CVE-2007-2798
EPSS 30.7%
Description
Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.
How to fix CVE-2007-2798
To remediate CVE-2007-2798, upgrade the affected package to a fixed version below.
- Debian/krb5—upgrade to 1.6.dfsg.1-5 or later
Is CVE-2007-2798 being exploited?
Moderate — EPSS is 30.7%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 1.6.dfsg.1-5