DEBIAN-CVE-2007-0957

DEBIAN-CVE-2007-0957 PUBLISHED CVSS 8.600000381469727 HIGH

Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Kerberos administration daemon (kadmind) and Key Distribution Center (KDC), in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via crafted arguments, possibly involving certain format string specifiers.

Risk Scores

CVSS v4.0

8.600000381469727

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
Debian:14	krb5	0, 0, 0
Debian:12	krb5	0, 0, 0
Debian:13	krb5	0, 0, 0
Debian:11	krb5	0, 0, 0

Timeline

Apr 6, 2007 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2007-0957 advisory

Open in Interactive Console →