JVN/CVE Demo: Cveinfos

CVE

Id: 24313
CVE No.: CVE-2007-0956
Status: Candidate
Description: The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass authentication and gain system access via a username beginning with a "-" character, a similar issue to CVE-2007-0882.
Phase: Assigned (20070214)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
238665	24313	CVE-2007-0956	BUGTRAQ:20070403 MITKRB5-SA-2007-001: telnetd allows login as arbitrary user [CVE-2007-0956]	View
238666	24313	CVE-2007-0956	URL:http://www.securityfocus.com/archive/1/archive/1/464590/100/0/threaded	View
238667	24313	CVE-2007-0956	BUGTRAQ:20070404 rPSA-2007-0063-1 krb5 krb5-server krb5-services krb5-test krb5-workstation	View
238668	24313	CVE-2007-0956	URL:http://www.securityfocus.com/archive/1/archive/1/464666/100/0/threaded	View
238669	24313	CVE-2007-0956	BUGTRAQ:20070405 FLEA-2007-0008-1: krb5	View
238670	24313	CVE-2007-0956	URL:http://www.securityfocus.com/archive/1/archive/1/464814/30/7170/threaded	View
238671	24313	CVE-2007-0956	CONFIRM:http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-001-telnetd.txt	View
238672	24313	CVE-2007-0956	DEBIAN:DSA-1276	View
238673	24313	CVE-2007-0956	URL:http://www.debian.org/security/2007/dsa-1276	View
238674	24313	CVE-2007-0956	GENTOO:GLSA-200704-02	View
238675	24313	CVE-2007-0956	URL:http://security.gentoo.org/glsa/glsa-200704-02.xml	View
238676	24313	CVE-2007-0956	MANDRIVA:MDKSA-2007:077	View
238677	24313	CVE-2007-0956	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:077	View
238678	24313	CVE-2007-0956	REDHAT:RHSA-2007:0095	View
238679	24313	CVE-2007-0956	URL:http://www.redhat.com/support/errata/RHSA-2007-0095.html	View
238680	24313	CVE-2007-0956	SGI:20070401-01-P	View
238681	24313	CVE-2007-0956	URL:ftp://patches.sgi.com/support/free/security/advisories/20070401-01-P.asc	View
238682	24313	CVE-2007-0956	SUNALERT:102867	View
238683	24313	CVE-2007-0956	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102867-1	View
238684	24313	CVE-2007-0956	SUSE:SUSE-SA:2007:025	View
238685	24313	CVE-2007-0956	URL:http://lists.suse.com/archive/suse-security-announce/2007-Apr/0001.html	View
238686	24313	CVE-2007-0956	UBUNTU:USN-449-1	View
238687	24313	CVE-2007-0956	URL:http://www.ubuntu.com/usn/usn-449-1	View
238688	24313	CVE-2007-0956	CERT:TA07-093B	View
238689	24313	CVE-2007-0956	URL:http://www.us-cert.gov/cas/techalerts/TA07-093B.html	View
238690	24313	CVE-2007-0956	CERT-VN:VU#220816	View
238691	24313	CVE-2007-0956	URL:http://www.kb.cert.org/vuls/id/220816	View
238692	24313	CVE-2007-0956	BID:23281	View
238693	24313	CVE-2007-0956	URL:http://www.securityfocus.com/bid/23281	View
238694	24313	CVE-2007-0956	OVAL:oval:org.mitre.oval:def:10046	View
238695	24313	CVE-2007-0956	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10046	View
238696	24313	CVE-2007-0956	VUPEN:ADV-2007-1249	View
238697	24313	CVE-2007-0956	URL:http://www.vupen.com/english/advisories/2007/1249	View
238698	24313	CVE-2007-0956	VUPEN:ADV-2007-1218	View
238699	24313	CVE-2007-0956	URL:http://www.vupen.com/english/advisories/2007/1218	View
238700	24313	CVE-2007-0956	SECTRACK:1017848	View
238701	24313	CVE-2007-0956	URL:http://www.securitytracker.com/id?1017848	View
238702	24313	CVE-2007-0956	SECUNIA:24706	View
238703	24313	CVE-2007-0956	URL:http://secunia.com/advisories/24706	View
238704	24313	CVE-2007-0956	SECUNIA:24736	View
238705	24313	CVE-2007-0956	URL:http://secunia.com/advisories/24736	View
238706	24313	CVE-2007-0956	SECUNIA:24757	View
238707	24313	CVE-2007-0956	URL:http://secunia.com/advisories/24757	View
238708	24313	CVE-2007-0956	SECUNIA:24740	View
238709	24313	CVE-2007-0956	URL:http://secunia.com/advisories/24740	View
238710	24313	CVE-2007-0956	SECUNIA:24750	View
238711	24313	CVE-2007-0956	URL:http://secunia.com/advisories/24750	View
238712	24313	CVE-2007-0956	SECUNIA:24755	View
238713	24313	CVE-2007-0956	URL:http://secunia.com/advisories/24755	View
238714	24313	CVE-2007-0956	SECUNIA:24785	View
238715	24313	CVE-2007-0956	URL:http://secunia.com/advisories/24785	View
238716	24313	CVE-2007-0956	SECUNIA:24786	View
238717	24313	CVE-2007-0956	URL:http://secunia.com/advisories/24786	View
238718	24313	CVE-2007-0956	SECUNIA:24817	View
238719	24313	CVE-2007-0956	URL:http://secunia.com/advisories/24817	View
238720	24313	CVE-2007-0956	SECUNIA:24735	View
238721	24313	CVE-2007-0956	URL:http://secunia.com/advisories/24735	View
238722	24313	CVE-2007-0956	XF:kerberos-telnet-security-bypass(33414)	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
51545	JVNDB-2007-000207	Linux Kernel の PT_INTERP によるバイナリファイルを読み取り可能な脆弱性	Linux Kernel には、インタプリタ (PT_INTERP) を介して読み取り権限のないバイナリからコアダンプを生成し、バイナリを読み取り可能な脆弱性が存在します。	CVE-2007-0958	24313	2.1		http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000207.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.32 MB
View render complete	2.82 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.13
Event: Controller.initialize	0.02
Event: Controller.startup	0.07
Controller action	407.36
Event: Controller.beforeRender	5.29
» Processing toolbar data	5.19
Rendering View	17.42
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	16.40
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.57
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.09
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/24313
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/24313
Remote Port	26356
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.25
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.18.214
Http Via	1.1 squid-proxy-5b5d847c96-fzrpz (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.25
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.25
Unique Id	aH7uBuDIPB5TQ7Pa3mhqiQAAAO4
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.25
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.25
Redirect Unique Id	aH7uBuDIPB5TQ7Pa3mhqiQAAAO4
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.25
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.25
Redirect Redirect Unique Id	aH7uBuDIPB5TQ7Pa3mhqiQAAAO4
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1753148934.0059
Request Time	1753148934

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files