Vulnerability Details : CVE-2007-5894
The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 (krb5) does not initialize the length variable when auth_type has a certain value, which has unknown impact and remote authenticated attack vectors. NOTE: the original disclosure misidentifies the conditions under which the uninitialized variable is used. NOTE: the vendor disputes this issue, stating " The 'length' variable is only uninitialized if 'auth_type' is neither the 'KERBEROS_V4' nor 'GSSAPI'; this condition cannot occur in the unmodified source code.
Products affected by CVE-2007-5894
- cpe:2.3:a:mit:kerberos_5:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-5894
4.02%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-5894
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
Vendor statements for CVE-2007-5894
-
Red Hat 2007-12-14This issue is not a vulnerability, for more information see http://marc.info/?m=119743235325151
References for CVE-2007-5894
-
http://seclists.org/fulldisclosure/2007/Dec/0321.html
Full Disclosure: Venustech reports of MIT krb5 vulns [CVE-2007-5894 CVE-2007-5901 CVE-2007-5902 CVE-2007-5971 CVE-2007-5972]
-
http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
-
http://www.securityfocus.com/bid/26750
-
http://secunia.com/advisories/29457
About Secunia Research | FlexeraVendor Advisory
-
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112
-
http://osvdb.org/44333
-
https://issues.rpath.com/browse/RPL-2012
-
http://secunia.com/advisories/28636
About Secunia Research | FlexeraVendor Advisory
-
http://wiki.rpath.com/Advisories:rPSA-2008-0112
-
http://seclists.org/fulldisclosure/2007/Dec/0176.html
Full Disclosure: MIT Kerberos 5: Multiple vulnerabilities
-
http://www.securityfocus.com/archive/1/489883/100/0/threaded
-
http://bugs.gentoo.org/show_bug.cgi?id=199205
199205 – app-crypt/mit-krb5 <1.6.3-r1 multiple issues (CVE-2007-{5901,5902, 5971, 5972, 5894})
Jump to