CVE-2007-4000 in MIT and Fedora Project Products
Published on September 5, 2007

The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy" privilege to execute arbitrary code via unspecified vectors that trigger a write to an uninitialized pointer.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2007-4000

stack.watch emails you whenever new vulnerabilities are published in MIT Kerberos 5 or Fedora Project Fedora. Just hit a watch button to start following.

MIT Kerberos 5

Fedora Project Fedora

Exploit Probability

EPSS

29.35%

Percentile

96.51%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2007-4000 in MIT and Fedora Project ProductsPublished on September 5, 2007

Products Associated with CVE-2007-4000

Exploit Probability

CVE-2007-4000 in MIT and Fedora Project Products
Published on September 5, 2007