CVE-2007-2443
CVE-2007-2443
Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.aschttp://docs.info.apple.com/article.html?artnum=306172http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.htmlhttp://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.htmlhttp://osvdb.org/36597http://secunia.com/advisories/25800http://secunia.com/advisories/25801http://secunia.com/advisories/25814http://secunia.com/advisories/25821http://secunia.com/advisories/25870http://secunia.com/advisories/25888