JVN/CVE Demo: Cveinfos

CVE

Id: 24314
CVE No.: CVE-2007-0957
Status: Candidate
Description: Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Kerberos administration daemon (kadmind) and Key Distribution Center (KDC), in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via crafted arguments, possibly involving certain format string specifiers.
Phase: Assigned (20070214)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
238723	24314	CVE-2007-0957	BUGTRAQ:20070404 rPSA-2007-0063-1 krb5 krb5-server krb5-services krb5-test krb5-workstation	View
238724	24314	CVE-2007-0957	URL:http://www.securityfocus.com/archive/1/archive/1/464666/100/0/threaded	View
238725	24314	CVE-2007-0957	BUGTRAQ:20070403 MITKRB5-SA-2007-002: KDC, kadmind stack overflow in krb5_klog_syslog [CVE-2007-0957]	View
238726	24314	CVE-2007-0957	URL:http://www.securityfocus.com/archive/1/archive/1/464592/100/0/threaded	View
238727	24314	CVE-2007-0957	BUGTRAQ:20070405 FLEA-2007-0008-1: krb5	View
238728	24314	CVE-2007-0957	URL:http://www.securityfocus.com/archive/1/archive/1/464814/30/7170/threaded	View
238729	24314	CVE-2007-0957	CONFIRM:http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-002-syslog.txt	View
238730	24314	CVE-2007-0957	CONFIRM:http://docs.info.apple.com/article.html?artnum=305391	View
238731	24314	CVE-2007-0957	APPLE:APPLE-SA-2007-04-19	View
238732	24314	CVE-2007-0957	URL:http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html	View
238733	24314	CVE-2007-0957	DEBIAN:DSA-1276	View
238734	24314	CVE-2007-0957	URL:http://www.debian.org/security/2007/dsa-1276	View
238735	24314	CVE-2007-0957	GENTOO:GLSA-200704-02	View
238736	24314	CVE-2007-0957	URL:http://security.gentoo.org/glsa/glsa-200704-02.xml	View
238737	24314	CVE-2007-0957	MANDRIVA:MDKSA-2007:077	View
238738	24314	CVE-2007-0957	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:077	View
238739	24314	CVE-2007-0957	REDHAT:RHSA-2007:0095	View
238740	24314	CVE-2007-0957	URL:http://www.redhat.com/support/errata/RHSA-2007-0095.html	View
238741	24314	CVE-2007-0957	SGI:20070401-01-P	View
238742	24314	CVE-2007-0957	URL:ftp://patches.sgi.com/support/free/security/advisories/20070401-01-P.asc	View
238743	24314	CVE-2007-0957	SUNALERT:102930	View
238744	24314	CVE-2007-0957	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102930-1	View
238745	24314	CVE-2007-0957	SUSE:SUSE-SA:2007:025	View
238746	24314	CVE-2007-0957	URL:http://lists.suse.com/archive/suse-security-announce/2007-Apr/0001.html	View
238747	24314	CVE-2007-0957	UBUNTU:USN-449-1	View
238748	24314	CVE-2007-0957	URL:http://www.ubuntu.com/usn/usn-449-1	View
238749	24314	CVE-2007-0957	CERT:TA07-093B	View
238750	24314	CVE-2007-0957	URL:http://www.us-cert.gov/cas/techalerts/TA07-093B.html	View
238751	24314	CVE-2007-0957	CERT:TA07-109A	View
238752	24314	CVE-2007-0957	URL:http://www.us-cert.gov/cas/techalerts/TA07-109A.html	View
238753	24314	CVE-2007-0957	CERT-VN:VU#704024	View
238754	24314	CVE-2007-0957	URL:http://www.kb.cert.org/vuls/id/704024	View
238755	24314	CVE-2007-0957	BID:23285	View
238756	24314	CVE-2007-0957	URL:http://www.securityfocus.com/bid/23285	View
238757	24314	CVE-2007-0957	OVAL:oval:org.mitre.oval:def:10757	View
238758	24314	CVE-2007-0957	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10757	View
238759	24314	CVE-2007-0957	VUPEN:ADV-2007-1250	View
238760	24314	CVE-2007-0957	URL:http://www.vupen.com/english/advisories/2007/1250	View
238761	24314	CVE-2007-0957	VUPEN:ADV-2007-1218	View
238762	24314	CVE-2007-0957	URL:http://www.vupen.com/english/advisories/2007/1218	View
238763	24314	CVE-2007-0957	VUPEN:ADV-2007-1470	View
238764	24314	CVE-2007-0957	URL:http://www.vupen.com/english/advisories/2007/1470	View
238765	24314	CVE-2007-0957	VUPEN:ADV-2007-1983	View
238766	24314	CVE-2007-0957	URL:http://www.vupen.com/english/advisories/2007/1983	View
238767	24314	CVE-2007-0957	SECTRACK:1017849	View
238768	24314	CVE-2007-0957	URL:http://www.securitytracker.com/id?1017849	View
238769	24314	CVE-2007-0957	SECUNIA:24706	View
238770	24314	CVE-2007-0957	URL:http://secunia.com/advisories/24706	View
238771	24314	CVE-2007-0957	SECUNIA:24736	View
238772	24314	CVE-2007-0957	URL:http://secunia.com/advisories/24736	View
238773	24314	CVE-2007-0957	SECUNIA:24757	View
238774	24314	CVE-2007-0957	URL:http://secunia.com/advisories/24757	View
238775	24314	CVE-2007-0957	SECUNIA:24740	View
238776	24314	CVE-2007-0957	URL:http://secunia.com/advisories/24740	View
238777	24314	CVE-2007-0957	SECUNIA:24750	View
238778	24314	CVE-2007-0957	URL:http://secunia.com/advisories/24750	View
238779	24314	CVE-2007-0957	SECUNIA:24785	View
238780	24314	CVE-2007-0957	URL:http://secunia.com/advisories/24785	View
238781	24314	CVE-2007-0957	SECUNIA:24786	View
238782	24314	CVE-2007-0957	URL:http://secunia.com/advisories/24786	View
238783	24314	CVE-2007-0957	SECUNIA:24798	View
238784	24314	CVE-2007-0957	URL:http://secunia.com/advisories/24798	View
238785	24314	CVE-2007-0957	SECUNIA:24817	View
238786	24314	CVE-2007-0957	URL:http://secunia.com/advisories/24817	View
238787	24314	CVE-2007-0957	SECUNIA:24735	View
238788	24314	CVE-2007-0957	URL:http://secunia.com/advisories/24735	View
238789	24314	CVE-2007-0957	SECUNIA:24966	View
238790	24314	CVE-2007-0957	URL:http://secunia.com/advisories/24966	View
238791	24314	CVE-2007-0957	SECUNIA:25464	View
238792	24314	CVE-2007-0957	URL:http://secunia.com/advisories/25464	View
238793	24314	CVE-2007-0957	XF:kerberos-krb5klogsyslog-bo(33411)	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
51496	JVNDB-2007-000158	Cisco PIX/ASA の不正な TCP パケット処理によるサービス運用妨害 (DoS) の脆弱性	Cisco PIX 500 シリーズおよび Cisco ASA 5500 シリーズセキュリティアプライアンスには、"inspect ftp" あるいは "inspect http" などの特定の TCP ベースプロトコルの検査機能が有効な場合、不正な TCP パケットを処理することでデバイスが再起動を引き起こす脆弱性が存在します。	CVE-2007-0959	24314	7.8		http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000158.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.37 MB
View render complete	2.89 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.29
Event: Controller.initialize	0.02
Event: Controller.startup	0.07
Controller action	409.89
Event: Controller.beforeRender	5.62
» Processing toolbar data	5.53
Rendering View	20.95
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	19.56
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.82
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.14
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/24314
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/24314
Remote Port	47447
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.66
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.3.85.41
Http Via	1.1 squid-proxy-5b5d847c96-hm7vw (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	216.73.216.66
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.66
Unique Id	aHjnuXVPxJ9gmbIMGqcsswAAARA
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	216.73.216.66
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.66
Redirect Unique Id	aHjnuXVPxJ9gmbIMGqcsswAAARA
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	216.73.216.66
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.66
Redirect Redirect Unique Id	aHjnuXVPxJ9gmbIMGqcsswAAARA
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1752754105.0289
Request Time	1752754105

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files