CVE-2007-4000

Name of the Vulnerable Software and Affected Versions: mit-krb5 versions prior to 1.5.3 mit-krb5 versions 1.5 through 1.6.2

Description: The issue affects the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5). It is related to the kadm5 modify policy internal function in lib/kadm5/srv/svr policy.c, which does not properly check return values when the policy does not exist. This might allow remote authenticated users with the "modify policy" privilege to execute arbitrary code via unspecified vectors that trigger a write to an uninitialized pointer. Exploitation of the vulnerabilities can lead to a violation of confidentiality, integrity, and availability of protected information and can be performed remotely.

Recommendations: For mit-krb5 versions prior to 1.5.3, update to version 1.5.3 or later. For mit-krb5 versions 1.5 through 1.6.2, update to a version later than 1.6.2. As a temporary workaround, consider restricting access to the kadm5 modify policy internal function in the Kerberos administration daemon until a patch is available.