MIT Kerberos Administration Daemon RPC Library Free Pointer Remote Code Execution Vulnerability

Bugtraq ID: 24655
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2007-2442
Remote: Yes
Local: No
Published: Jun 26 2007 12:00AM
Updated: Jun 24 2010 10:58AM
Credit: Wei Wang of McAfee Avert Labs is credited with the discovery of this vulnerability.
Vulnerable: VMWare ESX Server 3.0.2
VMWare ESX Server 3.0.1
VMWare ESX Server 3.0
VMWare ESX Server 2.5.4 Patch 5
VMWare ESX Server 2.5.4 Patch 3
VMWare ESX Server 2.5.4 Patch 1
VMWare ESX Server 2.5.4
VMWare ESX Server 2.5.3 Patch 8
VMWare ESX Server 2.5.3 Patch 7
VMWare ESX Server 2.5.3 Patch 6
VMWare ESX Server 2.5.3 Patch 5
VMWare ESX Server 2.5.3 Patch 4
VMWare ESX Server 2.5.3
VMWare ESX Server 2.1.3 Patch 5
VMWare ESX Server 2.1.3 Patch 2
VMWare ESX Server 2.1.3
VMWare ESX Server 2.0.2 Patch 5
VMWare ESX Server 2.0.2 Patch 4
VMWare ESX Server 2.0.2 Patch 2
VMWare ESX Server 2.0.2
VMWare ESX Server 2.5.3 Patch 2
VMWare ESX Server 2.1.3 Patch 1
VMWare ESX Server 2.0.2 Patch 1
VMWare ESX 2.1.3
Ubuntu Ubuntu Linux 7.04 sparc
Ubuntu Ubuntu Linux 7.04 powerpc
Ubuntu Ubuntu Linux 7.04 i386
Ubuntu Ubuntu Linux 7.04 amd64
Ubuntu Ubuntu Linux 6.10 sparc
Ubuntu Ubuntu Linux 6.10 powerpc
Ubuntu Ubuntu Linux 6.10 i386
Ubuntu Ubuntu Linux 6.10 amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
Turbolinux Turbolinux Server 10.0 x86
Turbolinux Turbolinux Server 10.0
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Server 10.0.0 x64
Turbolinux Turbolinux Desktop 10.0
Turbolinux Turbolinux 10 F...
TurboLinux Personal
TurboLinux Multimedia
Turbolinux Home
Turbolinux Appliance Server 2.0
Trustix Secure Linux 3.0.5
Trustix Secure Linux 3.0
Trustix Secure Linux 2.2
Trustix Secure Enterprise Linux 2.0
SuSE SUSE Linux Enterprise Server 10
SuSE SUSE Linux Enterprise SDK 10
SuSE Suse Linux Enterprise Desktop 10
SuSE Linux 10.1
SuSE Linux 10.0
Sun Solaris 10_x86
Sun Solaris 10_sparc
SGI ProPack 3.0 SP6
S.u.S.E. openSUSE 10.2
Redhat Enterprise Linux WS 4
Redhat Enterprise Linux WS 3
Redhat Enterprise Linux WS 2.1
Redhat Enterprise Linux ES 4
Redhat Enterprise Linux ES 3
Redhat Enterprise Linux ES 2.1
Redhat Enterprise Linux Desktop Workstation 5 client
Redhat Enterprise Linux Desktop 5 client
Redhat Enterprise Linux AS 4
Redhat Enterprise Linux AS 3
Redhat Enterprise Linux AS 2.1
Redhat Enterprise Linux 5 Server
Redhat Desktop 4.0
Redhat Desktop 3.0
Redhat arpwatch-2.1a11-1.i386.rpm
Redhat Advanced Workstation for the Itanium Processor 2.1
Novell KDC (Key Distribution Center) 1.0.2
Novell KDC (Key Distribution Center) 1.0
MIT Kerberos 5 1.6.1
MIT Kerberos 5 1.6
MIT Kerberos 5 1.5.4
MIT Kerberos 5 1.5.3
MIT Kerberos 5 1.5.2
MIT Kerberos 5 1.5.1
MIT Kerberos 5 1.5
MIT Kerberos 5 1.4.3
MIT Kerberos 5 1.4.2
MIT Kerberos 5 1.4.1
MIT Kerberos 5 1.4
MIT Kerberos 5 1.3.6
+ Gentoo Linux
+ Redhat Fedora Core3
+ Redhat Fedora Core2
+ Redhat Fedora Core1
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
MIT Kerberos 5 1.3.5
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
MIT Kerberos 5 1.3.4
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ Turbolinux Turbolinux Server 10.0
MIT Kerberos 5 1.3.3
MIT Kerberos 5 1.3.2
MIT Kerberos 5 1.3.1
MIT Kerberos 5 1.3 -alpha1
MIT Kerberos 5 1.3
MIT Kerberos 5 1.2.8
MIT Kerberos 5 1.2.7
MIT Kerberos 5 1.2.6
MIT Kerberos 5 1.2.5
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ Mandriva Linux Mandrake 9.0
+ Redhat Linux 8.0 i386
+ Redhat Linux 8.0
+ Turbolinux Home
+ Turbolinux Turbolinux 10 F...
+ Turbolinux Turbolinux Desktop 10.0
+ Turbolinux Turbolinux Server 8.0
+ Wirex Immunix OS 7+
MIT Kerberos 5 1.2.4
MIT Kerberos 5 1.2.3
MIT Kerberos 5 1.2.2 -beta1
MIT Kerberos 5 1.2.2
MIT Kerberos 5 1.2.1
MIT Kerberos 5 1.2
MIT Kerberos 5 1.1.1
- Redhat Linux 7.1 ia64
- Redhat Linux 7.1 i386
- Redhat Linux 7.1 alpha
- Redhat Linux 7.1
- Redhat Linux 7.0 i386
- Redhat Linux 7.0 alpha
- Redhat Linux 7.0
+ Redhat Linux 6.2 sparc
+ Redhat Linux 6.2 i386
+ Redhat Linux 6.2 alpha
+ Redhat Linux 6.2
MIT Kerberos 5 1.1
MIT Kerberos 5 1.0.8
+ OpenBSD OpenBSD 3.2
+ OpenBSD OpenBSD 3.1
MIT Kerberos 5 1.0.6
MIT Kerberos 5 1.0
Mandriva Linux Mandrake 2007.1 x86_64
Mandriva Linux Mandrake 2007.1
Mandriva Linux Mandrake 2007.0 x86_64
Mandriva Linux Mandrake 2007.0
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 4.0
HP HP-UX B.11.31
HP HP-UX B.11.23
HP HP-UX B.11.11
Gentoo Linux
Foresight Linux Foresight Linux 1.1
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0
Avaya Messaging Storage Server MM3.0
Avaya Message Networking MN 3.1
Avaya Message Networking
Avaya Aura Application Enablement Services 4.0
Apple Mac OS X Server 10.4.10
Apple Mac OS X Server 10.3.9
Apple Mac OS X 10.4.10
Apple Mac OS X 10.3.9
Not Vulnerable: VMWare ESX Server 2.5.4 Patch 10
VMWare ESX Server 2.5.3 Patch 13
VMWare ESX Server 2.1.3 Patch 8
VMWare ESX Server 2.0.2 Patch 8
Novell KDC (Key Distribution Center) 1.0.3
MIT Kerberos 5 1.6.2


 

Privacy Statement
Copyright 2010, SecurityFocus