Search for vulnerabilities
Vulnerability details: VCID-v47a-s7t2-aaad
Vulnerability ID VCID-v47a-s7t2-aaad
Aliases CVE-2007-4000
Summary The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy" privilege to execute arbitrary code via unspecified vectors that trigger a write to an uninitialized pointer.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-264 Permissions, Privileges, and Access Controls
CWE-824 Access of Uninitialized Pointer
System Score Found at
rhas Important https://access.redhat.com/errata/RHSA-2007:0858
epss 0.07955 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.07955 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.07955 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.07955 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.07955 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.07955 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.07955 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.07955 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.07955 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.07955 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.07955 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.07955 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.07955 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.07955 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.07955 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.07955 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.07955 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.07955 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.09108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.10426 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.10426 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.10426 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.10426 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.10426 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.10426 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.10426 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.10426 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.10426 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.10426 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.17249 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.31791 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.31791 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.31791 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.31791 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.31791 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.31791 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.31791 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.31791 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.31791 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.31791 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.31791 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.31791 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.70108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.70108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.70108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
epss 0.70108 https://api.first.org/data/v1/epss?cve=CVE-2007-4000
cvssv2 8.5 https://nvd.nist.gov/vuln/detail/CVE-2007-4000
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4000.json
https://api.first.org/data/v1/epss?cve=CVE-2007-4000
https://bugzilla.redhat.com/show_bug.cgi?id=250976
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4000
http://secunia.com/advisories/26676
http://secunia.com/advisories/26680
http://secunia.com/advisories/26700
http://secunia.com/advisories/26728
http://secunia.com/advisories/26783
http://secunia.com/advisories/26987
http://securityreason.com/securityalert/3092
https://exchange.xforce.ibmcloud.com/vulnerabilities/36438
https://issues.rpath.com/browse/RPL-1696
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9278
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00087.html
http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-006.txt
http://www.gentoo.org/security/en/glsa/glsa-200709-01.xml
http://www.kb.cert.org/vuls/id/377544
http://www.mandriva.com/security/advisories?name=MDKSA-2007:174
http://www.novell.com/linux/security/advisories/2007_19_sr.html
http://www.redhat.com/support/errata/RHSA-2007-0858.html
http://www.securityfocus.com/archive/1/478794/100/0/threaded
http://www.securityfocus.com/bid/25533
http://www.securitytracker.com/id?1018647
http://www.vupen.com/english/advisories/2007/3051
cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*
CVE-2007-4000 https://nvd.nist.gov/vuln/detail/CVE-2007-4000
GLSA-200709-01 https://security.gentoo.org/glsa/200709-01
RHSA-2007:0858 https://access.redhat.com/errata/RHSA-2007:0858
No exploits are available.
Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2007-4000
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.91571
EPSS Score 0.07955
Published At May 7, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.