VulnerableCode Package Details - pkg:deb/debian/librpcsecgss@0.14-2

Search for packages

Vulnerability	Summary	Fixed by
VCID-2mjy-dvqd-aaae Aliases: CVE-2007-4743	The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and other applications that use krb5, does not correctly check the buffer length in some environments and architectures, which might allow remote attackers to conduct a buffer overflow attack.	0.18-1 Affected by 0 other vulnerabilities.
VCID-575x-bmgn-aaap Aliases: CVE-2007-3999	Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party applications that use krb5, allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long string in an RPC message.	0.18-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-2mjy-dvqd-aaae
Aliases:
CVE-2007-4743

The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and other applications that use krb5, does not correctly check the buffer length in some environments and architectures, which might allow remote attackers to conduct a buffer overflow attack.

0.18-1
Affected by 0 other vulnerabilities.

VCID-575x-bmgn-aaap
Aliases:
CVE-2007-3999

Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party applications that use krb5, allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long string in an RPC message.

0.18-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-21T17:13:10.794100+00:00	Debian Oval Importer	Affected by	VCID-2mjy-dvqd-aaae	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.3
2025-06-21T15:21:53.015630+00:00	Debian Oval Importer	Affected by	VCID-575x-bmgn-aaap	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.3
2025-06-20T23:45:42.466322+00:00	Debian Oval Importer	Affected by	VCID-2mjy-dvqd-aaae	None	36.1.3
2025-06-20T22:13:19.966810+00:00	Debian Oval Importer	Affected by	VCID-575x-bmgn-aaap	None	36.1.3
2025-06-08T09:54:44.970852+00:00	Debian Oval Importer	Affected by	VCID-2mjy-dvqd-aaae	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.0
2025-06-08T08:16:10.225792+00:00	Debian Oval Importer	Affected by	VCID-575x-bmgn-aaap	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.0
2025-06-07T17:08:35.151856+00:00	Debian Oval Importer	Affected by	VCID-2mjy-dvqd-aaae	None	36.1.0
2025-06-07T15:37:21.309399+00:00	Debian Oval Importer	Affected by	VCID-575x-bmgn-aaap	None	36.1.0
2025-04-08T08:26:58.923081+00:00	Debian Oval Importer	Affected by	VCID-2mjy-dvqd-aaae	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.0.0
2025-04-08T06:47:44.796521+00:00	Debian Oval Importer	Affected by	VCID-575x-bmgn-aaap	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.0.0
2025-04-07T15:42:08.321287+00:00	Debian Oval Importer	Affected by	VCID-2mjy-dvqd-aaae	None	36.0.0
2025-04-07T14:08:18.602853+00:00	Debian Oval Importer	Affected by	VCID-575x-bmgn-aaap	None	36.0.0