.19.2-2.2 as a component of openSUSE Tumbleweed krb5-client-1.19.2-2.2 as a component of openSUSE Tumbleweed krb5-devel-1.19.2-2.2 as a component of openSUSE Tumbleweed krb5-devel-32bit-1.19.2-2.2 as a component of openSUSE Tumbleweed krb5-plugin-kdb-ldap-1.19.2-2.2 as a component of openSUSE Tumbleweed krb5-plugin-preauth-otp-1.19.2-2.2 as a component of openSUSE Tumbleweed krb5-plugin-preauth-pkinit-1.19.2-2.2 as a component of openSUSE Tumbleweed krb5-plugin-preauth-spake-1.19.2-2.2 as a component of openSUSE Tumbleweed krb5-server-1.19.2-2.2 as a component of openSUSE Tumbleweed The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup. CVE-2007-2442 SUSE Linux Enterprise Server 11 SP1:krb5-1.6.3-133.27.1 SUSE Linux Enterprise Server 11 SP1:krb5-32bit-1.6.3-133.27.1 SUSE Linux Enterprise Server 11 SP1:krb5-apps-clients-1.6.3-133.27.1 SUSE Linux Enterprise Server 11 SP1:krb5-apps-servers-1.6.3-133.27.1 SUSE Linux Enterprise Server 11 SP1:krb5-client-1.6.3-133.27.1 SUSE Linux Enterprise Server 11 SP1:krb5-plugin-kdb-ldap-1.6.3-133.12 SUSE Linux Enterprise Server 11 SP1:krb5-plugin-preauth-pkinit-1.6.3-133.12 SUSE Linux Enterprise Server 11 SP1:krb5-server-1.6.3-133.27.1 SUSE Linux Enterprise Server 11 SP1:krb5-x86-1.6.3-133.27.1 SUSE Linux Enterprise Server 11 SP2:krb5-1.6.3-133.48.48.1 SUSE Linux Enterprise Server 11 SP2:krb5-32bit-1.6.3-133.48.48.1 SUSE Linux Enterprise Server 11 SP2:krb5-apps-clients-1.6.3-133.48.48.1 SUSE Linux Enterprise Server 11 SP2:krb5-apps-servers-1.6.3-133.48.48.1 SUSE Linux Enterprise Server 11 SP2:krb5-client-1.6.3-133.48.48.1 SUSE Linux Enterprise Server 11 SP2:krb5-plugin-kdb-ldap-1.6.3-133.12 SUSE Linux Enterprise Server 11 SP2:krb5-plugin-preauth-pkinit-1.6.3-133.12 SUSE Linux Enterprise Server 11 SP2:krb5-server-1.6.3-133.48.48.1 SUSE Linux Enterprise Server 11 SP2:krb5-x86-1.6.3-133.48.48.1 SUSE Linux Enterprise Server 11 SP3:krb5-1.6.3-133.49.54.1 SUSE Linux Enterprise Server 11 SP3:krb5-32bit-1.6.3-133.49.54.1 SUSE Linux Enterprise Server 11 SP3:krb5-apps-clients-1.6.3-133.49.54.1 SUSE Linux Enterprise Server 11 SP3:krb5-apps-servers-1.6.3-133.49.54.1 SUSE Linux Enterprise Server 11 SP3:krb5-client-1.6.3-133.49.54.1 SUSE Linux Enterprise Server 11 SP3:krb5-plugin-kdb-ldap-1.6.3-133.49.54.1 SUSE Linux Enterprise Server 11 SP3:krb5-plugin-preauth-pkinit-1.6.3-133.49.54.1 SUSE Linux Enterprise Server 11 SP3:krb5-server-1.6.3-133.49.54.1 SUSE Linux Enterprise Server 11 SP3:krb5-x86-1.6.3-133.49.54.1 SUSE Linux Enterprise Server 11 SP4:krb5-1.6.3-133.49.66.1 SUSE Linux Enterprise Server 11 SP4:krb5-32bit-1.6.3-133.49.66.1 SUSE Linux Enterprise Server 11 SP4:krb5-apps-clients-1.6.3-133.49.66.1 SUSE Linux Enterprise Server 11 SP4:krb5-apps-servers-1.6.3-133.49.66.1 SUSE Linux Enterprise Server 11 SP4:krb5-client-1.6.3-133.49.66.1 SUSE Linux Enterprise Server 11 SP4:krb5-plugin-kdb-ldap-1.6.3-133.49.66.1 SUSE Linux Enterprise Server 11 SP4:krb5-plugin-preauth-pkinit-1.6.3-133.49.66.1 SUSE Linux Enterprise Server 11 SP4:krb5-server-1.6.3-133.49.66.1 SUSE Linux Enterprise Server 11 SP4:krb5-x86-1.6.3-133.49.66.1 SUSE Linux Enterprise Software Development Kit 11 SP4:krb5-devel-1.6.3-133.49.66.1 SUSE Linux Enterprise Software Development Kit 11 SP4:krb5-devel-32bit-1.6.3-133.49.66.1 SUSE Linux Enterprise Software Development Kit 11 SP4:krb5-server-1.6.3-133.49.66.1 openSUSE Tumbleweed:krb5-1.19.2-2.2 openSUSE Tumbleweed:krb5-32bit-1.19.2-2.2 openSUSE Tumbleweed:krb5-client-1.19.2-2.2 openSUSE Tumbleweed:krb5-devel-1.19.2-2.2 openSUSE Tumbleweed:krb5-devel-32bit-1.19.2-2.2 openSUSE Tumbleweed:krb5-plugin-kdb-ldap-1.19.2-2.2 openSUSE Tumbleweed:krb5-plugin-preauth-otp-1.19.2-2.2 openSUSE Tumbleweed:krb5-plugin-preauth-pkinit-1.19.2-2.2 openSUSE Tumbleweed:krb5-plugin-preauth-spake-1.19.2-2.2 openSUSE Tumbleweed:krb5-server-1.19.2-2.2 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C