Signature Detail
Short Name |
RPC:KADMIND-KLOG |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
RPC |
Keywords |
MIT Kerberos V5 KAdminD klog_vsyslog Server Stack Buffer Overflow |
Release Date |
2010/10/06 |
Update Number |
1786 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
RPC: MIT Kerberos V5 KAdminD klog_vsyslog Server Stack Buffer Overflow
This signature detects attempts to exploit a known vulnerability against MIT Kerberos KAdminD. A successful attack can lead to arbitrary code execution.
Extended Description
Kerberos 5 kadmind (Kerberos Administration Daemon) server is prone to a stack-based buffer-overflow vulnerability because the software fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer. An attacker can exploit this issue to execute arbitrary code with administrative privileges. A successful attack can result in the complete compromise of the application. Failed attempts will likely result in denial-of-service conditions. All kadmind servers run on the master Kerberos server. Since the master server holds the KDC principal and policy database, an attack may not only compromise the affected computer, but could also compromise multiple hosts that use the server for authentication. Kerberos 5 kadmind 1.6 and prior versions are vulnerable.
Affected Products
- Apple Mac OS X 10.3.9
- Apple Mac OS X 10.4.9
- Apple Mac OS X Server 10.3.9
- Apple Mac OS X Server 10.4.9
- Debian Linux 3.1.0
- Debian Linux 3.1.0 Alpha
- Debian Linux 3.1.0 Amd64
- Debian Linux 3.1.0 Arm
- Debian Linux 3.1.0 Hppa
- Debian Linux 3.1.0 Ia-32
- Debian Linux 3.1.0 Ia-64
- Debian Linux 3.1.0 M68k
- Debian Linux 3.1.0 Mips
- Debian Linux 3.1.0 Mipsel
- Debian Linux 3.1.0 Ppc
- Debian Linux 3.1.0 S/390
- Debian Linux 3.1.0 Sparc
- Debian Linux 4.0
- Debian Linux 4.0 Alpha
- Debian Linux 4.0 Amd64
- Debian Linux 4.0 Arm
- Debian Linux 4.0 Hppa
- Debian Linux 4.0 Ia-32
- Debian Linux 4.0 Ia-64
- Debian Linux 4.0 M68k
- Debian Linux 4.0 Mips
- Debian Linux 4.0 Mipsel
- Debian Linux 4.0 Powerpc
- Debian Linux 4.0 S/390
- Debian Linux 4.0 Sparc
- Gentoo Linux
- Mandriva Corporate Server 3.0.0
- Mandriva Corporate Server 3.0.0 X86 64
- Mandriva Corporate Server 4.0
- Mandriva Corporate Server 4.0.0 X86 64
- Mandriva Linux Mandrake 2006.0.0
- Mandriva Linux Mandrake 2006.0.0 X86 64
- Mandriva Linux Mandrake 2007.0
- Mandriva Linux Mandrake 2007.0 X86 64
- Mandriva Linux Mandrake 2007.1
- Mandriva Linux Mandrake 2007.1 X86 64
- Mandriva Multi Network Firewall 2.0.0
- MIT Kerberos 5 1.0.0
- MIT Kerberos 5 1.0.6
- MIT Kerberos 5 1.0.8
- MIT Kerberos 5 1.1.0
- MIT Kerberos 5 1.1.1
- MIT Kerberos 5 1.2.0
- MIT Kerberos 5 1.2.1
- MIT Kerberos 5 1.2.2
- MIT Kerberos 5 1.2.2 -Beta1
- MIT Kerberos 5 1.2.3
- MIT Kerberos 5 1.2.4
- MIT Kerberos 5 1.2.5
- MIT Kerberos 5 1.2.6
- MIT Kerberos 5 1.2.7
- MIT Kerberos 5 1.2.8
- MIT Kerberos 5 1.3.0
- MIT Kerberos 5 1.3.0 -Alpha1
- MIT Kerberos 5 1.3.1
- MIT Kerberos 5 1.3.2
- MIT Kerberos 5 1.3.3
- MIT Kerberos 5 1.3.4
- MIT Kerberos 5 1.3.5
- MIT Kerberos 5 1.3.6
- MIT Kerberos 5 1.4.0
- MIT Kerberos 5 1.4.1
- MIT Kerberos 5 1.4.2
- MIT Kerberos 5 1.4.3
- MIT Kerberos 5 1.5.0
- MIT Kerberos 5 1.5.1
- MIT Kerberos 5 1.6.0
- MIT Kerberos 5 5.0.0 -1.0.X
- MIT Kerberos 5 5.0.0 -1.1
- MIT Kerberos 5 5.0.0 -1.1.1
- MIT Kerberos 5 5.0.0 -1.2Beta1
- MIT Kerberos 5 5.0.0 -1.2Beta2
- MIT Kerberos 5 5.0.0 -1.3.3
- MIT Kerberos 5 5.0.0 -1.3.4
- MIT Kerberos 5 5.0.0 -1.3.5
- MIT Kerberos 5 5.0.0 -1.3.6
- MIT Kerberos 5 5.0.0 -1.4
- MIT Kerberos 5 5.0.0 -1.4.1
- Novell KDC (Key Distribution Center) 1.0
- Pardus Linux 2007.1
- Red Hat Desktop 3.0.0
- Red Hat Desktop 4.0.0
- Red Hat Enterprise Linux AS 2.1
- Red Hat Enterprise Linux AS 3
- Red Hat Enterprise Linux AS 4
- Red Hat Enterprise Linux Desktop 5 Client
- Red Hat Enterprise Linux ES 2.1
- Red Hat Enterprise Linux ES 3
- Red Hat Enterprise Linux ES 4
- Red Hat Enterprise Linux WS 2.1
- Red Hat Enterprise Linux WS 3
- Red Hat Enterprise Linux WS 4
- Red Hat Linux Advanced Work Station 2.1.0
- rPath rPath Linux 1
- SGI ProPack 3.0.0 SP6
- Sun Solaris 10 X86
- Sun Solaris 8 Sparc
- Sun Solaris 8 X86
- Sun Solaris 9 Sparc
- Sun Solaris 9 X86
- SuSE Linux 10.0 Ppc
- SuSE Linux 10.0 X86
- SuSE Linux 10.0 X86-64
- SuSE Linux 10.1 Ppc
- SuSE Linux 10.1 X86
- SuSE Linux 10.1 X86-64
- SuSE Linux 9.3 X86
- SuSE Linux 9.3 X86-64
- SuSE openSUSE 10.2
- SuSE SUSE Linux Enterprise Desktop 10
- SuSE SUSE Linux Enterprise Server 10
- Trustix Operating System Enterprise Server 2.0
- Trustix Secure Linux 2.2.0
- Trustix Secure Linux 3.0.0
- Trustix Secure Linux 3.0.5
- Turbolinux Appliance Server 2.0
- Turbolinux Home
- Turbolinux Multimedia
- Turbolinux Personal
- Turbolinux 10 F...
- Turbolinux Turbolinux Desktop 10.0.0
- Turbolinux Turbolinux Server 10.0.0
- Turbolinux Turbolinux Server 10.0.0 X64
- Turbolinux Turbolinux Server 8.0.0
- Ubuntu Ubuntu Linux 5.10.0 Amd64
- Ubuntu Ubuntu Linux 5.10.0 I386
- Ubuntu Ubuntu Linux 5.10.0 Powerpc
- Ubuntu Ubuntu Linux 5.10.0 Sparc
- Ubuntu Ubuntu Linux 6.06 LTS Amd64
- Ubuntu Ubuntu Linux 6.06 LTS I386
- Ubuntu Ubuntu Linux 6.06 LTS Powerpc
- Ubuntu Ubuntu Linux 6.06 LTS Sparc
- Ubuntu Ubuntu Linux 6.10 Amd64
- Ubuntu Ubuntu Linux 6.10 I386
- Ubuntu Ubuntu Linux 6.10 Powerpc
- Ubuntu Ubuntu Linux 6.10 Sparc
References
- BugTraq: 23285
- CVE: CVE-2007-0957