VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
rhas	Important	https://access.redhat.com/errata/RHSA-2007:0858
rhas	Important	https://access.redhat.com/errata/RHSA-2007:0913
rhas	Important	https://access.redhat.com/errata/RHSA-2007:0951
epss	0.19778	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.29941	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.29941	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.29941	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.29941	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.29941	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.29941	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.32947	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.96703	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.96703	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.96703	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.96703	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.96703	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.96876	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.96876	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.97021	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
epss	0.97021	https://api.first.org/data/v1/epss?cve=CVE-2007-3999
generic_textual	MODERATE	http://secunia.com/advisories/27756
cvssv2	10.0	https://nvd.nist.gov/vuln/detail/CVE-2007-3999
generic_textual	MODERATE	http://www.novell.com/linux/security/advisories/2007_24_sr.html

System

Score

Found at

rhas

Important

https://access.redhat.com/errata/RHSA-2007:0858

rhas

Important

https://access.redhat.com/errata/RHSA-2007:0913

rhas

Important

https://access.redhat.com/errata/RHSA-2007:0951

epss

0.19778

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.29941

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.29941

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.29941

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.29941

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.29941

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.29941

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.32947

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.96703

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.96703

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.96703

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.96703

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.96703

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.96876

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.96876

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.97021

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

epss

0.97021

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

generic_textual

MODERATE

http://secunia.com/advisories/27756

cvssv2

10.0

https://nvd.nist.gov/vuln/detail/CVE-2007-3999

generic_textual

MODERATE

http://www.novell.com/linux/security/advisories/2007_24_sr.html

Reference id

Reference type

URL

http://docs.info.apple.com/article.html?artnum=307041

http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html

http://lists.rpath.com/pipermail/security-announce/2007-September/000237.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3999.json

https://api.first.org/data/v1/epss?cve=CVE-2007-3999

https://bugzilla.redhat.com/show_bug.cgi?id=250973

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3999

http://secunia.com/advisories/26676

http://secunia.com/advisories/26680

http://secunia.com/advisories/26684

http://secunia.com/advisories/26691

http://secunia.com/advisories/26697

http://secunia.com/advisories/26699

http://secunia.com/advisories/26700

http://secunia.com/advisories/26705

http://secunia.com/advisories/26713

http://secunia.com/advisories/26728

http://secunia.com/advisories/26783

http://secunia.com/advisories/26792

http://secunia.com/advisories/26822

http://secunia.com/advisories/26896

http://secunia.com/advisories/26987

http://secunia.com/advisories/27043

http://secunia.com/advisories/27081

http://secunia.com/advisories/27146

http://secunia.com/advisories/27643

http://secunia.com/advisories/27756

http://secunia.com/advisories/29247

http://secunia.com/advisories/29270

http://security.gentoo.org/glsa/glsa-200710-01.xml

http://securityreason.com/securityalert/3092

https://exchange.xforce.ibmcloud.com/vulnerabilities/36437

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3162

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9379

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103060-1

http://sunsolve.sun.com/search/document.do?assetkey=1-66-201319-1

http://support.avaya.com/elmodocs2/security/ASA-2007-396.htm

https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00087.html

https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00173.html

http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt

http://www.debian.org/security/2007/dsa-1367

http://www.debian.org/security/2007/dsa-1368

http://www.gentoo.org/security/en/glsa/glsa-200709-01.xml

http://www.kb.cert.org/vuls/id/883632

http://www.mandriva.com/security/advisories?name=MDKSA-2007:174

http://www.mandriva.com/security/advisories?name=MDKSA-2007:181

http://www.novell.com/linux/security/advisories/2007_19_sr.html

http://www.novell.com/linux/security/advisories/2007_24_sr.html

http://www.redhat.com/support/errata/RHSA-2007-0858.html

http://www.redhat.com/support/errata/RHSA-2007-0913.html

http://www.redhat.com/support/errata/RHSA-2007-0951.html

http://www.securityfocus.com/archive/1/478748/100/0/threaded

http://www.securityfocus.com/archive/1/479251/100/0/threaded

http://www.securityfocus.com/bid/25534

http://www.securityfocus.com/bid/26444

http://www.securitytracker.com/id?1018647

http://www.trustix.org/errata/2007/0026/

http://www.ubuntu.com/usn/usn-511-1

http://www.us-cert.gov/cas/techalerts/TA07-319A.html

http://www.vupen.com/english/advisories/2007/3051

http://www.vupen.com/english/advisories/2007/3052

http://www.vupen.com/english/advisories/2007/3060

http://www.vupen.com/english/advisories/2007/3868

http://www.vupen.com/english/advisories/2008/0803/references

http://www.zerodayinitiative.com/advisories/ZDI-07-052.html

cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*

cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*

CVE-2007-3999

https://nvd.nist.gov/vuln/detail/CVE-2007-3999

GLSA-200709-01

https://security.gentoo.org/glsa/200709-01

GLSA-200710-01

https://security.gentoo.org/glsa/200710-01

RHSA-2007:0858

https://access.redhat.com/errata/RHSA-2007:0858

RHSA-2007:0913

https://access.redhat.com/errata/RHSA-2007:0913

RHSA-2007:0951

https://access.redhat.com/errata/RHSA-2007:0951

USN-511-1

https://usn.ubuntu.com/511-1/

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

There are no relevant records.

Vulnerability ID	VCID-575x-bmgn-aaap
Aliases	CVE-2007-3999
Summary	Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party applications that use krb5, allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long string in an RPC message.
Status	Published
Exploitability	2.0
Weighted Severity	9.0
Risk	10.0
Affected and Fixed Packages	Package Details

Percentile	0.9256
EPSS Score	0.19778
Published At	March 29, 2025, 12:55 p.m.