CVE-2007-3999

Name of the Vulnerable Software and Affected Versions: MIT Kerberos 5 versions 1.4 through 1.6.2 nfs-utils-lib versions 1.0.6 nfs-utils-lib-devel versions 1.0.6 mit-krb5 versions prior to 1.5.3-r1

Description: The issue is related to a stack-based buffer overflow in the svcauth gss validate function in lib/rpc/svc auth gss.c in the RPCSEC GSS RPC library, which can be exploited remotely. This can lead to a denial of service (daemon crash) and potentially allow the execution of arbitrary code via a long string in an RPC message. The vulnerability can be exploited to disrupt the confidentiality, integrity, and availability of protected information.

Recommendations: For MIT Kerberos 5 versions 1.4 through 1.6.2, update to a version later than 1.6.2. For nfs-utils-lib versions 1.0.6, consider disabling the vulnerable component until a patch is available. For nfs-utils-lib-devel versions 1.0.6, restrict access to the vulnerable module to minimize the risk of exploitation. For mit-krb5 versions prior to 1.5.3-r1, update to version 1.5.3-r1 or later.